With all the information floating around about identity theft, I was wondering if anyone has a formal procedure that outlines the steps an employee should take if a customer calls stating that they have been a victim of ID theft. Any thoughts would be greatly appreciated.

You will probably not get any substantive replies to this request as the information given could be very valuable to someone attempting ID theft.

The safest thing to do is to refer them to ID Theft and What Do I Do?

I would think referring them to the bank's Security Officer/Fraud investigator would be the first step.

Folks:

From a previous post . . .
--------------
I don't know about a "rule" -- but if your customer only "mentions" that his/her identity has been compromised, I don't believe you should file a SAR. If your customer reports an identity theft to you, however, that's much different. You should develop a policy that mandates that:
- A bank employee must accept such a report if a customer wants to file it;
- The customer will furnish the bank employee with a copy of the local law enforcement report(s) relating to the event;
- The bank will use the FTC's Identity Theft Affidavit (http://www.consumer.gov/idtheft/) to gather the information;
- That the report will be forwarded to the Security Officer immediately for further investigation; and
- That the Security Officer will file a SAR.