Blog Editor

Ann Graham
Associate Professor of Law
Texas Tech Univ School of Law
Profile
Email

Resources

About Banking Law Prof Blog
Email Editor Comments & Content

Find Banking Law Profs
Google Scholar
Law Schools
SSRN

Federal Regulatory Agencies
Office of the Comptroller of the Currency (OCC)
Office of Thrift Supervision (OTS)
Federal Deposit Insurance Corporation (FDIC)
Federal Reserve System
National Credit Union Administration (NCUA)
Federal Financial Institutions Examination Council (FFIEC)
Financial Crimes Enforcement Network (FinCEN)

Trade Associations
American Bankers Association (ABA)
Independent Community Bankers of America (ICBA)
Financial Services Roundtable
Conference of State Bank Supervisors (CSBS)
Consumer Bankers Association (CBA)
Mortgage Bankers Association (MBA)
Credit Union National Association (CUNA)
National Association of Federal Credit Unions (NAFCU)
National Association of State Credit Union Supervisors (NASCUS)
World Council of Credit Unions, Inc. (WOCCU)

Consumer Resources
Federal Trade Commission (FTC)
Center for Responsible Lending
National Consumer Law Center
Consumers Union
ACORN (Association of Community Organizations for Reform Now)
FDIC
OCC
FRB
OTS

Publications
American Banker
Credit Union Times

Congressional & Administrative Resources
U.S. Senate
U.S. House of Representatives
Statutes
Code of Federal Regulations
Federal Register
Important Federal Banking Legislation Listed

Banking Compliance Websites
Federal
BankersOnline
Compliance Headquarters

Free Legal Web Sites
Findlaw
JURIST

Blog Traffic

Since September 26, 2006

Blogware

Powered by TypePad

Notices

© Copyright 2006 by Law Professor Blogs, LLC. All rights reserved.

April 15, 2008

Texas Steps Out with a NEW ID THEFT MEASURE

The 2007 Texas Legislature passed a bill establishing a new Closed Account Notification System ("CANS") -- the first example of this type of anti-ID theft measure in the U.S. 

The Texas Department of Banking administers CANS, which launched on March 1, 2008.  In an effort to combat identity theft, financial institutions such as banks and credit unions operating in Texas are required to submit information, at the request of their customer, concerning suspected compromised deposit accounts to a secure electronic notification system which then alerts all of the major check verification companies to the potential fraudulent activity.

Other states and the federal banking agencies will be watching this new system. 

Thanks to Stefan L. Jouret, with the law firm of Donovan Hatem LLP, Boston, MA, for calling this to my attention.

Link to Texas Dept. of Banking information about CANS: http://www.banking.state.tx.us/cve/memo03-18-08.htm

(ag) April 15, 2008, in Identity Theft

April 15, 2008 in Identity Theft | Permalink | Comments (0) | TrackBack

November 16, 2007

Identity Theft Red Flags - Final Rules

Check out the Federal Register publication of Final Rules relating to Identity Theft Red Flags, adopted pursuant to the Fair and Accurate Credit Transactions Act (FACTA). Financial institution lawyers have a new opportunity to make sure their clients have new policies and procedures in place.  This is sure to be an examination "hot button"

Link:  http://www.occ.gov/fr/fedregister/72fr63718.pdf

(ag) Nov. 16, 2007, in Identity Theft

November 16, 2007 in Identity Theft | Permalink | Comments (1) | TrackBack

May 28, 2007

You Can't Shame the Shameless

Identity Theft continues to be a major concern of the banking agencies and the public.  The scammers are constantly developing new ploys to entice consumers to give them personal information.  Some of the most brazen schemes this spring have been e-mails to financial institutions and to their customers, purporting to come from FDIC and to invite participation in an anti-fraud scheme that requires downloading a new program.  Right!

Check out several warnings from FDIC (the real FDIC, that is)http://www.fdic.gov/consumers/consumer/alerts/index.html

A note to Banking Law Profs:  One of the paper topics my students have been most intrigued by in the last couple of years is "Identity Theft - What Can Law and Regulation Do About It?"

(ag) May 28, 2007, in Identity Theft

May 28, 2007 in Identity Theft | Permalink | Comments (0) | TrackBack

May 04, 2007

President's Identity Theft Task Force Strategic Plan

First, there's a new comprehensive website for Identity Theft informationhttp://www.idtheft.gov/

Second, the President's Identity Theft Task Force has released its Strategic Plan for Combating Identity Theft.  This report includes excellent background information about the scope of the Identity Theft problem.  The report also proposed concrete steps to address the problem, including:

1.  Decreasing the unnecessary use of social security numbers;

2.  Safeguarding information in the public sector and responding to information breaches;

3.  Implementing data security rules for the private sector and responding to information breaches;

4.  Educating consumers on protecting personal information;

5.  Making it harder to misuse consumer data;

6.  Helping victims of identity theft repair their lives;

7.  Prosecuting and punishing identity thieves; and

8.  Looking at the way forward.

(ag) May 4, 2007, in Identity Theft

May 4, 2007 in Identity Theft | Permalink | Comments (1) | TrackBack

April 16, 2007

How FDIC Expects Banks to Address Identity Theft

FDIC has issued its "Supervisory Policy on Identity Theft" in FIL-32-2007 (April 11, 2007).  This advice to banks summarizes examination expectations and collects the following references to current regulatory pronouncements regarding identity theft.

