Skip to content
 

Protecting Against Identity Theft

by Mary Beth Guard

Every day, banks unwittingly aid identity thieves by failing to implement and enforce some very basic precautions. Take the case of Mari Frank, for example. A smart, energetic California lawyer, Mari became the victim of a con artist she had never met. The thief had managed to illegally obtain copies of credit reports of a number of individuals, including Mari Frank. Taking a preapproved credit card solicitation, she altered it to list Mari's name and social security number. When the bank received the card application, rather than seeing a red flag when the address (the thief's) didn't match what a credit report showed as the current address for the purported applicant (Mari), the bank facilitated the fraud by supplying the "new" address to the credit bureau for it to "update" its records.

Now, the regulators have turned up the heat on financial institutions's efforts to detect and prevent identity theft by issuing explicit new guidance on how to protect customer information. FDIC has issued FIL 39-2001, OCC has put out its Advisory Letter AL 2001-4, and the Federal Reserve has outlined the problem and possible solutions in Supervisory Letter SR 01-11.

The protection of customer information against the threat of identity theft is an important component of an institution's information security compliance. You should:

  • Have solid procedures for verifying the identity and validity of background information on individuals who open accounts, apply for loans, or obtain other financial products or services from you;
  • Verify the identity of a customer calling to obtain information on his or her account and take precautions against various types of pretext calls;
  • Guard against fraudulent address changes;
  • Report suspected Identity Theft and Pretext Calling;
  • Take steps to educate your customers about how to protect themselves against ID theft;
  • Assist your customers who are victims of identity theft and fraud

Additional suggestions are contained in the issuances from the regulators.

Originally appeared in the Oklahoma Bankers Association Compliance Informer.

First published on BankersOnline.com 10/ /01

First published on 10/01/2001

Filed under: 
Security
Filed under security as: 
Compliance/Compliance Management
FDIC
ID
Identity Theft

Report a problem with this page

Search Topics