Industries

Increased incidence of “involuntary renters” According to the Mortgage Bankers Association, one out of every 200 homes will be foreclosed. The incidence of “involuntary renters” will increase as a high foreclosure rate continues, in turn, fueling the current trend of consumers who rely solely on mobile service instead of landlines. Implications for communications companies Does it necessarily follow that foreclosure equals bad risk? I don’t think so. For example, many consumers who have undergone foreclosure were subjected to a readjusted ARM that doubled or even tripled their mortgage payments. While taking a mortgage out of a consumer’s credit file can negatively impact the overall credit score, it can also potentially generate a more positive cash flow. The consumer’s new rent payments would be lower than the readjusted mortgage would have been, making the consumer a potentially good customer for communications services. Wireless companies, in particular, prefer to approve customers for regular installment plans (as opposed to prepaid plans). The goal, for nearly all communications companies, is to qualify customers for service without the need for a deposit. The key, when assessing credit risk, is to look at the total credit/payment history, not just the credit score alone. Best Practices for qualifying involuntary renters: Validate ID/authenticate. Checking the credit application information against several data sources will help avoid potential fraud. Look at the overall credit picture, especially the current debt-to-income ratio. Review third-party data for payment history. Along with the typical payment data, Experian now offers rental histories through RentBureau. This data has the ability to increase credit report accuracy for renters. Consider the basic lender mentality. Consumers who have exhibited good payment history on utilities, credit cards, and other debt in the past are likely to continue that behavior despite having lost their house to foreclosure.   Considering the total credit picture allows you to rank-order customers and group them into populations that are lower risk, identifying, for example, those who can be serviced without an upfront deposit. In future posts, I’ll provide some guidance for rank-ordering customers as to their credit-worthiness.

Experian’s Fraud and Identity Solutions team recently conducted a webinar entitled: “A risk-based approach to finding opportunity in today’s market: New approaches to fraud, compliance, and operational efficiency in an evolving economy.” I specifically discussed the current business drivers and fraud trends we, as a consumer and commercial authentication services provider, hear most often from our existing and potential clients. I was encouraged to have the following forces validated by our audience, and I thought they’d be worth sharing with you via this forum. In what I believe to be rank order with most influencing first:   Customer experience is king. The addressable market for most of our clients is effectively an ever more limited pool of viable consumers. From the consumer’s perspective it’s a ‘buyer’s market’. ‘Good’ consumers know they are ‘good’ and those 750 scorers don’t tolerate poor customer service.   Risk seeking credit policies may be making a comeback. Many of our clients are starting to heal from the past few years, and are ready to get back on the bike. However, this does open the door more widely for application fraud activity and risk.     New products and associated solicitations and access channels translate to higher risk as fraud prevention and fraud detection processes may be less robust in the early launch stages and certainly less time-tested.     Human & IT resources are still in short supply. As these new channels open and fraud risk increases, necessary fraud prevention and authentication oriented resources are still overly constrained and often significantly lagging in proportionality behind the recovery-minded marketing minds.     Regulatory pressures continue to equate to higher operational costs, in the form of fraud referral rates, in process engineering and human intervention and activities, not to mention the opportunity costs associated with denial of service to those ‘good’ consumers I just mentioned.     So, hosted services and solutions are where it’s at these days. Our clients want their vendors, including us at Experian, to save their IT resources, deliver quicker to market services, such as fraud models, knowledge based authentication, and other authentication tools, and provide collective capabilities that would otherwise be years away if left to the mercy of their internal development queues.     All products and processes are under review, as you might imagine. Cost control is no longer a back-burner policy and focus. ROI is the key metric these days, and likely above any other. Our clients demand flexible tools that can be deployed in multiple process points and across multiple business units. Blanket policies (including fraud prevention and authentication) are no longer good enough. Our clients’ tailored products, access channels, and market segmentations require the same level of unique design in the products we deliver.    

