What are your thoughts on the third extension to the Identity Theft Red Flags Rule deadline?

Was your institution ready to meet Red Flag guidelines?