Attachment:
Supervisory Policy on Identity Theft

Link:  http://www.fdic.gov/news/news/financial/2007/fil07032.html

(ag) April 16, 2007, in Identity Theft

April 16, 2007 in Identity Theft | Permalink | Comments (0) | TrackBack

January 04, 2007

Exam Heads Up: Full Compliance Required for FFIEC Authentication Requirements

Examiners will be checking for compliance with the FFIEC Guidelines for Authentication in an Internet Banking Environment which were fully effective Dec. 31, 2006.  Each of the Federal Banking Agencies sent out their own announcements of these new requirements in Oct. 2005 -- plenty of lead-time to implement them, but now the compliance examiners will get serious.  These measures offer additional protection from identity theft for banks and their customers.

Key components of the new requirements:

Link to FFIEC Announcement: http://www.ffiec.gov/press/pr101205.htm

FFIEC Guidance:  http://www.ffiec.gov/pdf/authentication_guidance.pdf

FDIC FIL:  http://www.ffiec.gov/ffiecinfobase/resources/info_sec/2006/fdi-fil-103-2005.pdf

OCC:  http://www.ffiec.gov/ffiecinfobase/resources/info_sec/2006/occ-bul_2005-35.pdf

FRB, OTS, and NCUA have similar announcements.

(ag) Jan. 4, 2007, in Examination, Federal Banking Agencies, Identity Theft, Internet Banking

January 4, 2007 in Examination, Federal Banking Agencies, Identity Theft, Internet Banking | Permalink | Comments (0) | TrackBack

January 01, 2007

Send Comments to Identity Theft Task Force by January 19th

The President's Identity Theft Task Force seeks public input for a Strategic Plan to Combat Identity Theft.  The Identity Theft Task Force was created by President Bush by Executive Order on May 10, 2006, and has been charged with delivering a strategic plan by February  9, 2007.  Task Force Co-Chairmen are Attorney General Alberto R. Gonzales and FTC Chairman Deborah Platt Majoras. 

On Sept. 19, 2006, the Identity Theft Task Force published Interim Recommendations - www.ftc.gov/opa/2006/09/idtheft.htm  The Identity Theft Task Force now seeks public comments until January 19, 2007.  In preparing comments, it is important to review the Interim Recommendations and the request for comments.  Four objectives are highlighted: 

  1. Preventing sensitive consumer data from falling into the hands of identity thieves -- by encouraging  better data security practices and consumer education;
  2. Making it more difficult to steal identities -- even if consumer information does fall into the wrong hands;
  3. Assisting victims of identity theft; and
  4. Deterring identity theft through aggressive prosecution and punishment.

My review of the Interim Recommendations and the Request for Comments indicates that the Task Force is not yet actively considering a federal mandate to the credit reporting agencies to allow consumers to place a freeze on their credit reports proactively, in the absence of suspected identity theft.  California was a pioneer in this requirement.  In my opinion, it would be appropriate for the Task Force to study the California experience and consider uniform federal measures allowing consumers to place a "lock" on their credit reports and on the issuance of new credit without special authorization.

Link to Request for Comments:  http://www.ftc.gov/speeches/majoras/061221PublicNoticeFinal.pdf

January 1, 2007 in Identity Theft | Permalink | Comments (0) | TrackBack

December 29, 2006

New Year's Resolutions for Bank Lawyers -- and Their Clients & Friends

Okay, enough eggnog & fruit cake!

JANUARY’S MONEY MEMO FOR LAWYERS - [as seen in Lubbock Law Notes]
By Ann Graham, Associate Professor of Law, Texas Tech University School of Law

‘Tis the season for New Year’s Resolutions! 
As William Shakespeare reminds us: 

“Good name in man and woman, dear my lord,
Is the immediate jewel of their souls;
Who steals my purse steals trash; ’tis something, nothing;
’Twas mine, ’tis his, and has been slave to thousands;
But he that filches from me my good name
Robs me of that which not enriches him,
And makes me poor indeed.”   --Othello. Act iii. Sc. 3.

My number one New Year’s Resolution is to protect financial information from Identity Theft – and from just plain error.  As lawyers, we often procrastinate about protecting our own legal and financial interests.  It’s that “Cobbler’s Children Having No Shoes Phenomenon”.  So these suggestions are aimed at us.  If you choose to pass them along to your clients, you might also be saving them from substantial losses in terms of time, money, and hassle.

