CPAs Exempt from Red Flags Rule

The holidays have come a little early for CPAs with the news that they are now permanently exempt from the Federal Trade Commission’s (FTC) Red Flags Rule, an act created to thwart identity theft by narrowing the scope of who is considered a ‘creditor,’ reports Accounting Today.

With President Barack Obama’s signature on the Red Flag Program Clarification Act of 2010, what the Journal of Accountancy calls “years of advocacy efforts and a legal battle” between the American Institute of CPAs (AICPA) and the FTC has come to a satisfactory end for CPAs.

The crux of the issue was this: According to the AICPA, the FTC had been interpreting the rule, originally released in Nov. 2007, as also applying to “any public accounting firm which bills clients for services rendered” using the reasoning that if an entity defers payment -- even if this is done during the “normal course of a traditional billing process,” then that entity is considered a creditor and must take steps to set up an internal program, “subject to inspection and review,” designed to detect the so-called red flags that signal potential identity theft in day-to-day operations.

That process, says the AICPA, who had filed a lawsuit against the FTC on this issue in Aug. 2009, would have “impose[ed] onerous and unnecessary requirements on AICPA members.”

“This legislation makes clear that a CPA's billing cycle isn’t an identity theft risk,” said AICPA President and CEO Barry Melancon in a statement. “This legislative fix to a burdensome regulation is a positive development in Washington.”