All employees responsible for or involved in the process of opening a covered account, restoring a covered account, or accepting payment for a covered account shall check for red flags as indicators of possible identity theft. Such red flags shall include, but not be limited to:
(A) Alerts from consumer reporting agencies, fraud detection agencies or service providers. Examples of such alerts are:
(1) A fraud or active duty alert that is included with a consumer report;
(2) A notice of credit freeze in response to a request for a consumer report;
(3) A notice of address discrepancy provided by a consumer reporting agency; and
(4) Indications of a pattern of activity in a consumer report that is inconsistent with the history and usual pattern of activity of an applicant or customer, such as:
(a) A recent and significant increase in the volume of inquiries;
(b) An unusual number of recently established credit relationships;
(c) A material change in the use of credit, especially with respect to recently established credit relationships; or
(d) An account that was closed for cause or identified for abuse of account privileges by a financial institution or creditor.
(B) Suspicious documents. Examples of suspicious documents include:
(1) Documents provided for identification that appear to be altered or forged;
(2) Identification on which the photograph or physical description is inconsistent with the appearance of the applicant or customer;
(3) Identification on which the information is inconsistent with information provided by the applicant or customer;
(4) Identification on which the information is inconsistent with readily accessible information that is on file, such as a signature card or a recent check; or
(5) An application that appears to have been altered or forged, or appears to have been destroyed and reassembled.
(C) Suspicious personal identifying information. Examples include:
(1) Personal identifying information that is inconsistent with external information sources used by the financial institution or creditor. For example:
(a) The address does not match any address in the consumer report; or
(b) The Social Security Number (SSN) has not been issued, or is listed on the Social Security Administration’s Death Master File;
(2) Personal identifying information provided by the customer is not consistent with other personal identifying information provided by the customer, such as a lack of correlation between the SSN range and date of birth;
(3) Personal identifying information or a phone number or address, is associated with known fraudulent applications or activities as indicated by internal or third-party sources used by the financial institution or creditor;
(4) Other information provided, such as fictitious mailing address, mail drop addresses, jail addresses, invalid phone numbers, pager numbers or answering services, is associated with fraudulent activity;
(5) The SSN provided is the same as that submitted by other applicants or customers;
(6) The address or telephone number provided is the same or similar to the account number or telephone number submitted by an unusually large number of applicants or customers;
(7) The applicant or customer fails to provide all required personal identifying information on an application or in response to notification that the application is incomplete;
(8) Personal identifying information is not consistent with personal identifying information that is on file with the financial institution or creditor; and/or
(9) The applicant or customer cannot provide authenticating information beyond that which generally would be available from a wallet or consumer report.
(D) Unusual use of or suspicious activity relating to a covered account. Examples include:
(1) Shortly following the notice of a change of address for an account, there is a request for the addition of authorized users on the account;
(2) A new revolving credit account is used in a manner commonly associated with known patterns of fraud patterns, such as where the customer fails to make the first payment or makes an initial payment but no subsequent payments;
(3) An account is used in a manner that is not consistent with established patterns of activity on the account, such as:
(a) Nonpayment when there is no history of late or missed payments; and/or
(b) A material change in purchasing or spending patterns;
(4) An account that has been inactive for a long period of time is used;
(5) Mail sent to the customer is returned repeatedly as undeliverable although transactions continue to be conducted in connection with the customer’s account;
(6) The Town of Darlington Utilities is notified that the customer is not receiving paper account statements;
(7) The Town of Darlington Utilities is notified of unauthorized charges or transactions in connection with a customer’s account; and/or
(8) The Town of Darlington Utilities is notified by a customer, law enforcement or another person that it has opened a fraudulent account for a person engaged in identity theft.
(E) Notice from customers, law enforcement, victims or other reliable sources regarding possible identity theft or phishing relating to covered accounts.
(Ord. 04-20-2009, passed 4-20-2009)