Currently we do a social security verification or a credit report on all new accounts to verify identity/and/or other information. Some reports verify the individual information to be the same as what we have on the person but will not verify that the social security number is actually issued to that person, but gives the date of issue and the state issued in. According to the CIP rules, are we required to verify that the number given is actually issued to that person? If so, do you know where or how to obtain that specific information?
I attended a tele-seminar on 9/11/06 with Jack Holzknecht about Red Flag Guidelines; We just had an audit and we received a write up for not having any formal procedures in place to ensure identity of a customer requesting credit if a fraud alert appears on the customer's credit report. The recommendation read, "To mitigate fraud risk and ensure the proper identity, formal procedures should be created and implemented. Procedures may include additional steps for identification, additional security questions, as well as additional documentation to evidence of proof." If the Red Flag Guidelines are not finalized yet, how can we still get written up for it? Should the recommended policies be in place already even though there has been no Final Rule released?
The only procedures we have in place for background information on new hires is to pull a credit report and verify references.Can you please share with me some other sources/avenues that you would use in doing background checks on employees?