Click Cover to Read Digital Edition



Shared Servicing & Outsourcing
Feb. 23-24
San Francisco
ABA Mutual Community Bank Conference
March 1-5
Gaylord Palms Resort
ABA Mutual Community Bank Conference
March 22 & 23
Marriott Marquis
Washington, D.C.
Card Forum & Expo
April 8-10
More events >  

<- Back

Share |

Print Friendly and PDF

Bank on ID Theft Protection

By: Bryan Ansley

As of January 2008, new Federal Reserve Board rules for identity theft protection go into effect. Bankers have until November 2008 to bring their institutions into compliance.

Those who fail to put adequate safeguards in place will find identity theft and other online fraud transformed from a public relations problem into a more serious, potentially costly, compliance matter.

One banking group in the Rocky Mountain region is ahead of the curve. American National Bank in Denver started offering a comprehensive identity theft prevention solution to depositors long before the Fed made it mandatory.

ANB’s Situation

American National Bank has $2 billion in assets, and 33 community branches in Wyoming and Colorado. Products and services include personal and business checking accounts, savings accounts, loans, mortgages and investment management.

In 2006, ANB wanted to better differentiate its offerings in an increasingly homogenous marketplace. In light of ID theft’s growing threat, management determined that offering an identity theft protection service would be one way to set it apart from competitors.

The bank found an ID protection vendor who could brand a solution specifically for ANB. But though the vendor’s solution looked good on paper, in practice its customer penetration reached just 0.4 percent. In addition, the program didn’t give the bank public relations traction in the community or attract new customers.

Adoption of the program was lackluster. But the reasons for this deficiency became lessons that ANB used to develop a successful, profitable program. For example, the initial program offered a limited recovery plan. If a customer’s identity was stolen, the plan paid a cash benefit, but left the identity and financial recovery up to the victim.

The benefit itself, a maximum $2,500 reimbursement, was too low. The $250 deductible was too high. Moreover, the program did not offer personal assistance to victims. All communications were on paper or online. Lastly, the program had no consumer education or other proactive, preventative components.


ANB went back to the drawing board, eventually partnering with Secure Identity Systems of Brentwood, Tenn. Bank management believed the firm’s four-prong approach to fighting ID fraud — which includes total identity monitoring, fully managed recovery, expense reimbursement insurance and education — best addressed customer needs, aligned with bank goals and closed gaps the bank found in its earlier implementation.

Here’s how the Secure Identity Systems program is now working.

Developing and implementing the solution took 90 days. Enrollees signed up in branches, at seminars, online, or through a call center simply by providing their name, address, Social Security number and date of birth in a secure data transfer.


Over 60,000 customers are covered by ANB’s identity theft protection program since its launch. The program has accomplished all of ANB’s goals, differentiating the bank in local markets, providing customers with strong ID protection, and generating recurring non-interest income through a 30 percent revenue share of all solution upgrades.

Secure Identity Systems’ solution has also helped ANB strengthen its position as a community leader. The program demonstrates the bank’s commitment to security and customer protection, and shows its leaders are ahead of the curve in adopting the latest measure to protect depositors.

In addition, ANB is better insulated against potential public backlash in the event of a data breach. The bank can point to its ID recovery program with confidence, knowing how well victims are served and protected, with full recovery of identities and financial losses.

With a complete, customer-focused system in place, ANB is prepared to handle any identity theft crisis, while simultaneously providing higher service levels to depositors. Other banks can take a page from ANB’s playbook, and do more than simply comply with the new Fed regulations. They can catalyze innovative services that go further to drive revenue, deter crime and strengthen the bank’s community standing.

Bryan Ansley is the president and CEO of Secure Identity Systems. For more information, visit

What Happens to a Stolen Identity?

Fraudsters engaged in organized misuse of breached identity data tended to cycle through the data quickly, according to a study by ID Analytics of more than 10 million identities spanning more than a dozen data breaches. Fraudsters would misuse a breached identity for no more than two weeks before moving onto the next identity.

The study also found that fraudsters tended to link the breached personal data to a limited set of new phone numbers and addresses, meaning they worked to associate these identities with particular phone numbers for verification purposes and with addresses where they could receive credit cards, wireless phones or other merchandise ordered using the breached identity data.

There was no evidence that fraudsters misusing breached data were selling the data broadly or distributing it over the Internet in the study. According to ID Analytics, this finding is significant because one of the greatest potential risks of data breaches is the broad dissemination of personal information to others with criminal intent.

In two of the five cases of organized misuse, the breach perpetrator was an employee who stole data from an employer. In both cases, the resulting misuse was linked to identities geographically close to the site of the employee theft. ID Analytics believes these findings show new insights into the workings of internal data theft, particularly how fraudsters may favor those identities that represent easier access to physical addresses where the perpetrator could receive or intercept credit cards, stolen goods and bank statements.

Finally, the study found that smaller breaches of identity data had a higher misuse rate than larger breaches. Misuse of personal data ranged from one in 200 identities for breaches of fewer than 5,000 individuals to a misuse rate of less than one in 10,000 for breaches of more than 100,000 individuals.

Bryan Ansley is the president and CEO of Secure Identity Systems. For more information, visit

Copyright © January-February 2008 Western Banking (BankNews Publications)