Identity theft: The best defense is good offense

By Genevieve Caputo, New York Credit Union Association Director of Compliance

With the holiday times upon us, sadly so are identity thieves.  As wonderful as emerging technology is, offering ease to our members and potential members, as well as our teams, it is often a target for bad actors out there.   

Recently a member credit union from the Buffalo area reported to the Compliance Department what they have done to help protect themselves from a recent identity thief.

The potential member had originally applied for a loan through the credit union’s online application.  When they were opening the membership account, they seemed to have been trying to rush the process which made the team at the credit union a bit more cautious.  The applicant had provided a home phone number that had an out-of-town area code, which normally would not be such a red flag, however it made the Member Service Representative feel uneasy about the transaction, as the QualiFile report had to verify both the phone number and the license number. 

The Member Service Representative took a few extra steps and decided to verify the provided address against public records, and found it did not match.  When they reviewed the credit report, they saw another pull was made by a local credit union, in which the team at the credit union reached out.  They discovered, the other credit union had similar feelings in which they required the applicant to come into a branch location to finalize the paperwork, in which the applicant did not show up.  This credit union decided to take the same steps in which the applicant did not show up as well.

A short time later, the same credit union received another application with the same phone number listed on the previous application.  This alerted them to take similar steps as they did in the first case, but they additionally verified the address of the employer, which also did not match and they asked the member to take a selfie to compare to the identification provided, which to no surprise did not match. Again, when the applicant was asked to come in to complete the paperwork, they did not show up. 

We applaud these credit unions in taking extra steps in protecting the credit union.  It is important as a fiduciary to be on the alert for potential identity compromises.  Below we have listed a few steps to keep aware of when reviewing online applications:

  • Have a consistent procedure for reviewing applications.
  • A second set of eyes can sometimes pick up what the first did not.
  • Review if the information is consistent throughout .
  • Look to see if there are spelling errors.  An applicant should be spelling their name and town correctly.
  • Review verification reports such as Qualifile to see if there are any warnings.
  • Look at the credit report beyond the credit history:

Is there an alert or a freeze?
Is there an active-duty alert?
Does the address match?
Does the employer match?
Is the name spelled differently?
Have there been multiple credit pulls?

  • Does the identification presented look authentic? Is it a photocopy? Is the picture clear? Are there any inconsistencies to the application?
  • Is the applicant rushing the process unnecessarily?

We are still in the business of providing quality services, so these flags do not mean to instantly decline the application but to take extra steps.  Some extra steps you can take are similar to what this credit union had done.

  • Ask the applicant additional questions.
  • Ask for additional documentation for contradicting information.
  • Conduct a virtual interview on camera with the applicant and ask them to hold up their identification.
  • If it doesn’t seem right, have someone else look at it.
  • Ask the applicant to come into the branch to complete the process.
  • Compare information to public records.
  • Review recent applications that were deemed fraudulent to see if there is any matching information.

From a compliance standpoint, it is important that a credit union not only addresses these matters in their Red Flag Policy, as per the Fair Credit Reporting Act, but also the implemented program created by the credit union, is reviewed regularly with the team and they understand the expectations of them in protecting our members.  As in the words of Jack Dempsey: “The best defense is a good offense.”

Leave a Reply