In Mergers & Acquisitions (M&A), a deal issue that when identified may have significant negative impact on the M&A and could put the deal at risk. The Red Flags Rule refers to a set of US federal regulations that require businesses to establish a set of policies and procedures to implement a written identity theft prevention program that is designed to: detect the key attributes of identity theft in their day-to-day operations, take steps to prevent the crime and mitigate its damage. A program can help businesses spot suspicious patterns and prevent the costly consequences of identity theft. The “Red Flags Rule” is formally known as the Identity Theft Red Flags and Address Discrepancies Under the Fair and Accurate Credit Transactions Act of 2003 Final Rule.