[Congressional Record (Bound Edition), Volume 156 (2010), Part 13] [Senate] [Pages 18271-18272] [From the U.S. Government Publishing Office, www.gpo.gov]RED FLAG PROGRAM CLARIFICATION ACT OF 2010 Mrs. MURRAY. Madam President, I ask unanimous consent that the Senate proceed to the immediate consideration of S. 3987, introduced earlier today. The PRESIDING OFFICER. The clerk will report the bill by title. The assistant editor of the Daily Digest read as follows: A bill (S. 3987) to amend the Fair Credit Reporting Act with respect to the applicability of identify theft guidelines to creditors. There being no objection, the Senate proceeded to consider the bill. DEFINITION OF CREDITOR Mr. THUNE. Madam President, I wish to engage my colleagues Senator Dodd and Senator Begich in colloquy. I rise today in support of S. 3987, the Red Flag Program Clarification Act of 2010, legislation that Senator Begich and I have introduced to narrow the scope of section 114 of the Fair and Accurate Credit Transactions Act of 2003--the FACT Act. This section of the FACT Act directed financial regulatory agencies, including the Federal Trade Commission, FTC, to promulgate rules requiring ``creditors'' and ``financial institutions'' to implement programs to detect and respond to red flags--patterns, practices, or specific activities--that could indicate identity theft. The purpose of the Red Flag Program Clarification Act of 2010 is to identify and limit the type of ``creditor'' that must be covered. If the FTC's final red flags rule is implemented, this rule could require small businesses to undertake costly, burdensome measures to prevent identity theft in industries where it poses little threat. Identity theft is a serious problem, but the definition of ``creditor'' for purposes of the FTC's red flags rule is too broad and would cover small businesses that pose little risk to consumers. Under the legislation that Senator Begich and I are proposing, only a ``creditor'' that regularly and in the ordinary course of its business obtains or uses consumer reports in connection with a credit transaction, furnishes information to consumer reporting agencies in connection with a credit transaction, or advances funds would be required to develop and implement a written identity theft prevention and detection program. So, for example, an accountant would not become a creditor simply for obtaining a consumer report--with the permission of any consumer whose report is obtained--in order to examine the integrity of a company's management. And the legislation makes clear that an advance of funds does not include a creditor's payment in advance for fees, materials, or services that are incidental to the creditor's ability to provide another service that a person initiated or requested, such as the advance payment of expert witness fees by a lawyer to support the representation of a client. Any other type of creditor may only be covered through a rulemaking based upon an agency's determination that these types of creditors offer or maintain accounts that pose a reasonably foreseeable risk of identity theft. Such creditors would receive notice that they could be covered by a rule, and there would be a public airing of the issues when the proposed rule is published for notice and comment. Could Senator Dodd, as chairman of the committee of jurisdiction, the Senate Banking Committee, provide us with some context regarding the legislation under which the FTC's rule was promulgated? Mr. DODD. Gladly. The FTC's red flags rule implementing section 114 of the FACT Act became effective on January 1, 2008. The rule applied to ``creditors,'' defined under the FACT Act the same way as in the Equal Credit Opportunity Act, ECOA, to include any person that sells a product or service for which the consumer can pay later. After the red flags rule became final, many businesses and other entities indicated that they were not aware that they would be covered by this rule. At [[Page 18272]] first, the FTC delayed enforcement of the rule several times to allow these entities time to come into compliance with the rule. Then, a number of professional organizations, including the American Bar Association and the American Medical Association, sued the FTC for taking the position that professionals were ``creditors'' when they allowed consumers to pay later, and would have to comply with its red flags rule. On May 28, 2010, the FTC announced that it would delay enforcing its red flags rule through December 31, 2010, and asked Congress to pass legislation that would resolve any questions about which entities should be covered as ``creditors'' and to obviate the need for further enforcement delays. Mr. BEGICH. I thank the Senator. Unless this bipartisan bill becomes law, many small businesses for which identity theft is not a threat