The City hereby adopts the attached Identity Theft Prevention
Program in compliance with Part 681 of Title 16 of the Code of Federal
Regulations implementing Sections 114 and 315 of the Fair and Accurate
Credit Transactions Act (FACTA) of 2003. Said program is established
and designed to detect, prevent and mitigate identity theft in connection
with the opening of an account or an existing covered account and
to provide for continued administration of the programs pursuant to
federal regulations.
The purpose of this article is to establish an Identity Theft
Prevention Program designed to detect, prevent and mitigate identity
theft in connection with the opening of a covered account or an existing
covered account and to provide continued administration of the program
in compliance with Part 681 of Title 16 of the Code of Federal Regulations
implementing Sections 114 and 315 of the Fair and Accurate Credit
Transactions Act (FACTA) of 2003.
As used in this article, the following terms shall have the
meanings indicated:
COVERED ACCOUNT
A.
An account that a financial institution or creditor offers or
maintains primarily for personal, family or household purposes that
involves or is designed to permit multiple payments or transactions.
Covered accounts include credit card accounts, mortgage loans, automobile
loans, margin accounts, cell phone accounts, utility accounts, checking
accounts and savings accounts; and
B.
Any other account that the financial institution or creditor
offers or maintains for which there is a reasonably foreseeable risk
to customers or to the safety and soundness of the financial institution
or creditor from identity theft, including financial, operational,
compliance, reputation or litigation risks.
IDENTITY THEFT
Fraud committed or attempted using the identifying information
of another person without authority.
RED FLAG
A pattern, practice or specific activity that indicates the
possible existence of identity theft.
The program shall address the detection of red flags in connection
with the opening of covered accounts and existing covered accounts,
such as by:
A. Obtaining identifying information about, and verifying the identity
of, a person opening a covered account; and
B. Authenticating customers, monitoring transactions and verifying the
validity of change-of-address requests in the case of existing covered
accounts.
The program shall provide for appropriate responses to be detected
red flags to prevent and mitigate identity theft. The response shall
be commensurate with the degree of risk posed. Appropriate responses
may include:
A. Monitor a covered account for evidence of identity theft;
C. Change any passwords, security codes or other security devices that
permit access to a covered account;
D. Reopen a covered account with a new account number;
E. Not open a new covered account;
F. Close an existing covered account;
G. Notify law enforcement; or
H. Determine no response is warranted under the particular circumstances.
The program shall be updated periodically to reflect changes
in risks to customers or to the safety and soundness of the organization
from identity theft based on factors such as:
A. The experiences of the organization with identity theft.
B. Changes in methods of identity theft.
C. Changes in methods to detect, prevent and mitigate identity theft.
D. Changes in the types of accounts that the organization offers or
maintains.
E. Changes in the business arrangements of the organization, including
mergers, acquisitions, alliances, joint ventures, and service provider
arrangements.
The City of Mendota shall take steps to ensure that the activity
of a service provider is conducted in accordance with reasonable policies
and procedures designed to detect, prevent and mitigate the risk of
identity theft whenever the organization engages a service provider
to perform an activity in connection with one or more covered accounts.