Were you or someone you know a victim of identity theft last year? If so, you're hardly alone — more than 8 million people were victimized in 2010, causing $37 billion in losses, reports Javelin Strategy & Research in San Francisco. Over and above the financial costs, of course, is the time lost rectifying the trouble and the anxiety the process can produce.
"Once discovered, it may take months or even years to recover from this crime," says Owen Malcolm, chief operating officer at Sanders Financial Management in Norcross, Ga. "We've been addressing credit protection and identity theft issues with our clients for some time. It's a core part of every financial plan." Indeed, many planners are adding identity theft to their list of topics to discuss with clients, some after learning personally how traumatic the experience can be.
UP CLOSE AND PERSONAL
When Chuck Rylant, a financial planner in Santa Maria, Calif., first started his part-time practice, he was still working as a police officer. "Clients of mine suffered a robbery in which credit cards were stolen and used all over town," he says. "I opened a criminal case and tracked down several locations where the information was used for purchases and for opening new accounts, [and] I obtained store surveillance videos."
Rylant says a narcotics detective recognized the person who used the cards. She was arrested and identified the alleged thief. "It is common for the thief and person using the personal information to be different people," Rylant said. "After the arrest, I was able to help my clients clean up their record."
Not every planner has had the chance to nab a perpetrator, but many have been victimized. "At last year's NAPFA conference in Chicago, I was the president of NAPFA's Midwest Board," recalls Ted Feight, who heads Creative Financial Design, a wealth management firm in Lansing, Mich. "I took the board members out to dinner at a local restaurant and used an American Express card that I had not used any other time."
The next weekend, American Express called Feight to ask about unusual use of the card, including a $400 charge in London. "I was told that someone had probably sold my credit card number," Feight says. Amex canceled the stolen card, delivered a new one the next day and absorbed the bogus purchases, adds Feight, who says his son, also a NAPFA member, has had his identity sold twice.
Michael Steiner, a wealth manager with RegentAtlantic Capital in Morristown, N.J., reports a similar offense, one that took much longer to resolve. "My name and good credit were used to obtain credit cards, personal unsecured loans and a business loan totaling many thousands of dollars," he says. "This took place before there were security freezes and police reports for identity theft, so I basically had to fend for myself. Neither the local police nor the FBI could help."
Steiner had to contact the various banks and credit card companies to report the fraud. "After about three-plus years, I was finally able to clear my name, although not without hassles and frustrations. Imagine trying to speak with collection agents and creditors' attorneys trying to recoup the losses."
Steiner's experience proved invaluable when one of his clients fell victim to a "phishing" expedition. In phishing, scammers send emails that seem to come from a respected source, but is actually an attempt to collect user names and passwords.
"When I became aware of a large theft, I immediately called the client and asked her to come in to my office," he says. "We called the custodian's fraud and security department to lock the account down, place security features on the account and then move the funds into new accounts."
Steiner and the client also called all of her credit card companies, banks and her employer's information technology department because her work computer may have been infected with a virus. In addition, Steiner contacted the three credit reporting agencies — Equifax, Experian and TransUnion — requesting copies of her credit reports and placing fraud security alerts on her accounts.
"Fortunately, she was able to recover all of the funds, thanks to these quick actions," he says. "The transfer and our response all took place in the same day."
Greg Van Wyk, executive vice president of Austin Asset Management in Texas, had to handle a similar incident. "We received a frantic call from a client who had heard from her credit card company, asking her to verify some large out-of-town charges," he says. "She was worried about access to her investment accounts. We called Schwab to place a freeze on her accounts — most custodians will freeze online transactions."
Calls from creditors can be surprising as well as worrisome. "A client told me that she had received a call from a creditor who said that her husband was 90 days late on a credit card bill," recalls Delia Fernandez, a financial advisor in Los Alamitos, Calif. "'That was weird,' my client said, 'since he died four years ago.'" It turned out that her stepson had stolen her late husband's identity and applied for credit "all over town."
