Click to return to BOL home page
Banker Store BOL Vendor Connect BOL Career Connect BOL Learning Connect Bankers Information Network
Home Compliance Lending Operations Security Marketing Technology/eBanking
Top Stories Bankers' Threads Background Check CrimeDex Em@il Education ID Verification Record Retention
 


MAIN CONTENT 
Compliance

    Agency Road Maps

    Alphabet Soup

    Compliance Tools

    FACTA/FCRA

    OFAC

Lending

    Article 9

    FACTA/FCRA

    HMDA Heaven

    Lending Tools

    SCRA

Marketing

Operations

    Check 21

    Disaster Updates

    Disaster Recovery

    HR Corner

    IRA Season

    Money Matters

    Operations Tools

    SARResearchGuide

Security

    AML/BSA

    Bank Robbery

    Counterfeits

    ID Fraud/Phishing

    Security Tools

Technology/eBanking

    Disaster Updates

    Disaster Recovery

    Info Security


SPECIAL AREAS 
BOL Archives

BOL Blogs

Briefing Archive

Calendar

Court Watch

Disaster Issuances

Em@il Education

Examiner's Corner

Executive Briefing

Infovault

Launch Pad

Lessons Learned

Monthly Roundup

Risk Management

Site Map

Site Orientation

Top Stories


~ ~ ~
SERVICES 
Background Check
BOL Conferencing

CrimeDex

Em@il Education

ID Verification

Record Retention


~ ~ ~
SHOP 

Banker Store
Bankers Info Ntwk
Books
Vendor Connect

CONNECT 

Career Connect

Learning Connect

Vendor Connect

Guru Central

INTERACT 

Ask a Guru
Bankers Threads

Contact Us

Give Us Feedback


TOOLS 

60 Second Solutions

Alphabet Soup

Banker Tools

BOL Forms

FUN 

Banker Humor

Banker Memories

BOL Recipes

eCard Exchange

LEARN MORE 

About Advertising
About Our Sponsors
About Us

Print Friendly! Email This Article! Discuss NOW!



Preparing for the FACT Act: Identity Theft Flags

In the South, cold winter winds are called Yankee Clippers. In the Northern states they are called Canadian Cold Fronts. Canadians blame the arctic. No matter what you call it or whom you blame, the FACT Act is blowing in fast. It's time to get ready. And a warm parka won't do the trick. There's a lot of work to be done.

Let's start with preparation for identity theft flags. As with many of the FACT Act provisions, the identity theft flags will generate new responsibilities in parts of the organization that have not typically carried such key compliance responsibilities. We have compared the FACT Act to Y2K because the provisions reach all through the organization and give central roles to jobs and functions that are not typically leads when it comes to compliance.

Instead, the FACT Act will turn some of our procedures upside down and call for new ones. Information coming from credit bureaus regarding identity theft flags must be routed to several places within the institution - and acted upon. Information within the institution regarding identity theft must similarly be reported to or shared with other creditors and the credit bureaus.

Preparing for the identity theft flags necessarily involves mapping some new functions and designing methods for compliance. Compliance attention tends to be concentrated on product sales. The taking of applications, making of loans, and opening accounts is the first focus of any compliance program, whether we are talking about OFAC or Truth in Lending.

Unlike product sales or delivery, the fraud alert involves less of the lobby and more of the back room. It will involve taking in information from several sources and dispersing information to others. To design and manage a compliance program, you will need to map a process that may not have been mapped before in this context. And you will need to provide or help develop procedures. Here are some steps to help you get started.
  • You must be equipped to receive consumer calls alleging fraud and theft.
  • Some staff must be qualified to evaluate incoming consumer calls and to initiate appropriate action.
  • The customer's first call may not provide all the information you need. Establish a protocol for collecting additional information. This means forms to collect information, forms for dispersing information as required, and timing guidelines.
  • Someone has to place the fraud alert flag on the customer's accounts - all of them. The responsible person or function must be able to receive information about flags from the consumer direct alerts and from credit bureau alerts.
  • After placing the fraud alert, there must be a system for maintaining that alert for 90 days or for the extended 7-year period if the consumer extends the alert. In addition, you will need a process - both responsibility and authority - to remove the flag when the time requirement is expired or when the consumer requests it.
  • Establish a system for transmitting fraud alerts to other creditors and to the credit bureau while the alert is in place.
  • You'll need new account rules when flags are in place for that customer. This means procedures, training, and a method for dealing with exceptions. Evaluating the bona fides of the customer gives new dimension to CIP.
  • Operating systems must take account of flags to prevent credit line increases, issuance of new cards, and changes of address. This means working with systems people.
  • Finally, CIP should play a very important role in identity theft procedures. You need to know not only that the customer is legitimate, but you need to know enough to determine that the customer is who they claim to be - and not the thief. Review your CIP with this purpose in mind.
Copyright © 2004 Compliance Action. Originally appeared in Compliance Action, Vol. 9, No. 10, 10/04



Print Friendly! Email This Article! Discuss NOW!


Privacy Policy    Disclaimer   Recommend This Site !   Contact Us


BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.