Barring some last minute legislative/regulatory activity, the FTC will expect companies to be red flags rule compliant as of November 1, 2009.  Companies should recognize that there is not a “one size” approach to addressing identity theft risks in making a Red Flags Rule Plan.  Instead, the FTC expects each company’s plan to be tailored to its own needs and circumstances.   Click here for help on steps your company can take.