§ 32.57 SOURCES AND TYPES OF RED FLAGS.
   All employees responsible for or involved in the process of opening a covered account, restoring a covered account, or accepting payment for a covered account shall check for red flags as indicators of possible identity theft. Such red flags shall include, but not be limited to:
   (A)   Alerts from consumer reporting agencies, fraud detection agencies or service providers. Examples of such alerts are:
      (1)   A fraud or active duty alert that is included with a consumer report;
      (2)   A notice of credit freeze in response to a request for a consumer report;
      (3)   A notice of address discrepancy provided by a consumer reporting agency; and
      (4)   Indications of a pattern of activity in a consumer report that is inconsistent with the history and usual pattern of activity of an applicant or customer, such as:
         (a)   A recent and significant increase in the volume of inquiries;
         (b)   An unusual number of recently established credit relationships;
         (c)   A material change in the use of credit, especially with respect to recently established credit relationships; or
         (d)   An account that was closed for cause or identified for abuse of account privileges by a financial institution or creditor.
   (B)   Suspicious documents. Examples of suspicious documents include:
      (1)   Documents provided for identification that appear to be altered or forged;
      (2)   Identification on which the photograph or physical description is inconsistent with the appearance of the applicant or customer;
      (3)   Identification on which the information is inconsistent with information provided by the applicant or customer;
      (4)   Identification on which the information is inconsistent with readily accessible information that is on file, such as a signature card or a recent check; or
      (5)   An application that appears to have been altered or forged, or appears to have been destroyed and reassembled.
   (C)   Suspicious personal identifying information. Examples include:
      (1)   Personal identifying information that is inconsistent with external information sources used by the financial institution or creditor. For example:
         (a)   The address does not match any address in the consumer report; or
         (b)   The Social Security Number (SSN) has not been issued, or is listed on the Social Security Administration’s Death Master File;
      (2)   Personal identifying information provided by the customer is not consistent with other personal identifying information provided by the customer, such as a lack of correlation between the SSN range and date of birth;
      (3)   Personal identifying information or a phone number or address, is associated with known fraudulent applications or activities as indicated by internal or third-party sources used by the financial institution or creditor;
      (4)   Other information provided, such as fictitious mailing address, mail drop addresses, jail addresses, invalid phone numbers, pager numbers or answering services, is associated with fraudulent activity;
      (5)   The SSN provided is the same as that submitted by other applicants or customers;
      (6)   The address or telephone number provided is the same or similar to the account number or telephone number submitted by an unusually large number of applicants or customers;
      (7)   The applicant or customer fails to provide all required personal identifying information on an application or in response to notification that the application is incomplete;
      (8)   Personal identifying information is not consistent with personal identifying information that is on file with the financial institution or creditor; and/or
      (9)   The applicant or customer cannot provide authenticating information beyond that which generally would be available from a wallet or consumer report.
   (D)   Unusual use of or suspicious activity relating to a covered account. Examples include:
      (1)   Shortly following the notice of a change of address for an account, there is a request for the addition of authorized users on the account;
      (2)   A new revolving credit account is used in a manner commonly associated with known patterns of fraud patterns, such as where the customer fails to make the first payment or makes an initial payment but no subsequent payments;
      (3)   An account is used in a manner that is not consistent with established patterns of activity on the account, such as:
         (a)   Nonpayment when there is no history of late or missed payments; and/or
         (b)   A material change in purchasing or spending patterns;
      (4)   An account that has been inactive for a long period of time is used;
      (5)   Mail sent to the customer is returned repeatedly as undeliverable although transactions continue to be conducted in connection with the customer’s account;
      (6)   The Town of Darlington Utilities is notified that the customer is not receiving paper account statements;
      (7)   The Town of Darlington Utilities is notified of unauthorized charges or transactions in connection with a customer’s account; and/or
      (8)   The Town of Darlington Utilities is notified by a customer, law enforcement or another person that it has opened a fraudulent account for a person engaged in identity theft.
   (E)   Notice from customers, law enforcement, victims or other reliable sources regarding possible identity theft or phishing relating to covered accounts.
(Ord. 04-20-2009, passed 4-20-2009)