Now when someone's spouse dies, Fernandez makes sure the survivor contacts the credit bureaus to report the death. "I can't always get my clients to freeze their credit reports, but I do the paperwork for a grieving spouse, getting everything ready for a signature. Clients definitely appreciate the effort."
Consumers who have been victimized by identity thieves can wind up with low credit scores and not realize it until difficulties surface. "Recently, a client submitted a mortgage loan application that was refused because of a low credit score," says Tom Madison, a planner in Tiger, Ga. "Examining her credit report revealed several outstanding collection amounts associated with an identity theft that occurred while she was hospitalized several years ago." The client was either unaware of the outstanding bills or did not recognize them as her own, he says.
"It is very difficult to work with the collection companies that end up with these delinquent bills," Madison says. "I have been working with this client to get her credit report corrected for over three months and we are still not done."
"An ounce of prevention is worth a pound of cure," says Rob Siegmann, chief operating officer at Financial Management Group in Cincinnati. "If we can reinforce prevention techniques such as going paperless, shredding physical statements, keeping passwords private and monitoring credit reports, we can help minimize any fraudulent activity."
Van Wyk's firm lends a helping hand — as well as the use of its equipment: "We tell clients that we will shred a box of their documents in our shredder. They love our attention to this issue."
BE ON THE LOOKOUT
A key step in preventing identity theft is monitoring reports from the credit bureaus. David Strege of Syverson Strege, a planning firm in West Des Moines, Iowa, says all annual planning meetings with clients include a reminder to review credit reports at least once a year, but ideally every four months. "They can do this at annualcreditreport.com," he notes. "Dozens of our clients have discovered identity theft issues this way." Clients who are not computer-savvy may need help requesting their reports.
Clients should read the reports looking for a credit company with whom they have never sought an account, a credit balance they know is not theirs and a past address where neither they nor their children ever lived. A false address listing is a red flag because a thief may be setting one up to have a loan application go to that address.
Rylant has each client fill out a form from annualcreditreport.com. "I keep a copy on file," he says. "Once a year, I submit that form for each of my clients and then send clients a note suggesting a review of the report."
Besides monitoring credit reports, other steps can help deter scammers. "Clients can place 'fraud alerts' in their credit file to let potential creditors know that they may be a victim of identity theft," says Natalie Pine, a financial advisor with Briaud Financial Advisors in College Station, Texas. At the same time, "We also caution clients that a fraud alert may delay their ability to obtain credit."
An initial fraud alert stays on a credit report for 90 days. An extended fraud alert stays on the report for seven years, but you must show evidence that someone has tried to open fraudulent accounts in your name.
Pine's firm tells clients that they can place a fraud alert in their file by calling one of the three major credit bureaus. After that agency processes a fraud alert, it notifies the other two, which also must place fraud alerts in their files.
Another step is a security freeze. "Freezing your credit limits keeps the credit bureaus from reporting your credit file to third parties," Malcolm says. "This can keep other people from opening credit accounts in your name." Consumers must freeze their credit at all three credit agencies.
Kirk Kinder, founder of Picket Fence Financial in Bel Air, Md., not only recommends a security freeze, he has done the paperwork for clients. "Most of my clients don't need new credit, so it doesn't hurt them to freeze the account. If they do need credit, it can be unfrozen easily." A freeze can be lifted temporarily by calling the reporting agencies and providing a password. "There is a fee of around $10 to place the freeze, lift it temporarily or to remove it altogether," Pine says.
Lee Munson, chief investment officer at Portfolio in Albuquerque, N.M., warns planners as well as clients about email theft. "Our firm has had several cases of clients getting their email accounts hacked," he says. "Clients are generally not aware of it, but this is an issue for our firm if we are sending information about their portfolios over email."
The hard part, Munson says, is telling clients they need to change their email account. But with technology hackers and thieves seemingly omnipresent, prudence is increasingly necessary to protect your clients' personal data - and their money.