TOPIC: Identity Theft

Synthetic Identity Fraud Accounts

Employee at a bank (USA)
I'm presently attempting to create a risk model designed to detect synthetic identity fraud applicants during the onboarding process and those lurking within existing active and collection accounts.  Has anyone created their own risk model identifying manual steps used to screen out these types of fabricated identities?  If so, I'd love to visit with you about specific methods of detection.
thank you
Matt  

    Cyber Security / Fraud Reporting

    Employee at a bank ($2.9BUSA)
    We have grown very very rapidly over these last three years.   So fast to where we are falling behind and cant keep up in any department.   It has now been asked of us to create better fraud and cyber security reporting (check fraud, account take over, mobile deposit, ach, wire, counterfeit bills, scams, ect ect. 

    we have grown from a small bank with two locations and 33 million to 28 locations and 3 billion in assets and im not as up to date on reporting as i am actually tracking fraud and interrogating.   

    Im looking for ideas from the ones who have successful reporting on how to report our monthly numbers to higher management / board members 

      Equifax eIDCompare Product

      Employee at a bank ($1.5BUSA)
      Since Lexis Nexis discontinued their Fraud Advisor product, this has caused us to revert to an alternative ID verification product to replace "identity scan" that we utilized within Equifax. We now have eIDCompare. I have the user guide that our rep gave to us detailing the report. While the guide is fairly simple to interpret, I am wondering if any fellow bankers have actual procedures for the "transaction results" that are generated. For example, most of the time the assessment results result in a pass status. So, the team member continues with the new account however, though, if the assessment results states that a review is recommended, I am not sure how to instruct the team member on how to proceed. What do you recommend we do--obtain additional information, what would it be? Just looking for basic procedures to remit to branch staff and create a streamline effect across the institution.  Additionally, a fraud indicator is listed which results could include a victim of fraud, a warning (address can't be verified) or a combination of both. How do we move forward?

        [Webinar] Fraud Scams & Schemes

        September 22, 12:30 EST
        Register now

        From mass marketing fraud, to romance and work-from-home scams, and even Business Email Compromise, savvy fraudsters are adapting to ever-changing technology and targeting your customers with a variety of illicit tactics. These fraud schemes are often perpetrated by organized criminal groups and crime rings to inflict millions of dollars in losses.

        Join us as we discuss emerging fraud trends and how criminals have adapted to circumvent improved security and controls at financial institutions. Our experts will also review red flags and best practices to protect your customers from the damaging financial and emotional effects of falling victim to fraud scams.

        Highlights of this industry-leading webinar include:
        • Insights into the evolution of fraud schemes and scams perpetrated through digital channels.
        • A review of common scenarios used to target customers, including red flag indicators for romance scams, employment scams, lottery scams and more.
        • Best practices for loss prevention, early detection, and investigation strategies.
        • The role of technology in fraud mitigation, including cloud data and cross-channel analysis.
        Register now

          Oversight of Service Provider Arrangements for Identity Theft

          Person at a bank ($113MUSA)
          How do you all ensure that the activity of the service provider is conducted in accordance with reasonable policies and procedures designed to detect, prevent, and mitigate the risk of identity theft? Do you require and obtain a copy of their policies and procedures? Also, do you you require this on every provider or only ones that have access to customer information?

          (c)  Oversight of service provider arrangements. Whenever a financial institution or creditor engages a service provider to perform an activity in connection with one or more covered accounts the financial institution or creditor should take steps to ensure that the activity of the service provider is conducted in accordance with reasonable policies and procedures designed to detect, prevent, and mitigate the risk of identity theft. For example, a financial institution or creditor could require the service provider by contract to have policies and procedures to detect relevant Red Flags that may arise in the performance of the service provider's activities, and either report the Red Flags to the financial institution or creditor, or to take appropriate steps to prevent or mitigate identity theft.

            Experian Precise ID

            Manager at a credit_union ($1.8BUSA)
            Hello, 

            We currently utilize CBC Innovis for ID verification through MeridianLink and are in the process of switching to Experian Precise ID. Does anyone have any sample procedures for your staff or any recommendations of how we can best instruct staff to use this product? We want to provide clear guidance as far as thresholds for the various scores, when to refer an app to Fraud/BSA, when to request additional documentation, resolving discrepancies, etc. 

