Identity theft certifications issued by Identity Management Institute offer professional credibility, knowledge, employment opportunity, and career advancement. Organizations which employ identity theft certified professionals invest in valuable defense against identity fraud which affects the enterprise and their customers or members.

Identity theft and data protection certifications by Identity Management Institute

An increasing number of companies and government agencies recognize the growing identity theft threats facing businesses and consumers as well as the need for well educated, trained and qualified professionals to mitigate identity theft risks. Employee error is a major root cause of many data breach incidents which contribute to the rising identity theft epidemic. Therefore, trained and certified professionals in identity theft management are needed to take the lead within organizations to minimize risks, educate their employees as well as their customers, and ensure compliance with regulations. Consequences of identity theft are enormous which include lawsuits, fines and penalties, public relations nightmare, high cost of identity theft resolution, damaged business reputation, lost customer loyalty, and low productivity to name a few.

There are specialized identity theft certifications from which professionals can choose to complement their overall expertise and knowledge. For example, the US government recognized a few years ago that consumers continue to be vulnerable to identity theft due to the business failure to prevent identity theft and protect their customers.

Assuming that businesses will continue to lose personal data and fail to prevent identity theft in their daily operations, the US government introduced the Red Flags Rule to provide specific guidelines for preventing identity theft and force companies to take the necessary measures to protect themselves and their customers against identity theft. “The Red Flags Rule fills the gap in the fight against identity theft whereby regardless of how or from where consumer data is stolen, criminals can not use that data to commit identity fraud at any business where identity fraud is possible” says Henry Bagdasarian, Founder of Identity management Institute. However, for businesses to be successful in their identity theft prevention efforts and comply with the regulations, they must hire experts with identity theft certifications who can design, implement, and maintain an identity theft prevention program. Many companies are now required to design and implement a comprehensive program to identify and detect identity theft red flags, and prevent fraud cases resulting from identity theft. However for the program to successful, key employees, consultants and auditors of companies must be educated, trained and certified in identity theft prevention techniques.

Identity Theft Certifications

Below is a list of three identity theft certifications offered by Identity Management Institute and a brief description for each to illustrate how they complement each other by targeting a specific  risk area in the identity theft cycle for a complete identity theft management coverage:

Certified Red Flag Specialist (CRFS) workplace identity theft prevention certification.The Certified Red Flag  Specialist (CRFS) is the leading workplace identity theft certification which is designed for professionals who help businesses prevent account fraud in connection with opening new accounts or existing account activities, complying with identity fraud prevention laws, and reducing fraud costs and related waste. CRFS is the recognized identity theft prevention training and certification which is designed in close alignment with the US government requirements set forth in the Red Flags Rule regulation.

Certified Identity Protection Advisor (CIPA) consumer identity theft certificationWhereas the CRFS professionals help businesses prevent account fraud resulting from identity theft without consumer involvement, the Certified Identity Protection Advisor (CIPA) is a consumer centric program designed for professionals who serve consumers and business customers to protect their identities through awareness and education, credit report management, and identity theft victim resolution services. Consumer identity theft laws define business obligations and consumer rights which are designed to protect consumers from identity theft which may affect their accounts, credit worthiness and ability to borrow money, and credit reports.

Lastly, the Certified in Data Protection (CDP) professionals aim to limit data breach incidents within their organizations which can lead to personal data disclosure, identity theft, and fraud. CDP experts are able to identify and secure Personally Identifiable Information or PII in their business environment. They are also capable of responding to data breach incidents, ensure compliance with data protection laws, and have knowledge about operational and system security controls. Data protection laws such as the General Data Protection Regulation or GDPR  in the EU are increasingly requiring data protection experts to also be familiar with system security controls in addition to the operational and reporting aspect of the privacy laws. CDP is an exceptional certification which consolidates privacy and security best practices.

Learn about all Identity Management Institute certifications.

Identity Management Institute offers an Identity Theft Prevention Program certification service as part of its global and independent solutions. Due to the rise in identity theft cases which affect businesses as well as their customers and partners, many businesses are required by law to have a formal Identity Theft Prevention Program (“Program”) to identify, detect, and prevent identity theft in their day to day business operations. By instituting and enforcing identity theft prevention laws, the regulators intend to protect consumers from the consequences of identity theft which mainly affect their credit score and credit worthiness for obtaining loans on a timely basis. In the United States (“US”), the law requiring businesses to design and implement an identity theft prevention program is the Red Flags Rule.

The Identity Theft Prevention Program certification and audit is designed to provide businesses a reasonable assurance that their Program is in place and operating effectively. The Program certification also allows businesses to display their readiness for protecting their customers from the rising risks of identity theft and compliance with regulatory requirements. Many organizations require their business partners and third party vendors to provide evidence of their compliance with identity theft laws. The independent certificate of compliance issued by Identity Management Institute can be used by businesses to provide the necessary compliance evidence to their customers, business partners, and regulators.

A complete and effective Program is designed to detect, prevent, and mitigate identity theft activity in connection with the opening of new accounts or with existing accounts. The Program must be consistent with various laws, rules, and regulations. In the US, rules and regulations covering identity theft include:

  • Fair and Accurate Credit Transactions Act of 2003 (“FACTA”) of the Fair Credit Reporting Act (“FCRA”) – Sections 114 and 315
  • Provisions of the Dodd-Frank Wall Street Reform and Consumer Protection Act (amended section 615(e) of the FACTA)
  • The Securities and Exchange Commission (“SEC”) [17 Code of Federal Regulations (“CFR”) – Part 248, subpart C “Regulation S-ID: Identity Theft Red Flags”].
  • Commodity Futures Trading Commission (“CFTC”) [17 CFR Part 162, subpart C “Identity Theft Red Flags”].
  • Section 326 of the United and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (“USA PATRIOT Act”) requiring verification of the identity of persons opening new accounts through a Customer Identification Program (“CIP”) [31 CFR Part 103.122].
  • Federal Financial Institutions Examination Council (FFIEC) guidance entitled
    Authentication in an Internet Banking Environment requiring financial institution offering Internet-based products and services to their customers to use effective methods to authenticate the identity of customers.

The Program certification process is an annual process which will validate an organization’s compliance with the regulations which include but are not limited to the following requirements:

  • A written and comprehensive Program which reflects changes in risk to customers or to the safety and soundness of the organization;
  • Program approval by the Board of Directors or its committee and senior management;
  • The designation of an Identity Theft Program Administrator;
  • Existence of a Customer Identification Program “CIP”;
  • Procedures for monitoring, detecting, and mitigating identity theft red flag during new account opening and ongoing account activities;
  • Authenticating account access and transactions for new and existing accounts;
  • Providing employee training concerning the Program and the procedures to review suspicious activities relevant to identity theft;
  • Providing customer identity theft awareness and education including techniques to help mitigate identity theft risks;
  • Oversight of service providers; and
  • Filing the necessary reports with governmental agencies.

Visit this page for additional information about identity theft prevention program services.