A Revolutionary War Against Financial Crime
FinCrime Comes to New Jersey
By Timothy E. Doherty
NJBankers has taken the fight against the rapidly growing tide of identity theft, check fraud and other financial crimes to the World Wide Web in a revolutionary way.
On June 1, the trade association for New Jersey banks launched FinCrime, a multi-state, Web-based anti-crime network aimed at stemming the tide.
FinCrime is a secure, centralized, Internet-based financial crimes reporting, tracking and alerting system owned by NJBankers and 12 other state banking associations and operated by Iowa Bankers Association. The system will permit New Jersey financial institutions to share information with each other and with law enforcement about financial crimes.
New Jersey is the first state in the Middle Atlantic region to offer such a system, and NJBankers has been coordinating with other states in the region which are expected to soon follow.
Other financial and security associations and their members, as well as local, state and federal law enforcement, will be invited to join and participate in FinCrime. Information collected and shared on the FinCrime network will not be available to the general public.
The more participation and cooperation among banks, credit unions and law enforcement, the more successful the effort to track down, arrest and punish those who perpetrate these crimes, as has proven to be the case in those states where FinCrime is already in operation.
TAKE A BYTE OF FINCRIME FREE
To encourage maximum participation in the system, NJBankers is offering qualifying financial institution representatives and members of law enforcement a free trial of the system through Sept. 1.
After that, NJBankers member subscribers will be invoiced for just $300 per individual annual subscription. Members of financial and security associations cooperating with NJBankers in deploying FinCrime will also pay the same rate. The annual cost for nonmember institution individual subscriptions will be $450. Law enforcement may continue using the system at no cost. All users will be authenticated and approved by NJBankers.
NJBankers is conducting demonstrations of FinCrime throughout New Jersey during June and July. To find a location near you, see the list of demonstration sites on page 19 and register for a demonstration under the Seminars and Events menu at www.njbankers.com.
WHAT EXACTLY IS FinCrime?
FinCrime is a 13-state network of financial institutions and law enforcement sharing information via the Internet in a financial crimes database reporting, tracking and alerting system. The result - shared aggregated data identifies and links criminals to their acts. FinCrime's focus is to improve financial institutions' ability to detect and prevent fraud losses and to assist law enforcement in the prosecution of criminals.
HOW DOES FINCRIME WORK?
• Financial institutions and law enforcement may register at www.njbankers.com by moving the computer cursor over the second choice on the left menu bar of the home page, FinCrime, then moving it to the right and clicking on the first choice, FinCrime.
• Each participant establishes a personal profile, selecting relevant geographic areas of interest and types of fraud to be monitored;
• Participants log in to the password-protected site, submit case information via a Web form or download from their case management systems;
• FinCrime automatically checks existing incidents for cross references, including names, account numbers and license numbers whenever an incident is posted. When a suspected cross reference is found, the persons posting both the original and new incident are notified via e-mail;
• Alert notification e-mails go out to all participants based on the criteria established in their personal profiles;
• Financial institutions and law enforcement can search existing cases based upon multiple criteria, including names, dates, geographic region and type of fraud. Participants also can upload, store and retrieve photos and images.
DOES FINCRIME REALLY WORK?
Although FinCrime has only been online since July 1, 2003, it has several success stories to tell.
In early October, a bank in Grinnell, Iowa, was the victim of a shortchange artist. After seeing the Iowa bank’s incident report on FinCrime, a security officer at a holding company in Omaha sent the information to tellers at all of the bank’s locations. When the same man attempted the scheme at one of the company’s Colorado banks, a teller recognized the man and called the police. The man was arrested and extradited to Iowa. Without FinCrime, more banks would likely have become victims of this man and his fraudulent scheme.
WHAT DOES FINCRIME ACCOMPLISH?
By providing a confidential and secure way to share information about fraudulent transactions, participating financial institutions are made aware of fraudulent activity in their area, usually sooner than they would be able to identify it by themselves. This early awareness allows them to take action to prevent fraud losses. Also, the shared database provides opportunities to build fewer but larger “multi-bank” cases out of smaller individual losses, helping financial institutions and law enforcement focus on organized crime and repeat offenders. This more efficient use of law enforcement resources results in overall loss reduction for financial institutions, as professional criminals find financial institution fraud more difficult, more risky, and less profitable to pursue.
WILL LAW ENFORCEMENT BENEFIT?
First and foremost, FinCrime helps consolidate numerous small, individual victim cases into fewer, stronger “multi-victim” cases. This focuses law enforcement on perpetrators that are doing the most serious damage to the industry as a whole and allows them to use their limited resources more effectively.
CAN THE DATA BE SEARCHED?
The real power of the system comes from the ability to search the data in a number of ways. The user may search the database on almost any field or combination of fields. This includes any of the names on the financial instrument used, any of the information contained on the ID used, date, location and type of crime.
