Amid full-throated calls for more legislation to thwart identity theft, some bankers are standing firm.
"We have all the legislation presently that we need, as long as the industry is following the rules and regulations as set forth," said Boris Melnikoff, a senior vice president and the corporate director of special services at Wachovia Corp. "The laws are there. Let's use them."
Mr. Melnikoff, a member of the American Bankers Association's task force on privacy, said that Wachovia, like most banks, has an investigative unit dedicated to solving cases of fraud and identity theft. The unit, with a staff of 38, is nothing new, he said; "Wachovia has always had an investigative team" to focus on all types of fraud. Of identity theft he said, "We've slowly but surely seen an increase."
Nobody disputes that identity theft has risen as the Internet and other modern conveniences have made it easier for people to snatch information from one another; and that the role of financial services companies in identity theft cases is under a harsher spotlight. As Mr. Melnikoff describes the situation at Wachovia, he explains that there are limits to what banks can do.
Banks can help prevent identity theft "by scrutinizing and verifying all the data [we're] receiving," he said.
"But if I get the credit report and I'm going on that information, it's very difficult to verify the information." In some situations, he said, Wachovia verifies the address of account applicants, but "not in the normal course of business. We do more due diligence for someone applying for a $1 million loan than someone opening a checking account. Banks don't go out and do a door-to-door inquiry about John Doe."
Once the bank obtains the information needed to approve a loan or account, "the veil of privacy comes down," Mr. Melnikoff said.
He said he could not share details of Wachovia's identity theft prevention strategy, or of how it trains its customer service representatives to notice and thwart the crime - lest he tip off fraudsters. He said only, "I don't know of any bank that doesn't train its employees to be alert" to this problem.
"If we had a devil-may-care attitude, we wouldn't" devote so many resources to investigation, Mr. Melnikoff said. "The institution is a victim, and they will cooperate 100% because they are victims also."
Though the bank has an obligation to check an application diligently and follow up on any problems, "there is a duty on the consumer's part to get a copy of the credit report and look at it," Mr. Melnikoff said.
Such attitudes outrage consumer groups, who point to the $8 fee typically charged by a credit bureau for a copy of a report. They argue that not only should such vital information be available free, but that the onus should be on the banks and other information custodians to let consumers know when things seem amiss, just as some credit card companies will call cardholders when they notice unusual spending activity.
Mr. Melnikoff said that banks should and do pay attention to those alerts. "If a fraud alert appears, I have a serious problem with the idea that a bank would extend credit without talking to the person who's applying for credit first," he said.
Meanwhile, The Washington Post reported Monday that major financial institutions routinely give out confidential customer account information to callers, using security procedures that authorities say are vulnerable to abuse by fraud artists.
The Post wrote that regulators and law enforcement officials warned three years ago that identity thieves and information brokers were tricking clerks into giving them access to peoples' financial information, and they urged banks to require customers to use passwords or codes instead of Social Security numbers, mothers' maiden names, and other widely-available personal information to identify themselves when calling.
According to the Post, major companies frequently do not require passwords or codes, despite the warnings, because of the expense involved and because officials fear their customers will find the safeguards inconvenient.