            Any input you may be able to provide is greatly appreciated. We will be utilizing this product for in-branch account opening and online account opening. 

              FACTA

              AVP at a bank ($237MUSA)
              Our auditor recently recommended that we send a notice to our vendors of our expectations under the FACTA regarding Identity Theft.  Does anyone have an example of anything they have sent to their vendors that do not include this specific language in the contract? 

                Blog | Unreal Identities Leading to Real Crimes - Read Now

                Blog
                Unreal Identities Leading to Real Crimes
                Criminals use synthetic identities to commit multiple types of fraud and increase illicit profits

                February 4, 2019 by Verafin

                The US Federal Trade Commission has reported that synthetic identity theft has surpassed “true-name” identity theft and is now “the fastest growing type of ID fraud.” Occurring when criminals combine real and fabricated identification information to create unreal identities, it has become a vehicle for a host of financial crimes, such as account fraud, loan fraud and online banking fraud. 

                In this insightful blog post, we cover the differences between manipulated and manufactured synthetic identities; how financial institutions, rather than consumers, are often the ultimate victims; and the measures institutions can take to protect themselves from this increasing and evolving type of financial crime.

                Read the full blog now

                  Ncontracts November Webinar - On Guard: Strengthening Risk Assessments in Key Areas of Regulatory Scrutiny 11/25/19 @ 3:00 PM ET

                  Register Now!

                  Financial institutions are tasked with keeping consumers and the banking system safe. That includes regular risk assessments identifying, assessing, measuring, mitigating, and monitoring risk in areas like information security, Gramm-Leach-Bliley, ACH, Bank Secrecy Act/Anti-Money Laundering, and identity theft.

                  What does an effective risk assessment of these areas look like and how can an institution ensure risk is properly managed at all levels? Join Ncontracts’ Michael Carpenter and Ann Davidson from Allied Solutions as they discuss best practices for:
                  • Recognizing hot risk areas and common oversights
                  • Making data-driven risk decisions
                    • Differentiating between controls and scoring
                    • Understanding the relationship between risks and goals
                  • Effectively communicating internally to understand risk tolerances
                    • Managing risks vs. managing tasks
                  Don’t miss this opportunity gain insights to shoring up risk management in areas of increased regulatory scrutiny and determine how your institution’s risk assessments compare with industry ideals.

                  Sign Up Today!

                    safekeeping confirmations

                    VP at a bank ($49MUSA)
                    We go to extremes teaching our customers not to respond to request for confidential information.  We address this in every aspect, mail, email, text, phone calls, social media, and every way we can imagine.  Then we go and send positive confirmations out to them to respond to.  External auditors cannot understand why we have a poor response from our customers.  Granted the customers go to an extreme, but they become cautious, even when we tell them its a legitimate request (which seems to go against everything we are trying to educate our customers about).  The auditors response but we are not fraudsters and it has your signature on it. 

                      Blog | Unreal Identities Leading to Real Crimes - Read the full blog now

                      Blog
                      Unreal Identities Leading to Real Crimes
                      Criminals use synthetic identities to commit multiple types of fraud and increase illicit profits

                      Published February 4, 2019 by Verafin

                      Read the full blog now

                      Synthetic identity fraud occurs when criminals combine real and fabricated identification information to create unreal identities which can pass a financial institution’s identity validation processes, and then successfully apply for various financial products with their synthetic identities. It has become a vehicle for fraudsters to commit a host of financial crimes, such as account fraud, loan fraud and online banking fraud.  

                      In this illuminating blog post, you will learn about the increasing risk of synthetic identity fraud and the ways in which financial institutions can protect themselves – through education, robust controls for online accounts and applications, collaboration, and innovative financial crime management tools.

                      Read the full blog now

                        Infographic | Synthetic Identity Fraud - Unreal Identities with Real ROI

                        Infographic
                        Synthetic Identity Fraud
                        Unreal Identities with Real ROI


                        Download Now

                        How are synthetic identities created and exploited in financial institutions?

                        Highlights:
                        •  Identity Fraud and SSN
                        • Hackers and Data Breaches
                        • Synthetic Identity Fraud
                        • How Financial Institutions are Exploited
                        • Synthetic Identity Crime Rings: An Exponential Formula
                        A typical synthetic ID syndicate operates hundreds or thousands of synthetic IDs simultaneously. Learn how criminals turn synthetic identity fraud into real ROI.

                        Download Now