U.S. regulators have finalized rules that will require firms to help protect clients from identity theft.

The U.S. Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC) have both voted unanimously in favour of new rules to protect against identity theft.

The rules will require financial firms to adopt programs to detect red flags and prevent identity theft in certain existing accounts and in new accounts.

The SEC’s rules apply to broker-dealers, mutual funds, investment advisers, and certain other entities regulated by the agency; whereas the CFTC’s rule will apply to firms under its jurisdiction (futures commodity merchants, commodity trading advisors, and commodity pool operators).

The final rules will become effective 30 days after publication, and the compliance date will be six months after that.

“Under these rules, certain businesses regulated by the SEC and CFTC would be required to adopt and implement programs to detect and respond to indicators of possible identity theft,” said new SEC chairman, Mary Jo White. “These rules are a common-sense response to the growing threat of identity theft to all Americans who invest, save, or borrow money.”