WASHINGTON - Nearly a year after privacy provisions were enacted as part of the Gramm-Leach-Bliley Act, identity theft remains a growing problem, House Banking Committee Chairman Jim Leach said at a hearing Wednesday.
The financial reform law made it a federal crime to try to trick banks into disclosing a customer's confidential information, but the Iowa Republican said one of his staff members, posing as a jilted lover, found 11 companies that were willing to break the law and obtain financial information on a fictitious ex-boyfriend for a fee.
"Bank account information and other aspects of consumers' financial profiles apparently remain freely available to anybody willing to pay for them," Rep. Leach said.
Part of the blame lies with law enforcement agencies, which do not take the crime seriously enough and have "not paid adequate heed to the strictures of the legislation," he said.
Consumer groups and victims of identity fraud blamed banks and credit bureaus for not going far enough to protect their information and not working fast enough to correct problems once fraud was detected.
Reps. Darlene Hooley, D-Ore., and Steven C. LaTourette, R-Ohio, have introduced the Identity Theft Protection Act, which would require creditors to send confirmations of address changes to customers' old and new addresses. The bill would also let people obtain a free annual credit report, authorize the Federal Trade Commission to fine credit issuers that ignore a fraud alert on a credit file, and restrict the sale of Social Security numbers by credit bureaus.
Rep. Leach has not said whether he will back the bill.
Richard H. Harvey Jr., vice president of Chevy Chase Bank of Chevy Chase, Md., said that current laws are sufficient but that stricter enforcement is needed. The industry has sufficient motivation to address the problem because a recent study concluded that $3 out of every $4 lost by community banks to check fraud was due to some form of identity fraud, he said.
Mr. Harvey testified on behalf of the American Bankers Association.
"Since card issuers are liable for any losses, they have a natural incentive to ensure that accounts are not used fraudulently," he said. "Locking the industry into a one-size-fits-all requirement ends up drawing away funds that could be put toward more effective solutions. Thus a mandated requirement is not necessary or desirable."