Accountants’ Association Fights Red Flags Rule

The American Bar Association isn’t the only group of professionals trying to exempt itself from the Federal Trade Commission’s “Red Flags Rule.” According to a lawsuit filed this week by the American Institute of Certified Public Accountants, the association is seeking an injunction that would bar the FTC from applying the Red Flags Rule to certified public accounting firms (see the corresponding news release).

Because they bill clients for services, CPA firms could qualify as creditors falling under the rule’s jurisdiction—a distinction with which the AICPA takes issue. “We do not believe that there is any reasonably foreseeable risk of identity theft when CPA clients are billed for services rendered,” AICPA President and CEO Barry Melancon is quoted in the AICPA statement. “As trusted advisors, CPAs are personally acquainted with their clients and already adhere to strict privacy requirements governing identifying information.”

The Red Flags Rule requires that banks and creditors implement written identity theft prevention programs to help identify, detect, and respond to patterns, practices, or specific activities ("red flags") that could indicate identity theft. A product of the Fair and Accurate Credit Transactions Act (FACTA), the rule has already been applied to the activities of banks and credit unions. But enforcement of the law as it pertains to other businesses had been delayed, most recently to June 2010.

As the blog of Legal Times points out, the American Bar Association has already won a legal exemption for practicing lawyers. The AICPA hopes to follow suit, arguing that “the FTC has acted arbitrarily, capriciously, and contrary to law by failing to articulate a rational connection between the profession of public accounting and identity theft.”