The Federal Trade Commission again is pushing back the deadline for financial institutions and creditors to comply with the Red Flags Rules.
This marks the fourth time the agency has delayed the deadline, now set for June 1, 2010. The rule had been scheduled to take effect Sunday.
The latest enforcement extension comes at the request of members of Congress, the agency said in a Friday announcement.
The Red Flags Rules, developed in accordance with the Fair and Accurate Credit Transactions Act of 2003 (FACTA), require financial institutions and other organizations classified as “creditors” to develop programs to identify, detect and respond to indications of identity theft.
But the rules have been met with opposition, resulting in three other delays. Some organizations complained that the provision was written too broadly. Others simply said they were unprepared to meet the requirements. The rules originally were to begin being enforced on Nov. 1, 2008.
A bill passed last Month in the U.S. House of Representatives would amend FACTA and exclude health care, accounting and legal practices with 20 or fewer employees from having to comply with the regulations. On Friday, a U.S. District Court in Washington, D.C. ruled that the FTC may not apply the rules to attorneys.
An accounting trade association cheered the delay, saying accounting firms that are billing for services rendered do not pose an identity theft risk to their clients.
"We appreciate the commission's continuing consideration of our request for a CPA exemption," said Barry Melancon, president and CEO of the American Institute of Certified Public Accountants, in a statement. "We are concerned about the potentially broad application of the Red Flags Rules to the accounting profession."