CAN ANYONE CHANGE THE DATA?
With the exception of “follow up” information, only the person that posted the incident has the ability to modify the information that has been posted. Follow up information can be added to an incident by anyone, but is intended to be used by law enforcement to add additional information as the investigation proceeds. The owner of the incident is notified by e-mail when follow up information is added.
WHAT DATA IS STORED By the System?
Data stored includes information on the date and type of crime, information from the financial document used, all relevant information from the ID used by the suspect, as well as information regarding the investigating officer/agency.
DOES THE SYSTEM HELP THE Poster TO CONTACT OTHER INVESTIGATORS?
The name and contact information of the person posting the incident as well as the investigating officer, along with the case number are stored in the database.
WHAT ELSE DOES THE SYSTEM DO TO HELP USERS MATCH INCIDENTS?
At the time that an incident is posted to the network, the network will automatically check the incident against all other incidents in the database. If a match is found with another incident both the person who posted the incident and the person that posted the matching incident are notified of the matching elements via e-mail.
The system also contains a feature that will allow the person posting the incident or law enforcement to link two incidents together when the system may not otherwise be able to do so. This is useful when one of the incidents involves someone using a known alias.
DOES THE SYSTEM DISTINGUISH OR DENOTE the NAMES of VICTIMS’?
An indicator can be placed on all name fields within the database to show that this person is the victim of the crime rather than the perpetrator.
DOES FINCRIME CONFLICT WITH SAR REPORTING REQUIREMENTS?
The Bank Secrecy Act prohibits a financial institution, its directors, officers, employees or agents from disclosing to any person involved in the transaction that a SAR has been filed. SARs must be filed only on certain transactions that are suspicious in nature, involve potential money laundering or violations of the Bank Secrecy Act when aggregate dollars involved in the transactions exceed reporting thresholds. The BSA does not prohibit information contained in a SAR to be shared on a voluntary basis with other persons or law enforcement, so long as the fact that the SAR has been filed is not disclosed.
WHAT ARE THE FCRA IMPLICATIONS OF THE FINCRIME REPORTING SYSTEM?
The Fair Credit Reporting Act (FCRA) contains certain exclusions from the definition of “consumer report.” One such exclusion is any report containing information solely as to transactions or experiences between the consumer and the person making the report. Under that exclusion, information published by a member of FinCrime that relates solely to the transactions or experiences between the consumer and the person making the report would not be a consumer report within the meaning of FCRA, and such a report will not violate FCRA. Accordingly, members of FinCrime should limit the information published to specific experiences between the consumer and the financial institution publishing the information on FinCrime.
DOES FINCRIME CONFLICT WITH THE PRIVACY PROVISIONS OF GLBA?
The Gramm-Leach-Bliley Act (GLBA) generally requires protection of the security and confidentiality of customer records and information. However, GLBA contains certain exceptions, including § 502(e)(3) which provides as follows: “GLBA shall not prohibit the disclosure of nonpublic personal information to protect against or prevent actual or potential fraud, unauthorized transactions, claims or other liability.”
Since FinCrime members will provide information that is for the purpose of protecting or preventing actual or potential fraud, unauthorized transactions, claims, or other liability, such sharing of information is specifically permitted under GLBA.
FINCRIME – ANOTHER REVOLUTION COMES TO THE STATE OF NEW JERSEY
The expansion of FinCrime into New Jersey comes at a time when identity theft, check fraud and other financial crimes nationally have reached staggering proportions.
Last September, the Federal Trade Commission released a survey estimating that 9.9 million Americans had been victims of identity theft in the preceding year, a number that pales in comparison to the estimated 27.3 million victims of identity theft in the preceding five years.
The American Bankers Association (ABA) estimates that check fraud attempts against banks have doubled every two years since 1997, totaling more that $4.3 billion in 2001 and resulting in $698 million in actual bank losses.
Bank robberies, traditionally the most visible crimes against banks, have also continued to rise in recent years, reaching a peak of 8,516 in 2001, the most recent year for which statistics are available.
Going back to Revolutionary times, New Jersey’s unique location among the Middle Atlantic States earned it the nickname of “Crossroads of the Revolution.” Today, among financial security officers, it carries for the very same reason the nickname of “Crossroads of Financial Crime.”
FinCrime brings the fight against financial crime in the Garden State to a new crossroads. Through the revolution of the World Wide Web, unprecedented cooperation among financial institutions in New Jersey and the potential for neighboring states to also participate in the system, the perpetrators of crimes against financial institutions stand a better chance than ever of landing behind bars where they belong.
Timothy E. Doherty is vice president and director of communications for NJBankers. He may be reached at 609-520-1221, ext. 542, or via e-mail at firstname.lastname@example.org. The author wishes to thank the Indiana Bankers Association, the Iowa Bankers Association and the Nebraska Bankers Association for their contributions to this article.