The American Bankers Association has endorsed ID Point, an identify verification and validation service of LexisNexis, Inc., Dayton, Ohio.
Based on similar products used by various government agencies, ID Point has been adapted to the needs of banks, insurance companies, brokerage firms and other entities that must implement the customer identification provisions of the USA PATRIOT Act.
LexisNexis developed ID Point in accordance with best-practices guidelines from the ABA, which had been seeking a solution for its members. "We have great expertise in policy and the regulatory aspects of the Patriot Act, the compliance aspects, and the business of banking," said John Hall, spokesman for the ABA. "We developed the product together, telling them how their technology can best comply with the Patriot Act in a way that helps banks as well as their customers, and doesn't impede them."
ID Point searches 330 public record databases using the information requested of a new customer, starting with name, address, Social Security number, date of birth and telephone number. Additional information such as office telephone numbers and prior addresses can also be requested.
Bankers can use ID Point from a Web client for real-time results, or to transmit a batch of names to the National Fraud Center. "The smaller community banks, which may open five accounts per day, are using the HTML version," said James Vaules, CEO of the National Fraud Center and a former section supervisor with the FBI. "Banks that deal with more than 100 a day and thinking of how to integrate it into their overall workflow will probably be using the batch mode."
Each data element is checked against a sizable subset of available public record databases. "We're looking for the database that gives the best result, most often, and that has the most current information," said Vaules. "Once we find the result, we go and check it in a second database, and a third."
ID Point uses the search results to generate a numeric score, indicating the degree to which the public record contains either corroborating information, curious discrepancies, or "red-flag indicators" of fraud. "Red-flag indicators might be that the address provided is a prison or a P.O. box. It could be that the telephone is a disconnected number. It could be that the Social Security number was issued before the date of birth of the person," said Vaules.
"We're trying to make sure that the score that we're returning is as reliable as we possibly can, based upon the available databases," he added.
ID Point offers proactive suggestions for how to correct data entry errors, such as transposed digits. "It'll come back and show you that the information does not match, and it'll also show you what might be the correct match," said Vaules. "It cleans up the data before it returns it."
Thus, ID Point not only protects against identity fraud at account opening, but also supports ongoing data quality initiatives. On some occasions, said Vaules, a customer will purposely misstate a Social Security number. "But most of the time, it's a human error."
Once a customer's identity has been ascertained, ID Point checks the name against government watch lists maintained by the Office of Foreign Assets Control (OFAC) for known or suspected terrorists. Finally, the date-stamped results are filed along with copies of the documents used to open the account, allowing the bank to demonstrate to regulators that a proper search was conducted. "Under the Patriot Act you have to verify identity, you have to save the identity check, and you have to hit against the OFAC list," said Vaules.
Banks are well-advised to go a step further, following the spirit as well as the letter of the law. "There's nothing that I have seen in any of the regulations that say you have to identify who the employee was who conducted the search," said Vaules. "I have a feeling that bank policies and procedures will probably address that."
He added, "If I were a bank, I'd certainly want to know."
ID Dilemma Universal
Banks are not the only institutions that need to improve ID procedures. Merchants continue to suffer from online crime caused, in part, by unverified consumer transactions. Fortunately, businesses plan on adding more ID safeguards this year.