Warren rebukes Comerica over fraud in benefits program

Complimentary Access Pill
Enjoy complimentary access to top ideas and insights — selected by our editors.

WASHINGTON — A string of fraud cases tied to a Comerica Bank program for federal benefits recipients has caught the attention of Sen. Elizabeth Warren, D-Mass.

In August, American Banker reported on hundreds of cases in which Direct Express — a partnership between the Texas bank and the U.S. government — allegedly sent funds to fraudsters, who had impersonated the real account holders after having gained access to their cardholder data.

Warren is sending letters Tuesday to Comerica CEO Ralph W. Babb Jr., as well as the heads of the Department of Veterans Affairs and the Social Security Administration, demanding answers about the security breaches. She asked all three to respond by Oct. 30.

Sen. Elizabeth Warren
Senator Elizabeth Warren, a Democrat from Massachusetts, waits to begin a Senate Banking Committee confirmation hearing with Marvin Goodfriend, governor of the Federal Reserve nominee for U.S. President Donald Trump, not pictured, in Washington, D.C., U.S., on Tuesday, Jan. 23, 2018. Goodfriend said he hoped to keep the U.S. central bank alert to future challenges while increasing transparency and accountability. Photographer: Andrew Harrer/Bloomberg

In her letter to Babb, Warren pressed the bank to respond to complaints from consumers over how the bank handled the fraud.

“Complaints from my constituents, confirmed by detailed reporting in the American Banker, described your company's security vulnerabilities, your mismanaged responses to data breaches, and your misleading and cruel customer service tactics when harmed consumers sought help,” Warren wrote. (Drafts of all three letters were obtained by American Banker.)

“I am particularly concerned about the lack of transparency about the security breaches and subsequent fraud schemes that compromised Americans' federal benefits,” Warren added.

Since 2008, Comerica has administered the Direct Express program, which provides prepaid debit cards to allow users without bank accounts to electronically access Social Security payments and other federal benefits. The bank outsources the program's main call center function to Conduent, a publicly traded company based in Florham Park, N.J.

Comerica in August suspended a component of the program, the Cardless Benefit Access Service, as more fraud cases were revealed. Criminals allegedly stole Direct Express card numbers, addresses and three-digit card identifiers, enabling them to make fraudulent online purchases. In some cases, criminals also called Direct Express to report cards as lost or stolen, or to have PIN numbers changed, and had payments routed to MoneyGram locations.

The 4.5 million users of Direct Express include "thousands of veterans and some of our country's most vulnerable citizens, including older Americans and Americans with disabilities," Warren wrote in her letter to Babb. "These individuals rely on your services to access their federal benefits to keep a roof over their head, put food on the table, and pay for medication.

"While Comerica claims the fraudulent schemes impacted 'only a few hundred cardholders,' any interruption in accessing these basic living expenses could have devastating consequences for those receiving federal benefits, and the breaches in question appeared to be significant enough to cause the discontinuation of the program."

Warren's letter to the Comerica CEO asked how many cases of fraud associated with the Direct Express program are known by the bank, as well as the total amount of individuals affected and the "total value" of the fraud. Warren is also asking for more details about the bank's investigation into the fraud, and if Comerica is looking into whether other parts of Direct Express, besides the Cardless Benefit Access Service, have been affected.

She discussed stories of individuals affected by the fraud cases, but suggested concerns about the program predating the recent revelations. She noted complaints about Direct Express that consumers had raised with the Consumer Financial Protection Bureau and the Better Business Bureau, "particularly regarding your company's treatment of cardholders impacted by fraud and other consumer issues."

"Since 2015, there have been 131 complaints on the CFPB Consumer Complaint Database, and 526 complaints filed with the Better Business Bureau related to Direct Express," she wrote. "There have been at least 15 complaints to CFPB and 21 complaints to BBB describing situations similar to the fraud victims described above. And there are many more allegations from cardholders who were unable to reach a live person, were hung up on, or were given misleading information by Comerica."

In letters to Secretary of Veterans Affairs Robert Wilkie and acting SSA Administrative Nancy A. Berryhill, Warren is asking for more details on the use of Direct Express for sending benefits, why the government agencies have not directly reported the breaches, and the percentage of benefits recipients affected by fraud who have still received their funds, among other questions.

“Americans deserve information about the breaches, what your agency is doing to help those impacted, how you are going to protect federal benefit recipients from future fraud, and why your agency continues to work with Comerica's Direct Express program in light of the program's deficiencies,” Warren wrote in the letters to both officials.

For reprint and licensing requests for this article, click here.
Card fraud Payment fraud Prepaid cards Vendor management Data security Elizabeth Warren Comerica Bank The VA Social Security Administration
MORE FROM AMERICAN BANKER