Combating Identity Theft Requires Strong Internal Safeguards

Reducing exposure to fraud and identity theft requires innovative technologies, sound internal processes and member education and cooperation. Without those elements in place, credits unions are susceptible to identity theft, and the $50 - $60 billion in losses it results in each year.


Identity theft results in $50-$60 billion in losses annually, according to the Federal Trade Commission (FTC). The rise of public fear of identity theft and increasing fraud mean that credit unions need to take preventative measures for institutional security.

Security threats are both internal and external. The FTC estimates that 6 percent of fraud originates from someone within a company or financial institution that had access to the victim's personal information. Mailings containing sensitive member information could be compromised internally before they are ever sent.

A recent case involving stolen credit union member information from a large California marketing firm illustrates an important point: information security safeguards are only as strong as the weakest link within a credit union and its network of business partners.

Another problem is member reliance upon paper statements. While consumers detect half of all unauthorized activity themselves, it typically takes between six and 36 days to detect fraudulent activity in paper statements.

The industry best practices to limit identity theft include:

  • Encouraging members to adopt e-statements and monitor their accounts regularly
  • Designing internal safeguards to limit employee access to sensitive data
  • Demanding marketing partners and subcontractors maintain high commitments to data security

Effects of Financial Privacy Legislation on the Credit Union Industry
The public's perception of reckless data-security measures within companies and financial organizations has drawn criticism from government regulators. Just last July, U.S. District Courts upheld the California Financial Privacy Act. The Senate introduced a bill that would extend to the broader American population the same protections, such as express consent to share financial data with third parties and extensive notification procedures in the event of a security breach.

"The privacy of consumers' personal data has never been less secure," said bill sponsor Diane Feinstein in response to the District ruling. "Once the nation sees the benefits that California's consumers reap from the California Financial Privacy Act, I am hopeful that we will be able to provide the same protections in federal law."

The implication of such legislation may significantly alter the way financial institutions and their partners handle personal data. While some credit unions are already doing a phenomenal job of maintaining tight internal controls, the massive rise in identity theft crimes has helped fuel a fervor in which the public is demanding that institutions employ stricter preventative measures against fraud and eliminate any unnecessary risks. The burden therefore falls heavily on credit unions to ensure that member information is protected.

Callahan's will host a Webinar entitled Preventing Online Identity Theft next week.



This sponsored content article is provided to the credit union community for shared insights and knowledge from a recognized solutions provider in the industry. Please note that the views and opinions offered here do not reflect those of Callahan & Associates, and Callahan does not endorse vendors or the solutions they offer.

If you are interested in contributing an article on, please contact our Callahan Media team at or 1-800-446-7453.


Sept. 6, 2004



No comments have been posted yet. Be the first one.