IDENTITY THEFT2015 ANNUAL TRAININGBy: Denise Goff

IDENTITY THEFT

The identity theft red flags are a part of the FAIR CREDIT REPORTING ACT.

There are 26 RED FLAGS Reflected in the fair credit reporting act.

IDENTITY THEFT

ACCOUNT - A continuing relationship established by a person with a financial institution or creditor to obtain a product or service for PERSONAL, FAMILY, HOUSEHOLD OR BUSINESS PURPOSES.

WHAT IS A COVERED ACCOUNT? Any account with a financial institution which

provides products or services for PERSONAL, FAMILY, HOUSEHOLD AND BUSINESS PURPOSES.

Any other type of account that a financial institution or creditor offers where there is a reasonably foreseeable risk to customers.

SUCH AS DEBIT CARDS, INTERNET BANKING,BILL PAY, SAFE DEPOSIT BOXES, ETC…….

WHAT IS A RED FLAG???ALERTS, NOTIFICATIONS OR

WARNINGS that are to be used as a guide to assist in identifying a customer that is possibly an identity theft victim.

RED FLAGS

Sample red flags are identified in the supplement a to appendix J of the fair credit reporting act.

CIP VS IDENTITY THEFTAll new customers are

identified by using the bank’s current CIP procedures and following the customer identification policy.

IDENTITY THEFT PROGRAM

The purpose of the identity theft program is to minimize the loss of money and inconvenience to any customer whose identity may have been stolen along with the possible access to personal accounts at his financial institution.

INACTIVE ACCOUNTS If someone is trying to conduct a

transaction on an account that has not had any activity for more than one year, THE CUSTOMER’S IDENTIFICATION SHOULD BE VERIFIED.

SAMPLE RED FLAGS Consumer Reporting Agency

provides a freeze notice of credit freeze in response to a request for a consumer credit report.

A fraud or active duty alert in included in a credit report.

Consumer Report Agency provides a notice of address discrepancy.

SAMPLE RED FLAGS Documents provided for ID appear

to have been altered or forged. The photo on the ID is not

consistent with the appearance of the applicant or customer.

A loan application appears to have been altered or forged.

The SSN provided is the same as that used by another applicant or customer.

SAMPLE RED FLAGS Personal ID information is not

consistent with personal ID information that is currently on file at the bank.

Mail sent to a customer that is returned repeatedly as undeliverable.

Someone trying to conduct a transaction on a covered account that has been inactive for a lengthy period of time.

SAMPLE RED FLAGS The bank is notified that the customer

is not receiving their paper account statements.

Shortly after the bank receives a notice of change of address, the bank receives a request for a new, additional or replacement debit card.

The bank is notified of unauthorized charges or transactions with their account.

IDENTITY THEFT RISK ASSESSMENT All banks ARE REQUIRED to have an

identity theft risk assessment to comply with the Fair Credit Reporting Act and identity theft requirements.

THIS MUST BE REVIEWED ANNUALLY AND APPROVED BY THE BOARD OF DIRECTORS.

IDENTITY THEFT RISK ASSESSMENT An Identity Theft Risk Assessment

must be completed by all banks on all products and services provided.

Our reported incidents of identity theft at our bank is low. Fortunately, we have had very few identity theft victims identified.

IDENTITY THEFT

If a customer is in the military, any change in their normal location should be maintained in the bank’s records or computer system as a warning for monitoring purposes.

SERVICE MEMBERS

The Service members Civil Relief Act (SCRA) that was signed in December of 2003 allows service men and women protection while protecting the United States during the war on terrorism. The Service Member field is used for information purposes regarding the customer. Indicates if the customer is a service member

IDENTITY THEFT WARNINGIf a customer notifies the bank

that he is a victim of identity theft, the bank must put a warning on the accounts involved.

Adding a security alert

Viewing security alert

IDENTITY THEFT TRAINING Annual training is required for all

EMPLOYEES, OFFICERS AND DIRECTORS.

This training is to ensure all bank personnel are properly trained TO DETECT AND RESPOND TO PROCEDURES Related to identity theft.

IDENTITY THEFT – DEBIT CARDS If a customer notifies the bank that

their debit card has been lost or stolen, the bank must immediately hot card or disable the card to protect the consumer or business customer.

IDENTITY THEFT PROGRAM Third party vendors are required to

have policies and procedures in place to comply with all identity theft requirements.

Vendors are prohibited from disclosing or using information from us, except as necessary to provide contracted

services.

IDENTITY THEFT – CHANGE OF ADDRESS PROCEDURES If a notice is sent to the bank by

the post office that a customer’s address has changed, a letter is sent to the customer along with a change of address form . the bank must received the completed form before doing any maintenance on the customer’s account.

IDENTITY THEFT

QUIZ TIME