compliance

Dealership Red Flags Identity Theft Prevention Program Log

Log Red Flags Rule checks for each deal, document what was reviewed, and record how identity concerns were resolved under your written ITPP. Use it to create a clear audit trail for dealership compliance reviews.

Fill it now — Free Get Started

Customize with AI → Live preview →

Trusted by frontline teams 15 years of frontline software AI customization in seconds

Built for: Automotive Dealerships · Auto Finance · Used Vehicle Sales · Fleet Sales

9:41

Inspections

1 Inspection Details

Deal or transaction identifier recorded Type here…

Review date and time recorded 🕒 mm/dd/yyyy hh:mm

Reviewer identity recorded Type here…

Review completed under written ITPP !

✓ Yes ✗ No

2 Red Flag Indicators Reviewed

Application identity information matched supporting documents !

✓ Yes ✗ No

Government-issued identification appeared valid and unaltered !

✓ Yes ✗ No

Address, phone number, or contact details showed inconsistency !

✓ Yes ✗ No

Social Security number or tax identifier showed mismatch or anomaly !

✓ Yes ✗ No

Credit bureau or fraud alert indicators reviewed !

✓ Yes ✗ No

Behavioral or presentation red flags observed

✓ Yes ✗ No

Third-party or document authenticity concerns identified

✓ Yes ✗ No

3 Resolution and Escalation

Additional verification completed ["choices",...× ["requires_...×

Resolution outcome documented ["choices", [{"la...

Resolution steps and rationale documented Type here…

Compliance or management notified when required

✓ Yes ✗ No

4 Attestation and Closure

Log entry is complete and accurate !

✓ Yes ✗ No

Supporting notes attached when needed

✓ Yes ✗ No

Reviewer attestation

✏️

Tap to sign

Follow-up required ["choices", [{"la...

Overview

This template is a deal-level inspection log for documenting Red Flags Rule checks under a dealership’s written Identity Theft Prevention Program (ITPP). It gives you a place to record the transaction identifier, review date and time, reviewer identity, the specific red flag indicators checked, any mismatch or fraud concern found, the resolution steps taken, and whether management or compliance was notified.

Use it when a customer application, ID document, credit report, contact detail, or third-party record raises a question that needs to be resolved before the deal is closed. It is especially useful for finance and lease transactions, used-car deals with inconsistent paperwork, and any case where a fraud alert, altered ID, or identity mismatch appears. The log helps create a defensible audit trail that shows the dealership followed its own program consistently.

Do not use this as a generic sales worksheet or as a substitute for your written ITPP. It should not be filled out for every casual customer interaction unless your policy requires it. It is also not the place for vague notes like "looked good"; the value comes from specific, observable entries that explain what was checked, what was unusual, and why the deal was allowed to proceed or escalated.

Standards & compliance context

This template supports dealership compliance with the FTC Red Flags Rule and a written Identity Theft Prevention Program by documenting how identity risks were identified and resolved.
The log can also support broader consumer protection and recordkeeping expectations under applicable federal and state dealership compliance programs.
If your process includes credit bureau alerts, fraud alerts, or identity verification steps, align the log with your internal procedures and any lender or finance source requirements.
Use the log as an audit trail, not as a substitute for staff training, escalation authority, or the dealership’s written policy.

General regulatory context for orientation only — verify current requirements with counsel or the relevant agency before relying on this template for compliance.

What's inside this template

Inspection Details

This section anchors the record to a specific deal, reviewer, and review moment so the rest of the log can be traced to one transaction.

Deal or transaction identifier recorded (critical · weight 2.0)
Enter the deal number, stock number, or transaction reference for this review.
Review date and time recorded (critical · weight 2.0)
Document when the red flags review was completed.
Reviewer identity recorded (critical · weight 3.0)
Enter the name and role/title of the person completing the review.
Review completed under written ITPP (critical · weight 3.0)
Confirm the review was performed under the dealership's written Identity Theft Prevention Program.

Red Flag Indicators Reviewed

This section shows exactly which identity and fraud indicators were checked, which is the core evidence that the ITPP review actually happened.

Application identity information matched supporting documents (critical · weight 6.0)
Verify the applicant name, address, date of birth, and other identity data are consistent with supporting documentation.
Government-issued identification appeared valid and unaltered (critical · weight 6.0)
Check for signs of tampering, mismatch, expiration, or other irregularities in presented identification.
Address, phone number, or contact details showed inconsistency (critical · weight 5.0)
Record whether the application contained conflicting or unverifiable contact information.
Social Security number or tax identifier showed mismatch or anomaly (critical · weight 5.0)
Note any mismatch, invalid format, or other anomaly in the tax or identity number used for the deal.
Credit bureau or fraud alert indicators reviewed (critical · weight 5.0)
Confirm any available bureau alerts, fraud warnings, or identity verification flags were reviewed.
Behavioral or presentation red flags observed (weight 4.0)
Document suspicious behavior such as reluctance to provide documentation, inconsistent answers, or unusual urgency.
Third-party or document authenticity concerns identified (weight 4.0)
Record any concern that a document, reference, or third-party verification source may be unreliable or inconsistent.

