I have been speaking with Tammy Imhoff, who is our resident FTC insider, about the application of the FTC’s new “red flag rules” to 401(k) plans. For those who aren’t familiar with them, these rules require financial institutions or creditors that have “covered accounts” to develop prevention programs that identify “red flags” for possible identity theft.
There have been a number of questions about whether these rules apply to 401(k) plans. Tammy tells me that, in a copyrighted report from BNA’s Anti-Trust and Trade Regulation Daily, an FTC official (attorney Manas Mohaptra) has stated that the rules generally do not apply to 401(k) plan loans. This is apparently true even if the employer is a financial institution or other entity that would otherwise be subject to the rules.
You can find more information about the red flags rule here.