Financial institutions are prime targets of identity theft because they hold their customers money and store large quantities of personal data, so rules issued by Federal regulators on steps these companies must take to prevent ID theft could increase their potential liability. Under the final rules issued by the Federal Trade Commission (FTC) and other Federal regulatory agencies, all financial institutions will be required to develop and implement a program to prevent identity theft on new and existing consumer accounts. The program must include reasonable policies and procedures for detecting, preventing, and mitigating ID theft and enable a financial institution or creditor to: identify relevant patterns, practices, and specific forms of activity that are Ã¢â‚¬Å“red flagsÃ¢â‚¬ signaling possible identity theft and incorporate those red flags into the program; detect red flags that have been incorporated into the program; respond appropriately to any red flags that are detected to prevent and mitigate ID theft; and ensure the program is updated periodically to reflect changes in risks from ID theft. The rules, which implement sections of the Fair and Accurate Credit Transactions Act of 2003, take effect January 1, 2008. Covered financial institutions and creditors have until November 1, 2008, to comply. Check out further I.I.I. facts & stats on ID theft.