NAF - Identifying Identity Theft: Review of Red Flags
_______ is a fraud committed or attempted using the identifying information of another person without authority.
Identity theft
A person can end up with disastrous financial results if a credit card or bank account number ends up in the wrong person's hands.
True
Financial institutions are required to have a formal Customer Identification Program (CIP) to ensure that they verify the identity of all new account customers.
True
If a financial institution receives a notice of address discrepancy from a consumer reporting agency (CRA), it is required to furnish to the CRA the address it has confirmed to be accurate if the institution regularly reports to CRAs.
True
If your institution maintains accounts for customers that allow them to make multiple payments for an automobile loan, then your institution maintains a covered account
True
Since Regulation E and Regulation Z limit the consumer liability for unauthorized activity, the financial loss due to identity theft is often absorbed by financial institutions.
True
Most susceptible to identity theft fraud are:
New accounts
You can help reduce the risk of identity theft when you do all the following except:
Look on social media
Recovery rates from fraud are:
Low
Policies and procedures should provide for appropriate responses to the detection of any red flags commensurate with the degree of risk posed. Determine which of the following steps would help PREVENT identity theft.
Not attempting to collect on or not selling a covered account to a debt collector Monitoring a covered account for evidence of identity theft Changing any security devices that permit access to a covered account Not opening a new covered account
Which of the following are steps your customers can take to protect themselves from identity thieves?
Store personal information in a safe place Pay attention to statement and billing cycles Check account statements for unauthorized transactions
An institution should consider the following risk factors for identifying red flags for covered accounts EXCEPT:
Age, sex, and marital status of the customer
What are the red flags you must be aware of to help prevent identity theft?
An unusual number of recently established credit relationships Only information available in a wallet is known by the customer Initial loan payment is made but no subsequent payments The SSN is the same as submitted by other new accounts
A report regarding compliance with the regulatory requirements of the Identity Theft Prevention Program should be prepared by staff on at least a/an _________ basis for review by the board of directors or appropriate designated persons.
Annual
In case one of your customers is a victim of identity theft, you should do all of the following EXCEPT:
Chastise the client for not being cautious enough with their personal information
A covered account is primarily for commercial customers.
False
Identity thieves do not attempt to gain customer information by physical activities, such as dumpster diving.
False
Identity thieves have so many ways to gain information that there is really nothing that consumers can do to help prevent themselves from becoming a victim.
False
If your institution cannot establish a reasonable belief that the consumer report relates to the person about whom it has requested the report, your institution can use the report until new information becomes available.
False
Shortly following the notice of a change of address for a covered account, the institution or creditor receives a request for a new, additional, or replacement card or a cell phone, or for the addition of authorized users on the account. This is not suspicious, but a common occurrence.
False
The Identity Theft and Assumption Deterrence Act of 1998 (Identity Theft Act) makes identity theft a federal crime, but does not provide education and assistance to victims of identity theft.
False
Yao Feng-sei has an existing covered account with your institution dating back over 12 years. You receive a letter informing you of an address change to his credit card account. Due to the length of time the account has existed, this would not be a red flag.
False
Your institution uses the services of a consumer reporting agency. It is the sole responsibility of the provider to verify the customer's address.
False
A service provider is required to adopt the institution's policies and procedures when conducting business with the institution.
False. A service provider may use their own reasonable policies and procedures designed to detect, prevent, and mitigate the risk of identity theft.
Identity theft hurts all but the following:
Perpetrator
The Identity Theft Prevention Program is designed to detect, prevent, and mitigate identity theft at the opening of a covered account or an existing covered account. The scope includes all of the following EXCEPT:
Posting identity theft warnings to customers on lobby cards
Your institution has recently experienced a rise in the number of reports of identity theft. One of the actions your institution should take would be:
Review the Identity Theft Program to see if it needs to be updated
You are tasked with providing the report of the Identity Theft Prevention Program compliance to the board. The report should address:
Service provider arrangements
______ is (are) an institution's best defense
The front line
If a person who requests a consumer report receives notice from the consumer reporting agency that there is a discrepancy between the consumer's address in the request and the consumer's address in the consumer report:
The lender must, through "reasonable" policies and procedures it has developed, form a "reasonable" belief that a consumer report relates to the consumer in question
The scope of the red flags program include:
The program must be in writing and approved by the institution's board of directors The institution must involve the board, an appropriate committee, or a designated senior management employee in the oversight, development, implementation and administration of the program The institution must exercise appropriate and effective oversight of service provider arrangements Staff must be trained to effectively implement the program
The institution should incorporate relevant red flags identified by sources inside the institution itself.
True
You must be aware of how identity thieves work so that you can take steps to protect yourself and your customers.
True
Your institution has a valid "need to know" of the identity theft policies and procedures of your service providers.
True
Identity theft red flag categories include all the following except:
Tweets
Which of the following are steps your institution can take to help prevent your customers from becoming victims of identity theft?
Verify address changes Provide information on identity theft Following proper procedures with no exceptions