In 2019, the Federal Reserve published two white papers as part of their Payments Fraud Insights series. The first, Synthetic Fraud in the U.S. Payment System covered basic traits.1
The second white paper, Detecting Synthetic Identity Fraud in the U.S. Payment System, stressed how important it is for organizations to investigate deeper than the basic identifying data to uncover synthetic fraud.
The third white paper picks up where their last one ended. It identifies the various efforts that organizations – both individually and collectively – can work with to mitigate synthetic identity fraud.
Additionally, the third paper covers several environmental factors that can assist with mitigating the risk and regulations, for one.
Overview:
“Synthetic identity fraud occurs when perpetrators combine fictitious and sometimes, real information, such as names and Social Security numbers (SSNs), to create new identities. These identities may then be used to defraud financial institutions, private industry, government agencies or individuals. Differing definitions and approaches to detection make it difficult to quantify the impact on the U.S. financial system. One widely reported analysis by Auriemma Group suggested that synthetic identity fraud cost U.S. lenders $6 billion and accounted for 20% of credit losses in 2016.”
Top three major themes, include:
- How institutions approach synthetic identity fraud mitigation individually;
- How they can or do work collaboratively with industry partners; and
- How mitigation is influenced by the regulatory environment and other external factors.
Working Alone:
Experts that were consulted for the paper suggest a multi-layered approach that employs both manual and technological data analysis. They believe this approach gives organizations the best chance to identify and mitigate fraud caused by synthetics.
The fraudsters have become more sophisticated and we must stay ahead of them. The use of link analysis should be considered. This action is initiated across multiple banks for service providers that have multiple financial institutions as clients. Other methods are the use of Artificial Intelligence (AI) and Machine Learning as well as multi-layered mitigation.2
Working Collaboratively:
Experts stressed that information sharing is effective, of course, but only as valuable as the data – GIGO3. Service providers can access hundreds of customer data to determine trends and linkages to potential synthetic accounts. Understand that information sharing must comply with U.S. laws and regulations, such as the USA PATRIOT ACT. Use them as much as you can under the particular guidelines.
Regulations and The Environment:
A significant addition to fighting synthetic fraud is the introduction by the Social Security Administration of the electronic Consent Based Social Security Number Verification (eCBSV) service, which just moved into production pilot last month2008. The eCBSV4 fee-based service permits real time validation of customer information by financial institutions with customer consent.
Conclusion:
There is no ‘magic bullet’, however there are tools you can use to mitigate synthetic fraud in your organization. This white paper provides a roadmap and the tools. Information sharing, AI, eCBSV, and good old common sense and vigilance are all available to you.
Since synthetic identity accounts are used over a period of time, fraud industry experts recommend that successful organizations will maintain vigilance, use a variety of tools, and try to stay one step ahead of the fraudsters.
This effort is indeed a marathon and not a sprint.
1 The papers were authored by the Federal Reserve Bank of Boston, based on interviews with over 50 fraud experts across the U.S.
2 Diagrams on pages 9 and 10 of the paper
3 Garbage In, Garbage Out
4 eCBSV capabilities outlined on page 15 with a map of state consumer privacy laws on page 19