Step One:  Request your credit report. You can’t fix a problem until you identify it.  Even if your credit report contains no errors now, you have a standard for comparison.
There are three consumer reporting agencies:  Equifax, Experian, and TransUnion.  Under federal law, you are entitled to one free credit report from each of these three agencies during a twelve-month period.  You may order them all at once or space them out.  The only official website for requesting your free credit reports online is https://www.annualcreditreport.com/cra/index.jsp  This is a joint free-credit-report website for all three agencies.  Be sure to type the website name carefully to avoid being directed to a scam site.  The official website provides information about the option to order your free credit reports by telephone or by mail.

You can purchase your credit score for $7.95 when you request your free credit report.  The credit reporting agencies offer other credit monitoring products but they do charge for them. 

Step Two:  Promptly review your credit report.  To correct inaccuracies, follow appropriate legal procedures reviewed on the FTC website:  http://www.ftc.gov/bcp/conline/pubs/credit/idtheft.htm#Resolving                     

Correcting errors, whether they be simple mistakes or outright fraud, can improve your credit score.  Your credit score (or FICO score) is based on the debt repayment history reflected in your credit reports.  An improved credit score can save you money in the form of lower interest rates when you borrow money through credit card purchases or through loans to pay for big purchases – like that new car or house.

Step Three: If you suspect you are the victim of identity theft, respond immediately:
• Place a Fraud Report Call to the credit reporting agencies.  One call will suffice; that agency will notify the others.

  1. Equifax:  1-877-576-5734; www.equifax.com 
  2. Experian:  1-888-397-3742 www.experian.com/fraud 
  3. TransUnion:  1-800-680-7289; www.transunion.com

The credit reporting agencies will first place an Initial Fraud Alert on all your credit accounts for 90 days.  New accounts and charges will trigger a request for your personal authorization.  After a police report has been filed, an Extended Fraud Alert can be maintained in effect for seven years.

Promptly cancel accounts that have been used or open without authorization.
File a police report and get a copy of the report.
Notify the Federal Trade Commission (FTC): 

Step Four:  Follow common sense steps to protect against identity theft.

  1. Shred old financial documents (yours and your clients).
  2. Protect social security numbers.  Don’t ask for or provide them unless absolutely necessary.
  3. Balance your checkbooks and check credit card statements promptly.
  4. Be alert for bills and check orders that fail to arrive when expected.  They may have been stolen by identity thieves.
  5. Be quick to check out unexpected credit denials or calls about bills you don’t recognize.
  6. Don’t leave documents with financial information out where unauthorized employees, repair contractors, cleaning personnel, or others can steal or copy them.
  7. Be aware of potential identity theft scams.  “Pretext calling” is identity theft by telephone.  Thieves pretend to be creditors, bank personnel, credit card representatives, or merchants when they ask for personal financial information.  Never give personal financial information over the phone unless you know for sure who is on the other end of the line.
  8. Be on guard for identity theft by computer.  “Phishing” is pretexting by e-mail.  “Pharming” is attempting to obtain financial information by means of a fake website that looks like the real one for your bank, credit card company, or other legitimate company.  Never provide personal financial information online except through a secure connection to a legitimate site.
  9. Never open suspect e-mails or attachments.  Never click on suspicious links in e-mails or on websites.
  10. Use up-to-date firewalls, anti-spyware, and virus protection.  Don’t use obvious passwords and change passwords often.

Step Five:  If you need more information about Identity Theft, see the FTC website:  http://www.ftc.gov/bcp/conline/pubs/credit/idtheft.htm

Step Six:  Happy New Year!
__________
Ann Graham teaches Banking Law, Commercial Law, Corporate Governance, and Business Analysis for Lawyers at the Texas Tech University School of Law.  She also writes a Blog on Banking Law, financial issues and the economy in general:     http://lawprofessors.typepad.com/banking/

(ag) Dec. 29, 2006, in Identity Theft

December 29, 2006 in Identity Theft | Permalink | Comments (0) | TrackBack

December 11, 2006

Identity Theft - Extensive Consumer Info

Advising clients -- or just preparing your New Year's Resolutions in advance?  The FTC website has extensive materials on identity theft.  Even those of us who know this stuff need to actually take the prescribed protective steps.  "Take Charge:  Fighting Back Against Identity Theft" Link:  http://www.ftc.gov/bcp/conline/pubs/credit/idtheft.htm

(ag) Dec. 11, 2006, in Identity Theft

December 11, 2006 in Identity Theft | Permalink | Comments (0) | TrackBack

October 06, 2006

Identity Theft Assistance Center

Itac_1 Concerned about identity theft?  Who isn't?

The costs and complications of identity theft continue to be a serious concern both for consumers and for financial institutions.  The Financial Services Roundtable was instrumental in the formation of the Identity Theft Assistance Center, "a cooperative initiative of the financial services industry to address and reduce the human and economic consequences of fraud and identity theft."  Since Sept. 2004, ITAC has helped more than 9,000 victims regain their financial identities.

Link to ITAC website:  http://www.identitytheftassistance.org/

(ag) October 7, 2006, in Identity Theft

October 6, 2006 in Identity Theft | Permalink | Comments (0) | TrackBack