The URL can be used to link to this page

Home My WebLink AboutOC SAN 23-18OC SAN 23-18-1 RESOLUTION NO. OC SAN 23-18 A RESOLUTION OF THE BOARD OF DIRECTORS OF THE ORANGE COUNTY SANITATION DISTRICT ADOPTING AN UPDATE TO THE IDENTITY THEFT PREVENTION PROGRAM IN ORDER TO COMPLY WITH THE FAIR AND ACCURATE CREDIT TRANSACTION ACT OF 2003; AND REPEALING RESOLUTION NO. OCSD 09-03 WHEREAS, the Federal Trade Commission (FTC) implemented the Fair and Accurate Credit Transaction (FACT) Act of 2003; WHEREAS, the FACT requires that creditors implement written programs which provide for detection of and response to specific activities (“red flags”) that could be related to identity theft; WHEREAS, the Orange County Sanitation District (OC San) qualifies as a creditor for purposes of this program; and WHEREAS, the FACT requires that the program: 1. Identify relevant red flags and incorporate them into the program 2. Identify ways to detect red flags 3. Include appropriate responses to red flags 4. Address new and changing risks through periodic program updates 5. Include a process for administration and oversight of the program. NOW, THEREFORE, BE IT RESOLVED, that the Board of Directors of the Orange County Sanitation District hereby adopts, and directs staff to implement, the Identity Theft Prevention Program attached hereto as Exhibit “A”. BE IT FURTHER RESOLVED that the Director of Finance, or his or her designee, shall implement and administer the Identity Theft Prevention Program. BE IT FURTHER RESOLVED that the Director of Finance shall annually review the Identity Theft Prevention Program to determine if revisions are needed and is hereby authorized and directed to make any changes to the Identity Theft Prevention Program that are found to be necessary. BE IT FURTHER RESOLVED that this Resolution shall become effective immediately upon its adoption. OC SAN 23-18-2 PASSED AND ADOPTED at a regular Meeting of the Board of Directors held August 23, 2023. Ryan Gallagher Board Vice-Chairman Kelly A. Lore, MMC Clerk of the Board Kelly Lore (Aug 24, 2023 08:24 PDT) Kelly Lore OC SAN 23-18-3 STATE OF CALIFORNIA ) ) SS COUNTY OF ORANGE ) I, Kelly A. Lore, Clerk of the Board of Directors of the Orange County Sanitation District, do hereby certify that the foregoing Resolution No. OC SAN 23-18 was passed and adopted at a regular meeting of said Board on the 23rd day of August 2023, by the following vote, to wit: AYES: Brad Avery, Pat Burns, Jon Dumitru, Stephen Faessel, Ryan Gallagher, Glenn Grandis, Johnathan Ryan Hernandez, Farrah Khan, Stephanie Klopfenstein, Christine Marick, Scott Minikus, Andrew Nguyen, Robert Ooten, Robbie Pitts, Susan Sonne, Schelly Sustarsic, Bruce Whitaker, John Withers, Debbie Baker (Alternate), Tom Lindsey (Alternate) and Carol Warren (Alternate) NOES: None ABSENT: Doug Chaffee, Rose Espinoza, Jordan Nefulda, and Chad Wanke ABSTENTIONS: None IN WITNESS WHEREOF, I have hereunto set my hand and affixed the official seal of Orange County Sanitation District this 23rd day of August 2023. ___________________________ Kelly A. Lore, MMC Clerk of the Board of Directors Orange County Sanitation District Kelly Lore (Aug 24, 2023 08:24 PDT) Kelly Lore OC SAN 23-18-4 IDENTITY THEFT PREVENTION PROGRAM Exhibit “A” to Resolution No. OC SAN 23-18 PURPOSE This program was created in order to comply with the regulations issued by the Federal Trade Commission (FTC) as part of the implementation of the Fair and Accurate Credit Transaction (FACT) Act of 2003. The FACT Act requires that financial institutions and creditors implement written programs which provide for detection of and response to specific activities (“red flags”) that could be related to identity theft. The FTC regulations require that the program: 1. Identify relevant red flags and incorporate them into the program. 2. Identify ways to detect red flags. 3. Include appropriate responses to red flags. 4. Address new and changing risks through periodic program updates. 5. Include a process for administration and oversight of the program. PROGRAM DETAILS RELEVANT RED FLAGS Red Flags are warning signs or activities that alert a creditor to potential identity theft. The guidelines published by the FTC include 26 examples of red flags which fall into the following five categories: 1. Alerts, notifications, or other warnings received from consumer reporting agencies or service problems. 2. Presentation of suspicious documents. 