Newsroom

August 22, 2018

NAFCU urges SSA to watch reg burden, adopt self-certification to reduce ID fraud

data securityNAFCU yesterday urged the Social Security Administration (SSA) to not add to credit unions' compliance burdens as it works to implement a provision contained in the Economic Growth, Regulatory Relief, and Consumer Protection Act (S. 2155) that is aimed at reducing synthetic identity fraud.

Synthetic identity fraud is a technique used by some identity thieves in which they apply for credit using some accurate information of an existing person mixed with false information – creating a "synthetic identity." This particular provision in S. 2155 directs the SSA to allow certain financial institutions to receive customers' consent by electronic signature – as opposed to the currently required physical written signature – to verify their name, birth date and Social Security Number. The provision also mandates that the SSA modify databases and systems to allow for the financial institutions to electronically request and receive verification of data.

In his letter to SSA Acting Commissioner Nancy Berryhill, NAFCU President and CEO Dan Berger strongly encourages the SSA to adopt a process of self-certification of compliance in order for a "permitted entity" to begin using this database. He further urged the SSA to work with the NCUA to ensure that implementation of this synthetic identity fraud provision does not create additional regulatory burdens for credit unions.

He reiterated that NAFCU supports the intent of this provision, but is "strongly opposed to any duplicative compliance requirements for its credit union members."

NAFCU earlier this month discussed this provision during a meeting at the U.S. Chamber of Commerce.