Fraud has moved past the concept of identity theft. As Notre Dame Federal Credit Union recently found out, financial institutions are not just fighting crime based on stolen identities. Fraud is being committed in the name of people who never existed in the first place. It’s called synthetic identity fraud or Frankenstein fraud when identities are invented for the sole purpose of using them for fraudulently applying for anything from credit to car loans.
Notre Dame Federal Credit Union does not appear to have been negligent. They reviewed the application, performed background checks and authenticated the applicant’s credit score. The company realised something was wrong only when a group of borrowers suddenly stopped making payments. By the time the credit union had realised what was going on, it had already lost $200,000.
The Federal Reserve estimates that 80% to 90% of synthetic identity fraud is written off as normal credit losses and so are under-reported because most small and medium banks don’t believe they’re victims of it.
Real-life instances such as this are a wake-up call that should remind all financial institutions that fraud is a constantly evolving phenomenon. Regulation and anti-fraud rules will eventually catch up. However the payment networks and cybersecurity service providers should urgently look into creating fraud prevention mechanisms that go beyond current regulations to protect financial institutions from today’s threats rather than those of yesterday.