FTC Red Flag Enforcement Begins January 1, 2011: In May 2010, the FTC once again extended the enforcement date of its Red Flags rule through December 31, 2010. The FTC has not issued a further extension. Therefore, by January 1, 2011, businesses that maintain covered accounts must have implemented a written identity theft prevention program that has been approved by the company’s board or an appropriate board committee. This enforcement deadline does not affect the enforcement of the “Red Flags Rule” already in place for financial institutions and creditors that are regulated by the federal bank regulatory agencies or the National Credit Union Administration.