• Address discrepancies must be detected
and verified using the CIP, other data
sources, or with the consumer directly after
being authenticated; and
• If a continuing relationship is established
with the consumer, financial institutions
are required to have policies and procedures to furnish the newly verified address
to the Consumer Reporting Agency (CRA)
as part of the regular reporting process.
4. A consumer report indicates a pattern of
activity that is inconsistent with the history and
usual pattern of activity of an applicant or customer, such as:
■ ■ A recent and significant increase in the volume of inquiries;
■ ■ An unusual number of recently established
credit relationships;
■ ■ A material change in the use of credit, especially with respect to recently established
credit relationships; or
■ ■ An account that was closed for cause or
identified for abuse of account privileges by
a financial institution or creditor.
• These alerts may also come from a non-CRA service provider, such as a fraud detection service.
Suspicious Documents
5. Documents provided for identification appear
to have been altered or forged.
6. The photograph or physical description on the
identification is not consistent with the appearance of the applicant or customer presenting the
identification.
7. Other information on the identification is not
consistent with information provided by the per-
son opening a new covered account or customer
presenting the identification.
8. Other information on the identification is
not consistent with readily accessible information that is on file with the financial institution
or creditor, such as a signature card or a recent
check.
9. An application appears to have been altered or
forged, or it gives the appearance of having been
destroyed and reassembled.
Suspicious Personal Identifying
Information
10. The personal identifying information pro-
vided is inconsistent when compared against
external information sources used by the financial
institution or creditor
For example:
• The address does not match any address in
the consumer report (same as red flag 3); or
• The Social Security Number (SSN) has not
been issued, or is listed on the Social Security
Administration’s Death Master File.
11. Personal identifying information provided
by the customer is not consistent with other personal identifying information provided by the
customer. For example, there is a lack of correla-
Case In Point
in a reCent induStry Call on Suspicious Activity Report (SAR) data analysis3, the Federal Deposit
Insurance Corporation (FDIC) indicated a 15-percent
increase in check fraud from 2012 to 2013. This was
partially attributed to password compromises in the
2012 LinkedIn and Twitter hacking attacks and customers that reuse their same login and password for
their online banking. Once the fraudster accesses a
bank account, he or she often looks for cleared check
images to support their counterfeiting operation.
One way that banks can prevent this type of fraud
would be use of blurring or truncation technology for
account numbers and other sensitive images available online. Strong password and multifactor authentication controls are also necessary.
i
sto
c
kphoto
note:
Italicized text in this
feature is from
the regulation;
the non-italicized
are the author’s
remarks.
