Identity Theft Prevention Program


Our Dealership uses the following procedures as part of our Identity Theft Prevention Program (the “ITPP”) to help mitigate the risk of identity theft.

We look for the following factors (“Red Flags”) to indicate that identity theft may be occurring in connection with an account at our Dealership:

  1. Notice from a customer, a victim of identity theft, a law enforcement agency, or someone else that an account has been opened or used fraudulently, including a fraud alert in a customer’s credit file.
  2. Mismatched or inconsistent information or images between a customer’s provided information, documentation, or appearance and any verification documents, including credit reports that raises suspicions.
  3. Indications of forgery, alteration, replication, or assembly of any documentation.

 We may detect Red Flags by:

  1. Checking a customer’s credit report and verifying that the address used by the customer corresponds to an address in the credit report.
  2. Reviewing a customer’s photo identification and requesting their name and address when they open an ongoing payment account.

When detected, we may respond to Red Flags by:

  1. Contacting an existing customer by an alternate communications method, if available, to verify whether a particular transaction or account is authorized.
  2. Closing, preventing the opening of, or changing the number of an account.
  3. Notifying law enforcement.
  4. Notifying a credit reporting agency.
  5. Not responding if warranted.

This ITPP was adopted and approved by C & B Operations, LLC on September 2, 2014. The ITPP will be administered by C & B Operation’s Human Resource Manager / Controller. We train our front-line customer service personnel and management employees to identify the Red Flags set out in the ITPP using in-person, written, and audio-visual materials and programs. We only work with service providers who institute an identity theft program that is appropriate to their function and the information they receive from us. Generally, we do not work with service providers in connection with detecting or responding to the Red Flags set out in the ITPP. This ITPP will be reviewed and updated periodically to ensure it remains appropriate for our business.