In the aftermath of the most damaging and widespread fraud event in our history, this would be an exceptionally bad time to tie government agencies’ hands in protecting citizens and preventing fraud. But unfortunately, the Consumer Financial Protection Bureau (CFPB) is contemplating a new proposed rule to do just that.
Fraud has become increasingly sophisticated, with fraud actors making use of a variety of high-tech, AI-enabled tools to monetize stolen identities — obtained readily on deep and dark web forums and replenished daily by large-scale data breaches. One of the only tools agencies have available to combat this threat is reliable data on the legitimate identity of an applicant.
But under a new CFPB proposed rule, this data would be subject to onerous requirements that would cripple agencies’ ability to uncover fraud based on identity theft.
Specifically, the CFPB has indicated that it wants to apply a law called the Fair Credit Reporting Act to “credit header data,” which provides important safeguards to consumers. It ensures, for example, that they are not unfairly penalized for information about their credit history that could be used against them without their being able to verify and correct errors in that data. This is a vital guardrail for consumer protection.
However, the CFPB proposes expanding its application to include so-called credit header data, which is used to triangulate pieces of information that indicate the existence of a stolen or synthetic identity.
Credit header data is a set of data elements about an individual that remains with the data file associated with that individual maintained by data vendors and credit bureaus. Agencies can use discrepancies in this data to spot a potential identity thief using techniques, such as “anomaly detection,” to uncover irregularities in the information you provide when applying for government loans or benefits.
For example, if the name and social security number given by an applicant are tied to another address and date of birth, this could indicate identity theft, although there might also be legitimate reasons the data doesn’t match. Agencies can suspend the application until additional information is collected to resolve the discrepancy.
Agencies must have the ability to spot patterns indicative of identity theft to combat the vast and growing fraud threat they face. Credit header data is a critical piece of the agency’s efforts to uncover suspicious patterns in a loan, grant, or benefit application.
In March 2023, President Biden issued a sweeping proposal to protect citizens against identity theft, to help victims of this crime and prevent future systemic fraud. But the CFPB’s proposed rule would tip the scales dramatically in favor of fraud actors and further imperil the integrity of public funds.
It would run directly counter to the administration’s 2023 commitment to “invest in better prevention of identity theft and all forms of fraud involving public benefit programs.” Now is not the time to tie agencies’ hands in the fight against a formidable adversary.
Linda Miller, former deputy executive director of the federal Pandemic Response Accountability Committee, is CEO of Audient Group, a services firm specializing in anti-fraud solutions for commercial and government clients.