We'd like to develop a database of fraud cases to be used and shared by all of our affiliate banks, but I'm not sure of the regulatory restrictions on this type of sharing.
It would be used for fraud investigations and loss prevention, but due to the nature of the information, it could possibly impact credit decisions. It wouldn't be used for marketing purposes.
Most of the data would be direct transaction and experience information, so according to the FCRA it could be shared among affiliates without any form of opt out. However, there would likely be some other information on the database too. For example, in a fraud investigation there will likely be information about accounts that the customer has at other banks or the fact that the customer is in default on loans at other banks. Could this information be shared among affiliates without the need for some type of customer opt out?
Thanks.
_________________________
All statements are my own and not necessarily those of my employer.