§ 2-254. Program established; purpose.  

(a)

The ordinance from which this article is derived is enacted to establish an identity theft prevention program designed to detect, prevent and mitigate identity theft in connection with the opening of a covered account or an existing covered account and to provide for continued administration of the program in compliance with federal "red flag" rules.

(b)

The red flags rule ("rule") defines the term "identity theft" as fraud committed using the identifying information of another person and the term "red flag" as a pattern, practice, or specific activity that indicates the possible existence of identity theft.

(c)

Under the rule, every financial institution and creditor is required to establish an identity theft prevention program tailored to its size, complexity and the nature of its operation. The program must contain reasonable policies and procedures to:

(1)

Identify relevant red flags for new and existing covered accounts and incorporate those red flags into the program;

(2)

Detect red flags that have been incorporated into the program;

(3)

Respond appropriately to any red flags that are detected to prevent and mitigate identity theft; and

(4)

Ensure the program is updated periodically, to reflect changes in risks to customers or to the safety and soundness of the creditor from identity theft.