Experience 19 is coming! Join us in San Francisco to discover, think big and pave the road ahead... Experience 19 is coming!
Join us in San Francisco
Register Today

Red Flags Identity Theft Plan Policy Manual

The Identity Theft Red Flags & Address Discrepancies Final Rule under the FACT Act, known as the Red Flags Rule, mandates that all mortgage lenders and brokers must have a written identity theft plan to detect, prevent and mitigate identity theft in connection with certain financial accounts. In addition, the Red Flags Rule requires identity theft detection training for employees who are in the position to detect identity theft, including loan originators, sales managers, and processors. The guidelines accompanying the final rule are designed to assist financial institutions and creditors in formulating and maintaining an identity theft program that satisfies the requirements of the new rule.


This allows you more time to focus on what you need to address and AllRegs can help! All recommended elements for a Red Flags Rule written policy required by regulatory agencies are completely covered in the Red Flags Identity Theft Plan Policy Manual. It serves as a clear directive for compliance officers to implement a successful Identity Theft Program, as required by the Red Flags Rule.

Suitable as a component for other company-wide training, the plan includes key workflow steps for processors and underwriters. It also includes a summary of each federal regulation that is related to the new law.

Several federal offices require implementation or access to this manual, including:

  • The Board of Governors of the Federal Reserve System,
  • The Office of the Comptroller of the Currency,
  • The Board of Directors of the Federal Deposit Insurance Corporation,
  • The National Credit Union Administration,
  • The Securities and Exchange Commission, or
  • The Commodity Futures Trading Commission (as applicable)


The plan features the following benefits:

  • NEW! Interactive Red Flag Checklists!
  • Complete AllRegs' Red Flags Identity Theft Plan Policy Manual, saving you development time and resources
  • The policy is delivered via email within one business day after purchase
  • Applicable for management, employees, and third-party service providers based on your business model
  • Ability to update your plan to suit the business model of your organization
  • Meet your regulatory or internal compliance requirements
  • Affordable one-time purchase fees

Optional Services

Maintenance: Receive regular and ongoing industry updates to keep your policy within regulatory requirements.

Publishing: Publish your manual, including your company procedures, in AllRegs Online to complete your policy manual solution.

Contact your account manager for information regarding these optional services!

Policy Manual
Red Flags Identity Theft Plan
Section Title Priority Action
1.1 Goals and Objectives Mandatory Review Include the point of view or culture of your organization in this section, if applicable. It is recommended that you develop the quality control plan in agreement with the risk management and compliance management systems of your company.
1.2 Required Review Mandatory Review Be sure this accurately reflects your company’s annual policy review process.
2.1 Internal Controls Mandatory Review Include or reference related procedures in this section.
3 Staff and Training Mandatory Review Include the means by which your organization provides and tracks required training.
5.3 Sample Size Recommended Best Practice Augment this section with the actual sample size based on the organization’s portfolio.
6.1 Required Documentation Optional Enhancement If you service FHA loans, make reference here to the locations and/or names of the documents as required by FHA.
7.1 Quality Control Plan Contents (Fannie Mae ) Optional Enhancement If you service Fannie Mae loans, identify here the quality control plan you have in place that aligns with Fannie Mae requirements.
8.1 Minimum Quality Control Program Requirements (Freddie Mac) Optional Enhancement If you service Freddie Mac loans, identify here the quality control plan you have in place that aligns with Freddie Mac requirements.
9 VA Quality Control Requirements Optional Enhancement If you service VA loans, identify here the quality control plan you have in place that aligns with VA requirements.
11.11 Collections and Default Servicing Recommended Best Practice Validate that these or similar policies exist within the organization. If you do not have policies in place, revise this section to reflect the current state of operations.