Responding to Members’ Fears About Data Breach & ID Theft

by Jim McCabe

Over the last year, the number of high-profile data breach events has escalated.  Companies ranging from Target, eBay, and AT&T, to Marriott, Hilton, Coca Cola, PF Chang’s, and others, have been effected by data breaches, so it is not surprising to learn that consumers – some of whom include your individual credit union members – are fearing for the worst.

A recent LA Times article reported on how consumers are feeling the stress of data breach events, and are experiencing a growing fear of becoming a victim of identity theft.  A growing level of both  stress and fear has resulted in a significant increase of credit monitoring orders that are going to “credit monitoring” companies such as Experian, TransUnion and Equifax, along with numerous identity theft solution providers.

And while credit monitoring service companies have grown exponentially, the number of identity theft victims has grown even more, with 13.1 million identity theft victims in 2013 according to the Javelin Strategy and Research “2014 Identity Fraud Report.”

That said, credit monitoring services offer a false sense of security for consumers, including credit union members, as they believe these monitoring services will prevent identity theft.  Based on the 2014 Federal Trade Commission (FTC) Consumer Sentinel annual report, about three-quarters of identity theft is non-financial – where stolen identities are used for passports, jobs, driver’s licenses, and government benefits fraud.

This indicates that individual identity theft events are taking place before any credit bureau monitoring service are “alerting” individual consumers of fraudulent transactions.

So what is the answer?  First, individual consumers need to understand that a credit monitoring alert is comparable to a “smoke alarm” for consumers who are most likely a victim of identity theft.  Credit monitoring basically lets you know that the identity theft criminals have your information. While an “alert” may help reduce the impact of your initial identity theft event, the thieves have access to the data that they have taken forever.

As the saying goes “where there is smoke there is fire” and when you receive an alert you need to put out the fire – and the fact is that alerts do not put out the fire.  When this happens, individual consumers – your credit union members – are at risk of becoming dissatisfied members.

Instead, your credit union members need access to a “fire extinguisher” to put out the flames of an identity theft event — NOT just a smoke alarm.  In addition, the “fire extinguisher” needs to be capable of putting out any and all kinds of fires or identity theft events, such as non-financial and taxpayer identity theft and fraud.

This approach of taking care of your individual credit union members with a fire extinguisher is known in the identity theft industry as a fully managed recovery solution.

Fully managed recovery means a professionally trained and certified, FCRA (Fair Credit Reporting ACT), FACTA (Fair and Accurate Credit Transaction Act), CITRIMS (Certified Identity Theft Risk Management Specialist), and licensed private investigator will work on your behalf to perform all of the tasks necessary to restore your identity, through the use of a limited power of attorney.

The work of your dedicated and certified Recovery Advocate includes completing and filing forms, performing research and contacting all companies, agencies and financial institutions necessary to ensure that any and all fraudulent activity that has been identified, and your individual credit union member is returned to pre-identity theft event status.

Finally, all fully managed recovery solution providers are not created equal.  Both credit unions and individual credit union members need to review the “terms and conditions” of the fully managed recovery solution provider.

What are the differences in terms and conditions? A comprehensive, fully managed recovery solution includes many common occurrences that others exclude in the fine print, such as the date of fraud discovery, unknown events prior to plan’s effective date, all 3 generations in a household, family fraud, acts of terrorism, domestic partners, and self-employed persons.

Credit unions need to understand that the majority of ID theft and fraud is happening outside their walls, and that a percentage of their members are already paying another company for some type of ID Theft service and credit monitoring.

Smoke alarms in the form of monitoring services cannot prevent the devastation of a “fire.”  Credit unions need to implement a member strategy that includes fully managed recovery services, to ensure their members are protected from the stress and fear of identity theft. By incorporating these services, credit unions will also have an opportunity to generate new and recurring revenue.

About the Author

Jim McCabe
Jim McCabe is the Senior Vice President, Identity Theft Services, for Vero, a CU Direct company