Release Number 6192-12

February 28, 2012

CFTC Proposes Rules to Help Prevent and Detect Identity Theft

Washington, DC – The Commodity Futures Trading Commission (CFTC) has approved for publication in the Federal Register proposed rules to help protect investors from identity theft by ensuring that futures commission merchants, introducing brokers, commodity pool operators and other CFTC-regulated entities create programs to detect and respond appropriately to red flags.

The CFTC issued the proposed rules jointly with the Securities and Exchange Commission (SEC). Section 1088 of the Dodd-Frank Act transferred authority over certain parts of the Fair Credit Reporting Act from the Federal Trade Commission (FTC) to the CFTC and the SEC for entities they regulate. The proposed rules are substantially similar to rules adopted in 2007 by the FTC and other federal financial regulatory agencies.

The proposed rules would require CFTC-regulated entities to adopt a written identity theft program that would include reasonable policies and procedures to:

    • Identify relevant red flags;

    • Detect the occurrence of red flags;

    • Respond appropriately to the detected red flags; and

    • Periodically update their programs.

The rule would include guidelines and examples of red flags to help firms administer their programs.

The proposed rules will be published in the Federal Register and comments must be received on or before 60 days after publication.

Last Updated: February 28, 2012