|
|
ONLINE FEATURES
Book Reviews
BW Video
Columnists
Interactive Gallery
Newsletters
Past Covers
Philanthropy
Podcasts
Special Reports
BLOGS
Auto Beat
Bangalore Tigers
Blogspotting
Brand New Day
Byte of the Apple
Economics Unbound
Eye on Asia
Fine On Media
Green Biz
Hot Property
Investing Insights
Management IQ
NEXT: Innovation
NussbaumOnDesign
Tech Beat
Working Parents
TECHNOLOGY
J.D. Power Ratings
Product Reviews
Tech Stats
Wildstrom: Tech Maven
AUTOS
Home Page
Auto Reviews
Classic Cars
Car Care & Safety
Hybrids
INNOVATION
& DESIGN Home Page Architecture Brand Equity Auto Design Game Room SMALLBIZ Smart Answers Success Stories Today's Tip INVESTING Investing: Europe Annual Reports BW 50 S&P Picks & Pans Stock Screeners Free S&P Stock Report SCOREBOARDS Hot Growth 100 Mutual Funds Info Tech 100 S&P 500 B-SCHOOLS Undergrad Programs MBA Blogs MBA Profiles MBA Rankings Who's Hiring Grads | |
JULY 16, 2002 SECURITY NET By Alex Salkever Terrorists Take Slack Security to the Bank Opening accounts with bogus Social Security numbers is far too easy. Only stiff penalties will make financial institutions more vigilant
The banks seem to have demonstrated precious little concern that anything was amiss. Yet, the accounts allowed the terrorists to move hundreds of thousands of dollars undetected. SIMPLE CHECKS. It's very easy to say "there oughta be a law" in a time of heightened national security. But this is one case where a new legislation is very much in order. Banks and financial institutions -- largely exempt from liability under existing law -- should be held financially liable for breaches in their customer-screening policies. No, I don't mean a slap on the wrist. I mean hit the banks and credit-card companies with heavy penalties for not cross-checking to ensure that people opening accounts are who they claim to be, not crooks and terrorists. Make it worth the banks' corporate while to get the information right in the first place. What's the harm of letting someone open a bank account with fake information? The September 11 massacres may have been funded, in part, by cash funneled through these accounts. But such fraud was going on long before last fall. TELLTALE SIGNS. Tens of thousands of Americans have been the target of identity theft, where massive debts have been run up in their names on phony accounts. In such cases, a person's credit can be ruined for years by what amounts to the economic equivalent of a drive-by shooting. Greater vigilance by financial institutions not only serves a national-security purpose but also an economic-security purpose. Really, checking someone's identity against the truth isn't that hard to do. First, banks should be required to verify that the stated Social Security number actually exists. That alone would have tripped up the al Qaeda members when they were trying to open U.S. bank accounts. Second, banks should be required to pull a credit report on every individual seeking to open a account, and they should use it to make sure that nothing is amiss. A big tip-off of malfeasance, for example, would be a recent change of address followed by a rash of account openings. That can be a sign of fraudsters who hijack credit-card bills, change the address of the statements, and then assume the identity of the rightful cardholder. QUESTIONABLE APPLICANTS. Furthermore, banks should be required to ask a few simple questions of an applicant, questions that can be verified against a credit report. What was the person's last address -- and the one before that? Who holds the mortgage on the property? How many credit cards does the applicant have? The only way a terrorist or scam artist could know that information would be by pulling a credit report, something that can and does happen. But it obtaining such records requires a higher level of sophistication, so even those simple questions would trip up many fraudsters. Banks and credit-card outfits also should be required to later contact the person listed on the credit report to verify the absence of fraud. An account representative at a conscientious financial institution might be surprised to find that, no, Mr. Smith hadn't applied for a new credit card. Better still, send a letter to both their old and new addresses. At least that gives the customer the chance to intervene and stop the damage before it spins out of control (see BW Online, 1/8/02, "How E-Mail Could Foil Fraudsters"). True, some banks have already adopted very good antifraud policies and screen applicants closely, checking all their information. But these steps need to be mandated by law. UNWITTING ALLY. Clearly, there are financial institutions that still don't live up to their responsibilities. The reason is very simple: Penalties for failure to perform due diligence are minimal. At worst, a bank or credit card is defrauded out of monies. In the case of plastic, merchants take the loss -- not the card issuers. For bank execs, a new account is a new customer. As the al Qaeda hijackers found out, banks that aren't diligent are among a terrorist's best friends. Ditto for those seeking to steal identities. The buck should stop with the banks and credit-card companies. An ounce of prevention, folks, is worth a pound of national security.  Salkever is Technology editor for BusinessWeek Online and covers computer security issues weekly in his Security Net column Edited by Douglas Harbrecht Get BusinessWeek directly on your desktop with our RSS feeds.  Add BusinessWeek news to your Web site with our headline feed. Click to buy an e-print or reprint of a BusinessWeek or BusinessWeek Online story or video. To subscribe online to BusinessWeek magazine, please click here. Learn more, go to the BusinessWeekOnline home page  | | JULY |
 Copyright 2002, by The McGraw-Hill Companies Inc. All rights reserved.Terms of Use | Privacy Policy |
Printer-Friendly Version
