GUIDANCE ON PROTECTION OF CUSTOMER FINANCIAL INFORMATION AGAINST IDENTITY THEFT.

The Federal Reserve Board announced on April 30, 2001, the issuance of supervisory guidance addressing how banking organizations should protect customer information against identity theft.

Recommended steps to safeguard information include establishing procedures to verify the identity of individuals applying for financial products, to prevent fraudulent address changes, and to block pretext callers from using personal information to impersonate account holders and gain access to account information.

Guidance is also provided to banking organizations on completing Suspicious Activity Reports for reporting offenses associated with identity theft and pretext calling that are filed with law enforcement agencies.

The guidance is consistent with the Gramm-Leach-Bliley Act, which directs the Board and other federal agencies to ensure that financial institutions have policies, procedures, and controls in place to prevent the unauthorized disclosure of customer financial information and to deter and detect fraudulent access to such information.

Supervision and Regulation (SR) Letters are the Federal Reserve's primary means of communicating key policy directives to its examiners, supervisory staff, and the banking industry. The guidance is contained in SR Letter 01-11, Identity Theft and Pretext Calling, which can be accessed on the Board's web site at www.federalreserve.gov/boarddocs/srletters