WASHINGTON (1/5/09)—The subject of identity theft may have been eclipsed in the news lately by the country’s economic woes, but it remains a huge issue for financial institutions and consumers alike, reminds Valerie Moss, Credit Union National Association (CUNA) director of compliance information. The Federal Trade Commission has estimated that 8.3 million Americans were identity theft victims in 2005, the most recent data available. Moss brings credit unions’ attention to a sometimes-forgotten section of the Fair Credit Reporting Act (FCRA) added in 2003, of which they should be aware. Section 609(e) of FCRA requires a business that has provided credit to an identity thief to make available, upon the request of the victim or law enforcement, a copy of the application and any business transaction records maintained by the business or another person on behalf of the business entity. And a credit union or other business must provide this information free of cost, under the law, Moss says. This is the process that is to be followed, Moss advises: Before providing any information, a credit union must verify a victim’s identity unless it has a “high degree of confidence” already of that individual’s identity. The victim must provide the following as proof at the time of the request:
* A government issued ID; * Identifying information of the same type as was provided to the credit union by the unauthorized person; or * Identifying information that the credit union typically requests from new applicants or for new transactions, including the information described above.
As proof of the claim of ID theft, the credit union can also request a copy of a police report evidencing the victim’s claim; a properly completed copy of the FTC’s standardized affidavit of ID theft; or an affidavit of fact that the credit union considers acceptable for that purpose. The request must be in writing and mailed to an address specified by the credit union. In addition, the credit union may ask the ID theft victim to include relevant information about any transaction alleged to result from ID. This topic was included in compliance tips in CUNA’s December Compliance Challenge
. Use the resource links below to read more on this and other compliance topics.