Resolution and Escalation

This section documents how concerns were cleared or escalated, which is what turns a flagged issue into a defensible compliance record.

Additional verification completed (critical · weight 8.0)
Select all verification steps performed to resolve the concern.
Resolution outcome documented (critical · weight 8.0)
Select the final outcome of the review.
Resolution steps and rationale documented (critical · weight 8.0)
Describe what was done, what evidence was reviewed, and why the transaction was cleared, escalated, or declined.
Compliance or management notified when required (weight 6.0)
Confirm escalation occurred when policy required additional review or a confirmed red flag was identified.

Attestation and Closure

This section confirms the entry is complete, accurate, and closed, giving the log audit value instead of leaving it as an incomplete note.

Log entry is complete and accurate (critical · weight 8.0)
Confirm all required fields are complete and the entry accurately reflects the review performed.
Supporting notes attached when needed (weight 5.0)
Confirm any required notes, screenshots, or supporting documentation were attached to the record.
Reviewer attestation (critical · weight 7.0)
Signature confirming the review was completed in accordance with the dealership's written Identity Theft Prevention Program.
Follow-up required (weight 5.0)
Indicate whether any follow-up action remains open after this review.

How to use this template

Create one log entry for each deal or transaction that requires a red flag review and enter the deal identifier, date and time, and reviewer name before the review begins.
Check each listed indicator against the application, ID, credit file, and supporting documents, and record the specific result for every item rather than leaving fields blank.
If a mismatch, fraud alert, or suspicious document appears, document the additional verification performed, the rationale for accepting or rejecting the information, and any escalation made to compliance or management.
Attach supporting notes, copies, or references when the issue cannot be fully explained in the main log fields, especially for altered documents or third-party authenticity concerns.
Complete the reviewer attestation only after the entry is accurate and the follow-up status is clear, then route any open items to the assigned owner for closure.

Best practices

Record the review while the transaction is active so the notes reflect what was actually seen, not a later reconstruction.
Use specific language for each red flag, such as a mismatched address, altered ID edges, or a fraud alert on the credit file, instead of writing generic approval notes.
Document the reason a concern was cleared, because a resolved issue without rationale is hard to defend in an audit.
Escalate unresolved identity concerns immediately under the dealership’s written ITPP and note who was notified and when.
Keep the log tied to the deal file so reviewers can trace the entry back to the supporting documents without searching multiple systems.
Photograph or scan suspicious documents only when your policy allows it and store them with the related transaction record.
Separate routine verification from true red flag events so the log highlights the cases that required judgment, escalation, or management review.

What this template typically catches

Issues teams running this template most often surface in practice:

Application name does not match the government-issued ID or supporting documents.

Address, phone number, or email differs across the application, credit file, and customer-provided records.

ID appears altered, expired, or inconsistent with the customer presenting it.

Social Security number or tax identifier shows a mismatch, anomaly, or incomplete entry.

Credit bureau fraud alert or identity warning is present but no follow-up verification is documented.

Third-party document authenticity concerns are noted without a resolution step or escalation record.

Reviewer name is missing, making it unclear who completed the red flag assessment.

The log says the deal was approved, but no rationale is recorded for how the concern was cleared.

Common use cases

F&I Manager reviewing a financed retail deal

A finance manager uses the log when an applicant’s address and phone number do not match across the application and credit report. The entry records the mismatch, the extra verification performed, and the final approval or escalation decision.

Used-car desk handling a suspicious ID presentation

A used-car sales manager documents a customer ID that appears altered or inconsistent with the person presenting it. The log captures the observed issue, who was notified, and whether the deal was paused pending additional verification.

Compliance officer sampling closed deal files

A compliance reviewer audits completed deals to confirm that red flag checks were documented under the dealership’s ITPP. The log provides a consistent record of what was reviewed, who reviewed it, and whether any unresolved items remain.

Lease transaction with a fraud alert

A lease application triggers a fraud alert or identity warning from a credit bureau. The reviewer uses the log to show the alert was checked, what additional verification was completed, and why the transaction was allowed to proceed or escalated.

Frequently asked questions

What is this log used for in a dealership?

This log documents the Red Flags Rule review performed on each deal or transaction. It captures which identity indicators were checked, what concerns were found, how they were resolved, and who completed the review. The goal is to show that your dealership followed its written Identity Theft Prevention Program, not just that someone looked at the paperwork.

Which deals should be logged?

Use it for transactions where your written ITPP requires identity verification or red flag screening, such as retail vehicle sales, financing applications, lease deals, or any transaction with customer identity data. If your program defines specific triggers for review, the log should match those triggers. Many dealerships also use it for exception cases, such as mismatched contact details or suspicious document changes.

