Red Flag compliance requires a concise policy and procedure for preventing and addressing breaches. This manual must include a complete List of the financial institution’s offerings and services. The manual should also Contain information regarding BSA requirements, information security, ID Theft Program and all other affected policies and procedures in place.
These policies among other things must recognize the shortcoming identified from the risk assessment and put forth a plan for “bridging those gaps”. Policies and procedures must be defined in writing and have the respective financial institution’s board approval.
An overview list of some areas that an effective Policies and Procedures Manual will cover but not be limited to the following: