Identity theft. It is a crime about information and in the information age, identity theft is becoming the fastest growing form of consumer fraud in North America. The crime is identified when a person assumes another individual’s identity using personal information (eg: name, date of birth, address, credit card, social insurance number and other identification). This information is then used to steal money from existing accounts, open other financial accounts, make purchases, or even obtain employment.
According to Phonebusters, an anti-fraud call centre run by the RCMP Commercial Crime Unit, there were over 17,700 consumer victims in Canada in 2004, resulting in more than $38.5 million in losses. By 2006, Phonebusters reported only 12,165 victims of fraud and identity theft but losses jumped to well over $43 million.
That same year, the U.S. reported over $50 million in losses due to identity theft and fraud.
For most advisors, the dangers of fraud and identity theft are well known. Paper shredders are used to deal with sensitive files, servers are password-protected, and data is encrypted for added security. Yet, identity theft is not always about obtaining all the information in the most obvious manner.
“Identity thieves are creative,” says Graham McWaters, co-author of a new book, The Canadian Guide to Protecting Yourself from Identity Theft and Other Fraud. “Based on my research, people are embarrassed [when realizing they are a victim] and don’t like sharing this fact with other people, even family members. As a result 90% of identity theft and consumer fraud does not get reported.”
Not all the methods for obtaining personalized information, then, are well known to either consumers or service professionals, like financial advisors.
Even if an advisor implements all the necessary tools — shredder, off-site server, encrypted data, locked-down office with alarms — enterprising identity thieves can still obtain enough information to track down and steal a client’s identity.
Consider this scenario: your administrator tosses the client list that was made to send annual holiday cards. Since it was only a list of names, the document was tossed, rather than shredded. An enterprising fraudster found the list, searched the Internet and then called each client, under the pretense that some basic information, such as social insurance number or date of birth, had accidentally been deleted from their files at your office. The client is asked, and complies to faxing over the pertinent information. Before they notice the deception, the client would have given up sensitive information to a fraudster who racked up huge debt or emptied their accounts.
“Due to the sensitive nature of their materials, firms and professionals in health care or financial services are prime targets for identity thieves,” says McWaters, who adds that there are some simple, but effective, methods for ensuring the safety of client information.
• Using a cross-cut or confetti shredder (“With strip shredders identity thieves can put all the pieces back together.”) or using a professional shredding service.• Back everything up electronically and then use encryption and, where possible, an off-site server.
• Have a lock-down policy in your office — computers password-protected, lock all doors.
• For advisors with older clients, make sure you have a Power of Attorney on file (and meet with the individual designated with this responsibility).
• Remind clients that you will never ask for sensitive or confidential information over the phone or through fax or email.
• And advise clients that passwords to any important accounts, including bank cards, accounts, online brokers, etc. need to be hard to guess (McWaters suggests using acronyms — using the first letter of every word in an easy for you to remember sentence.).
McWaters also reminds advisors that RRSP and tax season is prime-time for would-be fraudsters.
“Financial statements are all sent through the mail, as are T4 slips, asset slips, insurance policies and other personal information,” says McWaters. “Purchasing a locking mailbox or removing the mail as soon as it arrives helps cut down on the potential breach of confidential information.”
Advisors also need to be aware of unusual requests.
“Studies show that fraud and identity theft of seniors occurs more with the people that know and care for them, than with strangers,” explains McWaters.
Legally advisors can do little, but by sounding a warning, the advisor could deter would-be fraudsters, says McWaters. Planners, then, are advised to call face-to-face meetings with their clients, should unusual requests be made. Advisors can also alert the client’s lawyer, accountant, bank and even the police about the potential of fraudulent activity.
If identity theft is suspected, the advisor can offer their clients the contact information to the three credit bureaus operating in Canada. “By calling the credit bureaus a client can have a fraud alert put on their file. That fraud alert means that no bank account, credit card, or any other transaction can be completed without proper notification and approval from the client.” The three credit bureaus are: Equifax, TransUnion and Experian.
Finally, clients should check bank statements and credit card purchases weekly, says McWaters, and report anything that looks unusual.
Originally published in Advisor’s Edge Report in February 2008