1 / 52

Red Flag Procedures

Red Flag Procedures. for the Prevention, Detection, & Mitigation of Identity Theft. Presented by Training. Objective. Know how to identify, report, and respond to ID Theft Red Flags. Agenda. Introduction Section 1: Why is this Important? Section 2: Prevention Section 3: Mitigating

Download Presentation

Red Flag Procedures

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Red Flag Procedures for the Prevention, Detection, & Mitigation of Identity Theft Presented by Training

  2. Objective • Know how to identify, report, and respond to ID Theft Red Flags.

  3. Agenda • Introduction • Section 1: Why is this Important? • Section 2: Prevention • Section 3: Mitigating • Section 3: Detecting Red Flags: Procedures • Section 4: Reporting • Summary

  4. Section 1: Why is this Important?

  5. What’s in it for me? • Keeping current on laws helps you • Avoid risks • Avoiding Penalties • Avoid Disciplinary action • Suspension or termination if you are found non-compliant

  6. Responding appropriately reduces risks to the CU and to you • Noncompliance Risk • Civil & Criminal • $ Penalties and fines • Reputation Risk • Penalties are public knowledge • Would you want to do business with a non-compliant institution?

  7. Why? Why? Why? • NCUA requires • “to detect, prevent, and mitigate identity theft” • At account opening • While servicing accounts • Basically, the NCUA wants to • Keep identity theft from happening • Find it! (when it does happen) • Lessen, ease impact

  8. Collecting Member Information • At account opening • Name, address, DOB, telephone numbers • Identifying numbers (DL #, Tax ID #, SSN) • Member requests loan • In addition to above, information related to: • Employment, income • Assets, liabilities • Credit

  9. Maintaining / servicing accounts • Balances, OD, non-sufficient funds, • Payment history • Address changes • Credit changes • Email correspondence • See our Privacy Policy & Guidelines

  10. What are the Threats We Face? • Counterfeit Official Checks • Robberies • Fraud and Forgery Schemes • Unauthorized banking • Phishing • ID Theft

  11. Possible Responses to a Threat Depending on our analysis: • Issue alerts to the employees • Post info. on website

  12. Contact members • Mail letters, brochures, or other literature • Send emails • Phone call • Review procedures & implement necessary changes • Contact law enforcement • File a SAR

  13. Section 2:Prevention

  14. Verify Identity • Opening Accounts • Before completing a transaction • Giving out information • Updating /changing account information • Address changes • Email address updates • Security Questions

  15. For All Other Reasons • In person: Photo I.D. • Over phone: Security information • Via fax: Signed request w/ copy of photo I.D. • Via email: Security information Before you help someone, VERIFY ID!

  16. Obtain Written Authorization • Before providing information to a 3rd Party • Mail or fax • Funds verification • Verification of Deposit • Over the phone

  17. Mailing

  18. Faxing • Before faxing statements or account history:

  19. Address Changes

  20. Security Questions

  21. Section 3:Mitigation Lessening, Easing the Impact of Identity Theft

  22. Procedures: A Potential Victim

  23. Procedures: An Actual Victim 1

  24. Procedures: A non-member Victim

  25. Section 4:Detection

  26. What is the Red Flags Rule? • FI must update identity-theft prevention programs periodically • to reflect changes in risks of identity theft • to customers (members) • to the enterprise's (McCoy’s) safety and soundness

  27. Red Flags Defined • Red Flags – Patterns, practices, or specific activities that indicate the possible existence of identity theft

  28. 6 Categories of Red Flags • Alerts, Notifications, or Warnings from a Consumer Reporting Agency • Suspicious or unusual account activity • Presentation of suspicious documents

  29. Presentation of suspicious identifying information • Unusual use or suspicious activity related to an account • Notice of possible Identity theft in connection with account • From members • Possible ID theft victims • Law enforcement • Or others

  30. Alerts, Notifications, or Warnings from Consumer Reporting Agency • CRA or service providers give • Alerts • Notifications • Warnings

  31. The Red Flags: On the Credit Report • Fraud or active duty alert • Notice of credit freeze • Notice of address discrepancy

  32. A pattern of activity inconsistent with the history and usual pattern of activity of an applicant or member, such as: • Recent & significant increase in inquiries • Unusual number of recently established credit relationships • Material change in use of credit • Especially recently established credit relationships • Account closed for cause or for abuse of account • by financial institution or creditor

  33. Suspicious or unusual account activity • Fraud alert • Late payments without previous history of late payments • Numerous credit inquiries in a short period of time • Higher-than-usual monthly credit balances • Recent change of address together with other signs • Replacement card requests

  34. The Red Flags: Suspicious Documents • Identification documentation appears altered or forged • Photograph or physical description on ID not consistent with appearance of applicant or member • Other information on ID not consistent with information provided by person opening account or member presenting ID

  35. Other information on ID not consistent with readily accessible information on file • Signature card • Recent check • Application appears altered, forged, or destroyed and reassembled

  36. The Red Flags: Suspicious Personal Identifying Information • Personal identifying information inconsistent compared to external sources used • Address does not match address in consumer report • SSN has not been issued or listed on SS Administration’s Death Master File

  37. Personal identifying information provided by member not consistent with other personal identifying information provided by the member. • No correlation between SSN range and date of birth

  38. Personal identifying information is associated with known fraudulent activity • Address on application = address on fraudulent application • Phone number on application = number on fraudulent application

  39. Personal identifying information is of a type commonly associated with fraudulent activity • Address on application is • Fictitious • Mail drop • Prison • Phone number is • Invalid • Associated with pager or answering service

  40. SSN provided = SSN submitted • by other persons opening an account • or other members • Address or telephone number = or is similar to address or telephone number submitted • by an unusually large number of other persons opening accounts • or other members.

  41. Failure to provide all required identifying information • Person opening account or the member • On application, or in response to notification • Personal identifying information provided ≠ personal identifying information on file with the credit union.

  42. When using challenge questions, person opening account or member cannot provide authenticating information • beyond that which would be available from wallet or consumer report

  43. Unusual Use of orSuspicious Activity Related tothe Covered Account • Shortly following notice of a change of address, the institution or creditor receives a request for • New, additional, or replacement card • Addition of authorized users on the account.

  44. A new revolving credit account used in a manner commonly associated with known patterns of fraud • Majority of available credit used for • Cash advances • Merchandise easily converted to cash • Electronics equipment or jewelry • Member fails to make • First payment • Makes an initial payment but no subsequent payments

  45. Account is used in a manner not consistent with established patterns of activity • Nonpayment when no history of late or missed payments • Increase in use of available credit • Change in purchasing or spending patterns • Change in electronic fund transfer patterns in connection with a deposit account

  46. Inactive account for a lengthy period of time is used • The address on an application is fictitious, a mail drop, or prison • Mail is returned repeatedly as undeliverable although transactions continue to be conducted

  47. McCoy is notified that member is not receiving paper statements. • McCoy is notified of unauthorized charges or transactions in connection with account.

  48. Section 4:Reporting Red Flags & Suspicious Activities

  49. What’s New? • What’s the greatest impact to your job? • Now you have to report red flags

  50. Summary • Preventing & Mitigating ID Theft • Our procedures appropriately address the Red Flags we detect • Appropriate responses may include:

More Related