AICPA Calls for CPA Exemption From Recently Delayed Red Flags Rule

BY MATTHEW G. LAMOREAUX

The AICPA on Tuesday asked the Federal Trade Commission (FTC) to exempt CPAs from certain provisions of its Red Flags Rule to prevent identity theft. The current action by the AICPA follows an FTC announcement last week that it would delay enforcement of the rule until Nov. 1.

 

The Red Flags Rule, which was released Nov. 9, 2007, under the Fair and Accurate Credit Transactions Act of 2003 , requires businesses and organizations within its scope to implement a written identity theft prevention program to detect warning signs of identity theft in their day-to-day operations. Enforcement of the rule has been postponed three times since the original Nov. 1, 2008, effective date.

 

The rule applies to what it calls “financial institutions” and “creditors.” However, according to the FTC Web site, the definition of “creditor” in the rule is broad, and includes businesses or organizations that regularly provide goods or services first and allow customers to pay later. As examples, the FTC says utilities, health care providers, lawyers, accountants, and other professionals, and telecommunications companies may fall within the definition.

 

“We are concerned with the potentially broad application of the Red Flags Rule to the accounting profession, and do not believe that there is any reasonably foreseeable risk of identity theft when CPA clients are billed for services rendered,” wrote AICPA CEO Barry Melancon in an Aug. 4 letter to the FTC.

 

Melancon pointed out that CPAs are personally acquainted with their clients and adhere to strict privacy requirements related to identifying information. “We suggest that the likelihood of misrepresentation or theft of one’s identity is so low that the burdens associated with the Rules’ requirements outweigh the benefits,” he wrote.

 

The AICPA has also asked state CPA societies to write to the FTC and to their representatives in Congress about this issue.

 

—Matthew G. Lamoreaux is a JofA senior editor. His e-mail address is mlamoreaux@aicpa.org.

 

SPONSORED REPORT

Time to prepare for overtime changes

As an employer, trusted business adviser, or HR professional, you will need to be aware of exemption guidance, record requirements, advice for clients, and typical problems in applying overtime pay.

QUIZ

News quiz: Points awarded and points made

Take this short quiz to see how much you know about recent news, including an index that gauges Americans’ financial outlook and a survey that provides insight into the use of credit card travel rewards.

CHECKLIST

Bolster your data defenses

As you weather the dog days of summer, it’s a good time to make sure your cybersecurity structure can stand up to the heat of external and internal threats. Here are six steps to help shore up your systems.