Keeping customers after a complaint

We haven't got time for the pain: Fraud and identity theft in the mortgage industryJay Meadows and Ray Pettafraud, identity theft, predatory lending, virgin data, pre-funding tool Do you know with whom you are doing business? The U.S. government now places more responsibility than ever on financial institutions to know their borrowers and customers. The current focus on fraud, identity theft and predatory lending has been driven by reactionary government regulations as well as large fraud losses. In some ways, this focus has benefited the mortgage industry and caused the creation of fraud prevention tools to help alleviate the pain in an environment with an ever-growing fraud problem. Regardless of how you view the current regulations, the fact remains that fraud is real and must be stopped at its root. Identity checks, once compliance mandates, are now increasingly being viewed as simply good business sense. Regulations aside, a thorough understanding of how private consumer information breaches are affecting the mortgage industry, as well as realizing the impact of fraud prevention tools and the use of consumer data, has become unavoidable for all industry players. With recent reports such as the FBI's May 2005 Financial Crimes Report announcing that mortgage fraud statistics doubled from 2003 to 2004, the role of fraud prevention tools at the pre-funding stage will only increase in importance. As reported in the April 2005 study by the Aite Group, "ID Verification: In Quest of a New Paradigm," the United States ranks as the most vulnerable to identity theft. Statistics indicate that identity theft occurs seven times more frequently in the United States than in other developed countries. The Aite Group suggests that the identity theft conundrum is largely tied to businesses' and financial institutions' reliance on tradable consumer data, commenting, "Financial institutions' use of credit bureaus and information brokers is a built-in incentive for criminals to steal data from those providers." To reduce the current level of identity theft, the Aite Group continues, "Financial institutions need to shift the ID verification paradigmrely less on credit bureaus and information brokers, and rely more on third parties whose core business is fraud management and ID verification, and who do not trade consumer data. Given the fact that a majority of the current stream of mortgage fraud involves at least one insider, the use of a third party is essential to the insulation of the data being obtained. In the meantime, since ID verification is a cross-industry phenomenon, financial institutions should encourage their vendors to expand across product lines and across industries." While the full reach of identity theft within the mortgage industry is difficult to quantify, both professionals and law enforcement officials agree it is significant. Most statistics are not mortgage industry specific; instead, they target consumer credit card or financial account issues. Even so, identity theft is the fastest growing segment in the fraud arena. Consider these reports from the 2003 Federal Trade Commission Top 10 Fraud Complaints: •Approximately 680,000 people became victims of identity theft in the 12 months prior to July 2002, breaking down to 1,863 per day, 77 per hour and 1.29 per minute. •By July 2003, approximately seven million people became victims of identity theft in the prior 12 months. That equals 19,178 per day, 799 per hour and 13.3 per minute. •The FTC estimates the number of identity theft victims could be as high as 10 million annually. Thus, mortgage lenders can anticipate receiving their share of identity fraud. •The FBI reported that through the first nine months of 2004, mortgage companies and banks reported more than 12,100 instances of suspicious activity, compared to 4,220 in 2001, a 288 percent increase. As lenders typically report only a fraction of the suspicious activity they identify, we can estimate the number of unreported cases are rising at a rate similar to that of reported cases. •Data collected by MortgageFraud.org, encompassing FBI and U.S. Department of Justice press releases plus a large number of newspaper and Internet articles, revealed that of the 584 mortgage fraud-related convictions and indictments discovered, one in eight involved some form of identity theft. Considering the aforementioned reports, what can the mortgage industry do? Consumer data, when used properly, can be an effective instrument for stopping fraud. But data comes from two different "sources": harvested, or self-confessed, and virgin, or authenticated. Credit reporting agencies process harvested data, which is information provided by the borrower at the time he or she seeks to open a trade line. Since the information source is the individual, credit reporting agencies are dependent on the integrity of the individual. Most data appearing on credit reports, driver's licenses, mortgage records and bank account applications is supplied by the individual, and may or may not be accurate. Virgin data, however, is information about an individual obtained from public or quasi-public sources, such as the Social Security Administration (SSA), Internal Revenue Service (IRS) or a state Department of Vital Statistics. Authenticated data includes birth certificates, Social Security card information supplied by the SSA, tax information supplied by the IRS and early school records. Because the source of authenticated data is not the individual, it is considered to be more reliable than harvested data. In the past, the financial industry has relied on harvested data such as credit sources for identity verification because it was the only data available. As we can see, this policy is not curbing the appetite for fraud. It should be emphasized that the use of harvested data, without the inclusion of virgin data, could be more harmful than good, as the creative criminal can easily manipulate harvested data with the opening of a simple credit card account. Virgin data is effective alone, as the very nature of this data removes the criminal's ability to use the data in his or her favor. The exclusive use of harvested data subjects the lender to maximum risk, while using both data types in a conjunctive effort accentuates and magnifies each othervirgin data allows harvested data to become more useful. For example, an identity check using the combination of virgin data sources such as the SSA, the government's Death Master list, the U.S. Treasury Department's Office of Foreign Assets Control and harvested credit header information (which provide additional names, previous addresses, and the validity of the Social Security number) can be extremely effective for spotlighting fraud. Statistical data obtained from the Rapid Reporting Verification Company on the incidence when the borrower-provided data did not match the data within the SSA database provided the following results: A sampling of 282,144 transactions submitted to Rapid Reporting by clients revealed: •136,880 (48.51 percent) requested SSA authentication •6,077 (4.43 percent) No Match from SSA (input errors not included) •896 (.65 percent) SSA Death Master hits •6,973 (5.1 percent) Total Negative Hits of sample processing SSA authentication This report suggests that 5.1 percent of all applicants are not who they say they are. Thus, fraud tools that incorporate a focus on authenticating data against databases that cannot be manipulated, such as the SSA and the IRS, are a definitive way to locate and try to stop fraud before it starts. Lenders can say they know their brokers or that fraud only happens in other shops, but the reality is that if lenders do not look, they will not find their fraud. Previously, lenders would audit a random sampling of a designated percentage of closed loans as part of their quality control process. But fraud detection is being, and should continue to be, pushed closer to the point-of-sale. When the IRS committed to turning around the 4506 (tax transcript request) within a 24-hour period, for example, income verification became utilized as a pre-funding tool. The SSA has provided another powerful pre-funding tool by allowing the authentication of the borrower's Social Security number. By embedding fraud detection tools up front, such tools are no longer viewed as an impediment; instead, they are speeding up and increasing the effectiveness of the underwriting process and allowing cost savings to be passed on to the borrower. Insurance companies are also starting to recognize the effectiveness of pre-funding tools and are reducing premiums on loans that contain identity and income verification. Additionally, the use of pre-funding tools adds value to the portfolio and can enable a better rate in the secondary market. Identifying fraud before the loan is funded reduces risk and also prevents underwriting resources from being wasted on "bad loans," while acting as a deterrent for criminals looking for the path of least resistance. The use of virgin data is proven to catch and reduce fraud at inception. Consider a comparison to killing fire ants: Harvested data merely sends the criminal from one shop to another, in a similar way that some ant poisons merely cause the ants to relocate from one side of the fence to the other. But if we employ harvested and virgin data in combination, we are able to kill the ants at the queen. Hence, we are able to halt fraud and prevent it from spreading. Since the statistics are real and the losses are mounting, it is time for the mortgage industry to take a proactive stance. If we know that 19,178 identities are being stolen per day, if we know that 13 identities are being stolen every minute, it is naïve to believe that none of these people are trying to fund mortgages. The question is, then, why wait for the pain of fraud losses? Why continue to allow fraud when the antidote exists? With the use of virgin and harvested data in a pre-funding tool, solutions are available. It's time to "kill the queen"let's prevent fraud from spreading instead of causing it to relocate. Jay Meadows is co-owner, chief executive officer and president of Rapid Reporting. Ray Petta is co-owner and chief operating officer. They can both be reached at (888) 749-4411, or e-mail [email protected] or [email protected].