Consumer Identifying Information And Financial Fraud

Consumer Identifying InformationAnd Financial Fraud

The FRB Study
The Federal Reserve Board has submitted its report to the Congress "Concerning the Availability of Consumer Identifying Information and Financial Fraud." While the report does not contain significant new information, it does provide the basis for future rulemaking considerations and also provides some ideas for customer education and service.

In response to its request for public comment on what constitutes sensitive information, the FRB received a variety of responses and no real consensus.

Some commenters stated that sensitive information should be limited to standard identifiers such as mother's maiden name, Social Security number, prior address, and date of birth. Other commenters believed that information such as the Social Security number is not sensitive because it does not provide any specific information about the individual.

Some commenters believed that other information such as place of birth, names of family members, schools attended, employment information, telephone numbers, loan and credit card numbers, and similar types of identifiers should be treated as sensitive.

From this public comment, the FRB concluded that determining what information is sensitive is a largely subjective process. What information is considered sensitive depends on what the information would be used for. The Board therefore focused its study on the information that is most commonly used to commit financial fraud: the information used in granting and verifying credit.

CAC Views
The Consumer Advisory Council briefly discussed consumer identify information at its April 1997 meeting. Thomas Butler, President and COO of NOVUS Services, Inc. pointed out that the most serious forms of fraud are not the result of identity fraud. Counterfeiting is a more extensive problem. He also described a type of fraud in which a family member takes a mailed solicitation, adds themselves as a user, and "uses the plastic" when it arrives.

William Lund, Director, Office of Consumer Credit Regulation for Maine, recommended that government agencies should look to their own practices before imposing rules on the private sector. State and federal uses of information such as the Social Security number (licensing, child support) has permeated systems for proving identity or tracking a person. In this respect, the Social Security numbers are being put to uses that were not originally intended.

Ideas
Commenters made a variety of suggestions for fraud prevention. Financial institutions could use security measures to inhibit fraud using verification methods such as photo identification, current address, signature, or personal identification number.

Methods for delivery and activation of cards can reduce theft and loss. Some creditors use a variety of methods for ensuring the identity of the person placing the call to activate the card. Other security methods include monitoring the activity in accounts to identify any unusual purchase habits.

Consumer education may be one of the most important techniques for reducing fraud. It also presents opportunities for banks. Commenters noted that consumers might benefit from knowing how and why information about them may be shared. This knowledge would help consumers make prudent decisions about what information to provide, and when.

Consumer education is an opportunity for developing stronger customer relationships, marketing bank products and services, and supporting the bank's CRA program.

Through education programs, consumers can learn how to control identifying information by recognizing when and how information is collected and used. Consumers could learn how to control the amount of information available about them through responding or not responding to "warranty card" surveys or product surveys.

The new "opt out" provisions in the Fair Credit Reporting Act, allowing the consumer to request that information about them not be shared with affiliates, are another way consumers can control how information about them is used. Implementing this procedure will call consumers' attention to information and privacy and give banks an opportunity to use education programs to promote the bank and the bank's service quality.

ACTION STEPS

Review your bank's procedures for handling customer information. Determine what customer identifiers are used and review security procedures.
Ask customer service and sales staff what sort of questions and concerns customers have about identifying information and privacy.
Suggest offering customer information education seminars covering information such how to protect personal information on items such as pay stubs, periodic statements and ATM receipts, how to check for fraud activity and what to do in case of fraud.