Financial Update (July-September 2001)


Cover Story

2000 Annual Report

Consumer Finance

Board Changes

Circular Letters

Identity Theft

Credit Scoring


Did You Know?

Data Bank

The Docket

Guidance for Banks on Preventing Identity Theft

Identity theft — using another person’s identification information such as Social Security number, birth date or bank account number to commit a financial crime like credit card fraud — is a growing problem. To help banks protect their customers against identity theft, the Federal Reserve recently issued supervisory guidance that recommends steps banks can take to safeguard customer information.

Verifying information and preventing fraud

The guidance suggests that banks establish identification verification procedures for new accounts. These procedures might include cross-checking customer information with independent sources and verifying information through an employer.

To prevent fraud, banks should verify information before making customer address changes, especially if these changes are accompanied by a request for a new credit card or new checks.

Information security

Banks are also urged to adopt policies for thwarting pretext callers — individuals who impersonate account holders to gain access to account information. The Fed recommends that banks establish written procedures to control access to customer information. Other measures include limiting telephone access to customer information — for example, by requiring an authorization code and using caller identification technology.

In addition, banks should train employees to recognize and report suspected pretext calls and should test their controls for thwarting such calls. The guidance also directs banks, when filing required Suspicious Activity Reports with law enforcement agencies and the Federal Reserve, to identify cases in which known or suspected fraud occurs as a result of identify theft or pretext calling.

Educating consumers

The guidance encourages banks to provide their customers with information about how to prevent identity theft and steps to take if they become victims. Banks should also train personnel to assist customers who may have been victimized.

The complete text of the guidance is available online at