On April 10th, the CFTC and SEC adopted new final rules and guidelines requiring certain regulated entities to establish programs to address risks of identity theft. The rules require financial institutions and creditors to develop and implement a written identity theft prevention program designed to detect, prevent, and mitigate identity theft in connection with certain existing accounts or the opening of new accounts. The rules include guidelines to assist entities in the formulation and maintenance of programs that would satisfy the requirements of the rules. The rules are effective 30 days after publication in the Federal Register, which is expected shortly. CFTC Press Release; SEC Press Release (with fact sheet).