In recent months,I have done maintenance calls on numerous dealers with whom I implemented "Red Flag" compliance training over the past 2-3 years. I have found an alarming number of stores WERE diligent in addressing the safeguarding of customer information when the law was implemented in 2009,but relatively FEW have continued the necessary practices they implemented when the law went into effect.This is a ticking time bomb for dealers who are not taking the identity theft of their customers seriously I have put together the top ten most serious violations I have seen with my dealers and hope this will serve as a "checklist" for you to tighten up your compliance with this law. 1. F&I Offices left unlocked and unattended with numerous deal folders unsecured on top of desks. 2. Copies of sensitive Customer information in unlocked or unsecured storage areas. 3. Unlocked F&I offices at close of business. 4. No formal safeguard compliance training for new employees. 5. Customer information disposed of in non secure areas.ex: Worksheets or Credit Apps in showroom trash cans,etc. 6. Log In and Log Out form for deal jackets removed from accounting. 7.Computer files containing Customer information accessed without a password. 8. "Employee Acknowledgement of and Agreement to Comply" form signed by EVERY employee and independent contractors who have access to Customer information signed and placed in employee packet and vendor packet. 9 "Certificate of Attendance and Completion" of Red Flag Compliance Training with employees name and date of completion in each of their employee packets. 10. Closing passwords and access codes when an employee leaves the dealer's employment. The fine per violation if audited by the FTC is $3500 per violation, but consider a Finance Office unlocked with 30-40 deals unsecured and you start to understand the liability to the store,not to mention the potential lawsuits filed for identity theft of one of you Customers accessed in your store as well as the negative publicity involved.Hope this "checklist" helps bring you back into compliance with "Red Flag".