Curb Identity Theft and Improve Service Through Technology

A strong Customer Identification Program (CIP) can prevent credit unions from being attacked by identity thieves. Effectively using technology to develop a CIP can deliver good member service while making identity theft a thing of the past.


Credit unions often worry that each new regulation will make it harder to provide members with speedy service. This is especially true considering the responsibilities that accompany the member identification regulations associated with Section 326 of the USA PATRIOT Act. The days of verifying an individual's identity by obtaining a social security number, looking at a driver's license, and calling up a negative database search before handing them a starter kit of checks are gone. Complying with the regulations now brings added elements of identity verification.

Perhaps the best solution for an effective CIP that does not slow the account-opening process is having policies and procedures in place that utilize technology to prevent and detect identity theft.

Trying to manually verify a member's identity can be time consuming and almost impossible. The time it takes to manually confirm the identity of an individual or entity may allow criminals access into your system before discovering the documents they used to open their account were either stolen or bogus. The USA PATRIOT Act requires that you verify a member's identity within a "reasonable" time.

The many steps required to approve a new member can make it tempting for an employee to bypass some of them if the member is frustrated or the employee is in a hurry. Using technology as part of your procedures greatly simplifies and expedites the process and lessens the chances an employee might ignore certain steps. Having a system that provides a consistent approach to verifying a member's information also minimizes the chance of profiling is another important consideration.

There are many other advantages to incorporating technology into your CIP procedures. The USA PATRIOT Act requires that your CIP include risked-based procedures when determining the identity of a member. Having the right system that is designed to measure the risk of each potential member can meet the requirement. With the use of technology, you can automate your member identification procedures into your work flow. The right system can provide your staff with the proper questions to ask at account opening, and the system will then follow up with recommendations on how to proceed with the transaction. If further due diligence is required, some systems are designed to automatically pass the member's information into multiple databases and public records to actually verify the data. Having a CIP solution that provides help text to your employees when the system assigns a high-risk rating or discovers a possible fraud situation allows the employee to conduct business as usual without putting the potential member on notice.

Section 326 of the USA PATRIOT Act requires you to compare member information against government lists and lists of known terrorists. With the lists of known terrorists continually growing, manually checking and rechecking them is inefficient and time consuming. Effectively meeting this obligation requires having a comprehensive system that continually monitors and updates the names of terrorists and their organizations. Although some systems can screen a member's name against lists, such as Office of Foreign Assets Control (OFAC) and the 314(a) list, having a solution that gives you the option of either integrating into your work flow with real-time results or being able to batch process at night is clearly beneficial.

Finally, documenting and maintaining certain information is another important element of Section 326. Having an automated CIP solution that collects and maintains the required documentation for the two-tiered record requirement gives credit unions assurance that they are meeting the rule. Using technology to collect and store the information eliminates the nightmare of relying on staff to properly document and retain the required information. With the use of technology, the ability to retrieve necessary data also cuts down on the hours usually spent to gather information that was collected years earlier.
Preventing your credit union from being used by identity thieves means having an effective "Customer Identification Program," which includes policies and procedures that utilizes technology to prevent and detect identity theft. With the right system, providing good member service does not have to be a thing of the past.

Shannon Bennett, CRCM, is the Financial Intelligence Compliance Manager at Bankers Systems, Inc., a leading national provider of compliance tools, technology, and services for financial organizations and their legal counsel. Approximately one third of all credit unions in the United States use a Bankers Systems solution.