The Agency Insider with Linda McGlasson

Why Comply With ID Theft Red Flags Rule? Let Us Count the Reasons

Why Comply With ID Theft Red Flags Rule? Let Us Count the Reasons

When most financial professionals think of the recently enacted ID Theft Red Flags Rule, they shudder, then groan. You know the feeling of that regulatory burden on your shoulders. Another regulation to comply with; when will it stop?

The fact is, the ID Theft Red Flags Rule is one of the best examples of a regulation gone right. But we all know what the ID Theft Red Flags Rule is supposed to do for us and our customers.

Let's now look at just a few recent reasons we need such regulatory requirements in place.

Earlier this week in Suwanee, GA, a couple who bid on the contents of an abandoned storage unit found that with their $10 bid they had won four cardboard boxes. They planned on auctioning the contents on eBay. Upon opening the boxes they saw the leftovers from a huge identity fraud operation. The couple found hundreds of credit cards, social security cards, driver's licenses from different states. Some cards had pictures of the same person, but had different names on them. The couple, who wanted to remain unnamed, called the sheriff's office and turned over the boxes to law enforcement officials. The Suwanee police detective handling the case calls the volume of evidence "overwhelming" and expects the investigation to stretch from coast-to coast. The FBI and the U.S. Secret Service have been called in to help unravel the identity fraud operation's roots. The organization of criminals is mind-bogglingly complex and growing ever more so each year, and our defenses against them have to reflect this. Compliance with ID Theft Red Flags Rule does help bolster your line.

A recent South Florida newspaper article detailed the increasing number of children who have their identities stolen. The Federal Trade Commission says that about 500,000 identity thefts each year involving children under the age of 19, with the majority of the thefts occurring between birth and age 5. That's about 5 percent of all suspected ID theft cases, and more troubling is that the FTC says they've seen the numbers rising slowly over the last several years. While more often than not, a parent, guardian or family member is involved, some law enforcement agencies think that child ID theft is now more attractive to thieves as PII becomes harder to steal from adults, who are becoming better at monitoring their credit. Think of Little Johnny, five months old with his new bank account, paychecks, and a line of credit. There's a world of hurt that a criminal can do to a child's life because the gap between when the theft occurs and when it is discovered is often more than a decade or more, usually only discovered when the victim applies for a job, credit card or a school loan. How would you know if Johnny Doe was really only 5 years old, and not 35, as his application states? The Red Flags Rule will help you suss out that John Doe and raise the "red flag" to require further explanation.

On December 1, federal law enforcement officers announced they have busted a multi-million dollar home equity line of credit, identity theft and computer intrusion ring, with the arrest of four men in three states. The four are charged with international conspiracy, taking more than $2.5 million from U.S. victims' home equity lines of credit using personal information gained through identity theft and unauthorized computer access. The four join four others charged in the scheme to take available funds from home equity lines of credit ("HELOCs") belonging to identity theft victims, either by engineering fraudulent wire transfers or by gaining unauthorized access to the victims' on-line bank accounts.

The U.S. Department of Justice is prosecuting the accused, who are part of a multi-national identity theft ring that operates in the United States, the United Kingdom, Canada, China, Japan, Vietnam and South Korea, among other places. The defendants and their co-conspirators have acquired identity information of thousands of victims and used that information to conduct numerous fraudulent schemes, including depleting their victims' HELOC accounts.

The eight are charged with compromising confidential customer account information relating to several large and small banks, credit unions, and credit issuers throughout the United States. The larger institutions identified include Citibank, JPMorganChase, Wachovia, Washington Mutual, and Bank of America, among others. Dozens of smaller banks and credit unions have also been hit, including the Navy Federal Credit Union, Pentagon Federal Credit Union, U.S. Senate Federal Credit Union, the State Department Federal Credit Union, and at least 11 New Jersey-based financial institutions.

If these three stories from this week's headlines prove anything, it is this: It is time to take this regulation seriously and stop identity theft from hitting your customers and your institution -- otherwise you, too, may end up fodder for the headlines.



About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.