The days of hot-wiring a car, hacking its computer system or snagging a clay imprint of a key are becoming tactics of the past. They still happen, but the internet has paved the way for stolen identity theft and synthetic identity theft. Think about how simple it is to walk into a dealership, pretend to be someone else, sign some forms and drive away in a new car.
Pretty easy, right? Thieves are walking straight into F&I offices, presenting bogus ID and loan documents, usually a mix of real and fake information, and defrauding dealers out of cars before any employee has a chance to catch on. You and your F&I team are the front line of defense to identify those shady folks.
How Does Your Dealership Prevent Identity Theft?
The Federal Trade Commission’s Red Flags Rule, demands that we do our due diligence to prevent identity theft, but how we all get to compliance may be different. As a creditor, ask yourself:
- Does your dealership allow customers to purchase vehicles online?
- How are you tracking activity patterns or practices? What kind of software are you using?
- How is your team detecting and identifying red flags?
- Is everyone trained on what to look for?
- Are you on the lookout for money laundering schemes?
Your answers will help you identify weak spots in your current identity theft prevention plan and lead you to the next question of, now what?
So, What Can You Do?
Make it a general practice to tell your customers that your dealership takes personal information and identity theft very seriously, asking for additional information is for their protection and to help establish who they are. Although thieves might have a mix of real and fake information, getting information from a variety of areas of your customer’s life can help you figure out if they’re really who they say they are. But find a balance; you don’t want to put people through a rigorous or aggressive vetting process and ultimately turn them off to the deal.
Continually practice, review and train your team to be aware of and look for:
- Possible forged information or documents, e.g., the wrong name or address on a check, credit application, license or credit report
- Conflicting personal information, e.g., different colored eyes or mismatched addresses
- Suspicious activity like recently established credit accounts, inconsistent transactions, a significant increase in inquiries
- Individual behavior, e.g., agreeing too fast to a price without negotiating or questioning the dealer
- Credit reporting or fraud detection service warnings
- Information that is too clean or consistent over several years
- New identity theft or car theft trends
Your identify theft prevention program should cover how to handle these red flags with the customer and with your sale. If you’ve found a red flag, it could be a genuine mistake or something more nefarious, ask your customer:
- For other identification or information, e.g., utility bill or mortgage statement
- More complicated questions like which company do you send your car payments to, or what’s your mortgage payment?
Consider all of the customer’s touchpoints with your dealership leading up to a vehicle purchase. Did they only interact with the dealership online? Have they been to the dealership several times? The more information you have about a customer, whether anecdotally or through a software system you use, will give you a better sense of the customer.
If they can’t provide you with proper documentation or if there are other red flags, stop the transaction immediately and follow your identity theft program procedures. When in doubt, escalate the issue to a supervisor, Red Flags Program Manager, or another identity theft security agent to figure out the best response.
Identify theft and fraud will continue to evolve, so keep being alert and review your program processes frequently. If you need help with your organization’s Identity Theft Prevention Program, or Red Flags Program, reach out to a third-party consultant.