3. Presentation of suspicious personal identifying information. 4. Unusual use of, or other suspicious activity related to a covered account. 5. Notice from customers, victims of identity theft, or law enforcement authorities. After reviewing the FTC guidelines and examples, the OC San Financial Management Division determined that the following red flags are applicable to customer accounts. These red flags, and the appropriate responses, are the focus of this program. OC SAN 23-18-5 • Suspicious Documents and Activities o Documents provided for identification appear to have been altered or forged. o A customer refuses to provide proof of identity when discussing an established account. o A person other than the account holder requests information or asks to make changes to an established account. o Nonpayment when there is no history of late or missed payments. o An inactive account being used. o Mail sent to customer is returned repeatedly as undeliverable although transactions continue to be conducted in connection with the customer’s covered account. • A customer notifies OC San of any of the following activities: o Account statements are not being received. o Fraudulent activity on the customer’s bank account that is used to pay account charges. • OC San is notified by a customer, a victim of identity theft, or a member of law enforcement that an account has been opened for a person engaged in identity theft. DETECTING AND RESPONDING TO RED FLAGS Red flags will be detected as OC San employees interact with customers. An employee will be alerted to these red flags during the following processes: • Reviewing customer identification in order to establish an account or process a payment: Documents are presented that appear altered or inconsistent with the information provided by the customer. Response: Do not establish the account or accept payment until the customer’s identity has been confirmed. • Answering customer inquiries on the phone, via email, and at the counter: Someone other than the account holder may ask for information about an account or may ask to make changes to the information on an account. A customer may also refuse to verify their identity when asking about an account. Response: Inform the customer that the account holder must give permission for them to receive information about the account. Do not make changes to or provide any information about the account, with one exception: if the service on the account has been suspended for non-payment, payment may be accepted in the amount needed to reactivate the account. OC SAN 23-18-6 • Receiving notification that there is unauthorized activity associated with an account: Customers may call to alert OC San about fraudulent activity related to their account and/or the ban account used to make payments on the account. Response: Verify the customer’s identity and notify the Accounting Supervisor immediately. Take appropriate actions to correct any errors on the account, which may include: o Suspending or reactivating the account o Updating personal information on the account o Updating the mailing address on the account o Updating account notes to document the fraudulent activity o Notifying and working with law enforcement officials • Receiving notification that an account has been established for a person engaged in identity theft. Response: Notify the Accounting Supervisor immediately. The claim will be investigated, and appropriate action will be taken to resolve the issue as quickly as possible. ADMINISTRATION AND OVERSIGHT OF THE PROGRAM The Director of Finance or his or her designee shall review this program annually and provide recommendations to the General Manager to update the program as needed based on the following events: • Experience with identity theft. • Changes to the types of accounts and/or programs offered. • Implementation of new systems and/or vendor contracts. Specific roles are as follows: The Accounting Supervisor will oversee the daily activities related to identity theft detection and prevention and ensure that all members of the Revenue Section staff are trained to detect and respond to red flags. The Director of Finance or his or her designee will provide ongoing oversight to ensure that the program is effective. The General Manager will review and approve recommended changes to the program both annually and on as as-needed basis. The OC San Board of Directors must approve the initial program.