Red Flags page 6
should supplement this general instruction, as necessary, with separate rules or
protocols containing detailed detection procedures. All supplemental rules or
protocols shall be maintained as documents separate from this Regulation and
shall be maintained by the Program Administrator.
2. Opening of Covered Accounts. In order to detect Red Flags, university
personnel shall obtain and verify the identity of the person opening the
account. As part of this process university personnel may:
• Require the person to provide Identifying Information such
as name, date of birth, academic records, home address or
other identification;
• Verify the individual’s identity at time of issuance of
individual identification card (review of driver’s license or
other government-issued photo identification); or
• Use other safeguards appropriate to the situation, such as
safeguards of a Customer Identification Program (32 CFR
103.121), as required for each identified account situation.
3. Existing Accounts. In order to detect Red Flags concerning an existing
Covered Account, university personnel shall monitor transactions on the account.
As part of this process university personnel may:
• Verify the identification of individuals if they request
information (in person, via telephone, via facsimile, via
email);
• Verify the validity of requests to change billing addresses by mail
or email and provide the individual a reasonable means of
promptly reporting incorrect billing address changes;
• Verify changes in banking information given for billing and
payment purposes; or
• Use other safeguards appropriate to the situation, such as
safeguards of a Customer Identification Program (32 CFR
103.121), as required for each identified account situation.
4 Consumer (“Credit”) Report Requests. In order to detect Red Flags
concerning an employment or volunteer position for which a credit or
background report is sought, or other situations where the University seeks
consumer reports, university personnel shall monitor for address discrepancies.
As part of this process university personnel may:
• Require written verification from any applicant that the address
provided by the applicant is accurate at the time the request for the
credit report is made to the consumer reporting agency;
• If notice of an address discrepancy is received, verify that the
credit report pertains to the applicant for whom the requested
report was made and report to the consumer reporting agency an