How often should this be completed?

Complete it at the time of the deal review, while the documents, customer, and supporting records are still available. Delayed entries are weaker because they rely on memory and can miss the exact reason a concern was cleared or escalated. If a deal is reopened or updated later, add a follow-up entry rather than editing away the original review trail.

Who should fill out the log?

It should be completed by the employee or manager assigned to perform the identity review under your written program, such as F&I staff, sales management, or a compliance reviewer. The key is that the reviewer identity is recorded and consistent with your internal authority matrix. If escalation is required, the person resolving the issue and the person approving the closure should both be clear in the record.

Does this template replace our written Identity Theft Prevention Program?

No. This is the operational log that supports the written ITPP; it does not replace the policy, procedures, or training requirements. The written program defines what red flags to look for, when to escalate, and what actions are allowed. This template helps prove those steps were actually followed on a specific deal.

What are common mistakes when using a Red Flags log?

Common mistakes include vague entries like "verified" with no detail, missing reviewer names, and failing to record why a mismatch was accepted or escalated. Another frequent issue is not attaching supporting notes when a document looked altered or a fraud alert was involved. The log should show the indicator, the action taken, and the final outcome in plain language.

How does this help during an audit or exam?

It gives auditors a deal-level trail showing that red flag checks were performed, concerns were handled, and closure was documented. That is especially useful when a regulator, lender, or internal compliance team asks how a specific transaction was approved. A complete log also helps demonstrate that your dealership is following a repeatable process instead of relying on informal judgment.

Can this be customized for our dealership workflow or software?

Yes. You can add fields for store location, deal type, finance source, document upload links, or escalation owner. Many dealerships also map the log to their CRM, DMS, or document management system so the review record sits with the deal file. Keep the core fields intact so the log still shows what was reviewed, what was found, and how it was resolved.

Related templates

Inspections

Warranty Self-Audit Checklist for Manufacturer Audit Preparation

Use this warranty self-audit checklist to spot missing three-Cs, parts retention gaps, sublet iss...

Inspections

Accounting Schedule Reconciliation and Open RO Audit

Monthly reconciliation template for factory receivables, warranty receivables, and open repair or...

Inspections

Dealership Hazard Communication SDS Binder Audit

Audit dealership service, parts, and detail-area chemicals against SDS binder, labeling, and acce...

Inspections

FTC Used Car Rule Buyers Guide Compliance Audit

Use this FTC Used Car Rule Buyers Guide Compliance Audit template to verify every used vehicle ha...

Inspections

Dealership Floorplan Audit Preparation Checklist

Use this dealership floorplan audit preparation checklist to reconcile inventory, payment status,...

Forms

Auction Vehicle Acquisition Approval Form

Use this Auction Vehicle Acquisition Approval Form to document vehicle details, condition review,...

Sop

Cash Drawer Open & Count

Cash Drawer Open & Count is the SOP for verifying a drawer, counting the starting bank, recording...

Hr Policy

Anti-Harassment & Anti-Discrimination Policy

Anti-Harassment & Anti-Discrimination Policy template for defining prohibited conduct, reporting ...

Go deeper on the topic

Related concepts

Predictive Scheduling Law

Predictive scheduling laws — also called fair workweek laws or secure scheduling — require employers in covered industries to publish employee schedules...
Overtime Calculation

Overtime calculation is the process of applying federal, state, local, and contractual rules to hours worked to determine the correct pay — including...
Near-Miss Reporting

A near-miss is an event that could have caused injury or damage but didn't — a slip that didn't fall, a load that shifted but didn't drop, a machine that...
Lockout/Tagout

Lockout/tagout (LOTO) is the procedure for controlling hazardous energy — electrical, hydraulic, pneumatic, mechanical, thermal, chemical — before...

Related guides

How The Kansas City Chiefs Revolutionized Event Employee Communication for Over 600 Game-day Staff

See how the Kansas City Chiefs unified communication for 600+ event staff with a branded app, achieving 90% adoption and reaching every employee on game day.
Stop Re-Typing Success: Why Automated Performance Data is the Secret to Fair Pay

Manual HR data entry costs $4.78 per entry and introduces bias into pay decisions. Learn how automating performance data creates fairer, more accurate...
MangoApps Integrates Native Workforce Management and Next-Gen Generative AI to Unify the Modern Workplace

MangoApps 2026 Winter Release adds native shift scheduling, structural AI for surveys and wikis, and a redesigned search—unifying frontline operations in one...
Why you Need A Learning Management System

Learning management system software streamlines employee training, boosts consistency, and tracks progress in one scalable platform.

Ready to use this template?

Get started with MangoApps and use Dealership Red Flags Identity Theft Prevention Program Log with your team — pricing built for small business.

Get Started Customize with AI