could be required to spend time and effort to comply with the red flags rule implementing the FACT Act. This could require them to take time away from growing their businesses and creating jobs. Small businesses are the economic driver of our country, and in a time of high unemployment and stagnant economic growth, businesses should be focused on job creation, and should not have to spend the money to comply with regulatory burdens disproportionate to the scope of the identity theft problem. This bill would address what the chairman of the FTC, Jon Leibowitz, called ``the unintended consequences of the legislation establishing the red flags rule.'' While this list isn't exclusive, many small businesses such as doctor's and dentist's offices, pharmacies, veterinary clinics, accounting offices, and other types of health care providers and other service providers were classified as ``creditors'' because they sometimes let clients pay after they provide their services. This legislation makes clear that these small businesses should not be swept under the red flags rule in the future just because they allow payment to be deferred, when they don't offer or maintain accounts that pose a reasonably foreseeable risk of identity theft. I would ask the chairman of the Banking Committee if he agrees with my description of what the Red Flag Program Clarification Act of 2010 will accomplish? Mr. DODD. Yes, I agree that this bill narrows the applicability of the red flag identity theft provisions of the FACT Act to cover those creditors where identity thieves can do the most harm--creditors that use consumer reports, furnish information to consumer reporting agencies, and other creditors that loan money, such as payday lenders, that do not necessarily use consumer reports or furnish information to consumer reporting agencies. The legislation also makes clear that lawyers, doctors, dentists, orthodontists, pharmacists, veterinarians, accountants, nurse practitioners, social workers, other types of health care providers an other service providers will no longer be classified as ``creditors'' for the purposes of the red flags rule just because they do not receive payment in full from their clients at the time they provide their services, when they don't offer or maintain accounts that pose a reasonably foreseeable risk of identity theft. Mr. THUNE. I applaud the FTC's cooperation in delaying implementation of their red flags rule to wait for congressional clarification on this issue and thank Senator Dodd for his assistance in drafting this legislation. I am confident that our efforts to provide a legislative solution that protects consumers and businesses alike can be achieved through this legislation. Mrs. MURRAY. Madam President, I ask unanimous consent that the bill be read a third time and passed, the motion to reconsider be laid upon the table, and that any statements be printed in the Record. The PRESIDING OFFICER. Without objection, it is so ordered. The bill was ordered to be engrossed for a third reading, was read the third time, and passed, as follows: S. 3987 Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled, SECTION 1. SHORT TITLE. This Act may be cited as the ``Red Flag Program Clarification Act of 2010''. SEC. 2. SCOPE OF CERTAIN CREDITOR REQUIREMENTS. (a) Amendment to FCRA.--Section 615(e) of the Fair Credit Reporting Act (15 U.S.C. 1681m(e)) is amended by adding at the end the following: ``(4) Definitions.--As used in this subsection, the term `creditor'-- ``(A) means a creditor, as defined in section 702 of the Equal Credit Opportunity Act (15 U.S.C. 1691a), that regularly and in the ordinary course of business-- ``(i) obtains or uses consumer reports, directly or indirectly, in connection with a credit transaction; ``(ii) furnishes information to consumer reporting agencies, as described in section 623, in connection with a credit transaction; or ``(iii) advances funds to or on behalf of a person, based on an obligation of the person to repay the funds or repayable from specific property pledged by or on behalf of the person; ``(B) does not include a creditor described in subparagraph (A)(iii) that advances funds on behalf of a person for expenses incidental to a service provided by the creditor to that person; and ``(C) includes any other type of creditor, as defined in that section 702, as the agency described in paragraph (1) having authority over that creditor may determine appropriate by rule promulgated by that agency, based on a determination that such creditor offers or maintains accounts that are subject to a reasonably foreseeable risk of identity theft.''. (b) Effective Date.--The amendment made by this section shall become effective on the date of enactment of this Act. The PRESIDING OFFICER. The Senator from Washington. ____________________