The Federal Trade Commission or FTC is really the first stop for recovering identity theft victims. But their real focus is to protect you and help you fight back against identity theft. Their role in some forms of identity theft is limited, for example medical identity theft or criminal identity theft. However when dealing with financial identity theft, they have a watchful eye.
When you go to the main web site for the FTC you can find a copy of Taking Charge: What To Do if Your Identity is Stolen (PDF), the resource guide for recovering if you’re a victim. There is also a link to file a fraud affidavit with the FTC if you’re a victim of identity theft.
This is a very important document if you are an identity theft victim trying to recover. Along with a police report, this is what any business will want from you before taking corrective action on a bad account. It’s probably a good idea to get it notarized as well. Although the Federal Trade Commission does not require this, some companies will.
When disputing a fraudulent account, you will need to provide copies of the police report and fraud affidavit. A copy is all they need, so keep the original. You can always make more copies of that if you need to.
Some businesses still do not understand what actions they must take, and more specifically, what information they must provide to identity theft victims. When you have given them this information they must provide you with copies of all transaction records relating to your identity theft. This includes applications for credit, invoices, and transaction records. And they must be provided within 30 days of your written request. This is required by Section 609(e) of the Fair Credit Reporting Act (FCRA). They do have the right to refuse this information if they cannot prove you are you say you are, but reminding them of the wall usually does the trick when you feel like you are getting stonewalled. You may even want to print a copy of the FTC publication.
They also have information for businesses to help protect against data breach (PDF) and business identity theft (PDF). Although there are identity theft laws on the books for the criminals who commit the crimes, there are far more regulations for businesses to follow. Laws like the Fair Credit Reporting Act (FCRA) and the Fair Debt Collections Practices Act (FDCPA) cover financial institutions, the Health Information Portability and Accountability Act (HIPAA) covers medical information, while the Fair and Accurate Credit Transactions Act (FACTA) covers all businesses in general.
In other words, business owners have at least one law they must comply with if they’re doing business. This includes not for profits and charitable organizations.
The Federal Trade Commission understands that the best way to fight identity theft is through public education. In fact if you’re interested, they will provide you with materials to do your own identity theft seminar. (Just be careful if you do, the more you understand about identity theft, the greater your concerns will be.)