In the communications industry, effective acquisition is a multi-step process, best begun by asking (and accurately answering) simple, but critical questions: Who are our best prospects? Where can we find them? What should we offer them and how? Of course, the “why” is obvious—beating competitors to the punch. The similarities of today’s increasingly undifferentiated products and services make attracting high-quality customers more critical than ever. On the surface, the “who” seems equally straightforward. But it’s surprising how many communications companies still blanket the nation with ads and offers without knowing whom they want to reach or which messages to lead with. This brings us to the “how” of effective acquisition. Banks get it right Banks provide a good acquisition model. In these days of tight budgets and high expectations, most would never dream of investing in a campaign without first creating a well-defined, data-driven segmentation strategy. To get the results they want, institutions usually establish some credit-score threshold, check past payment history and assess other factors and behaviors, before starting up their marketing machine. Not surprisingly, the rewards for this foresight often include higher response rates, lower costs and greater value per promotional dollar. What’s next? Once you zero in on a fresh crop of qualified prospects the “whats” come next: what’s the best marketing channel? What products or services should we offer? What terms? Again, clean historic data, combined with up-to-date information from surveys and questionnaires can reveal surprising insights into why customers choose your company or offer over your competitors’. In communications, as in banking, reliable data is a proven source for answers to a whole slew of customer-acquisition questions. But does it offer similar value in other phases of customer lifecycle management? And if so, how? Funny you should ask. Because that’s exactly what future posts here will cover, so please check back often.

Many compliance regulations such the Red Flags Rule, USA Patriot Act, and ESIGN require specific identity elements to be verified and specific high risk conditions to be detected. However, there is still much variance in how individual institutions reconcile referrals generated from the detection of high risk conditions and/or the absence of identity element verification. With this in mind, risk-based authentication, (defined in this context as the “holistic assessment of a consumer and transaction with the end goal of applying the right authentication and decisioning treatment at the right time") offers institutions a viable strategy for balancing the following competing forces and pressures: Compliance – the need to ensure each transaction is approved only when compliance requirements are met; Approval rates – the need to meet business goals in the booking of new accounts and the facilitation of existing account transactions; Risk mitigation – the need to minimize fraud exposure at the account and transaction level. A flexibly-designed risk-based authentication strategy incorporates a robust breadth of data assets, detailed results, granular information, targeted analytics and automated decisioning. This allows an institution to strike a harmonious balance (or at least something close to that) between the needs to remain compliant, while approving the vast majority of applications or customer transactions and, oh yeah, minimizing fraud and credit risk exposure and credit risk modeling. Sole reliance on binary assessment of the presence or absence of high risk conditions and identity element verifications will, more often than not, create an operational process that is overburdened by manual referral queues. There is also an unnecessary proportion of viable consumers unable to be serviced by your business. Use of analytically sound risk assessments and objective and consistent decisioning strategies will provide opportunities to calibrate your process to meet today’s pressures and adjust to tomorrow’s as well.

Cell phone use on the rise A Wikipedia list of cell phone usage by country showed that as of December 2009, the U.S. had nearly 286 million cell phones in use. In parallel, a recent National Center for Health Statistics study found that one in every seven homes surveyed received all or almost all their calls on cell phones, even though they had a landline. Study results further indicated, one in four homes in the U.S. relied solely on cell phones. This statistic highlights these households had no land line at all during the last half of 2009. Since this time, the number of households that fall within this category have increased 1.8 percent. Implications for communications companies The increasing use of cell phones, coupled with the decreasing use of landlines, raises some very important concerns for communications companies: The physical address on file may not be accurate, since consumers can keep the same number as they jump providers. The increased use of pre-paid cell phones shines a new light on the growing issue that contact numbers are not a consistent means of reaching the consumer. These two issues make locating cell phone-only customers for purposes of cross-selling and/or collections an enormous challenge. It would certainly make everyone’s job easier if cell phone providers were willing to share their customer data with a directory assistance provider. The problem is, doing so, exposes them to attacks from their competition and since provider churn rate concerns are at an all-time high, can you really blame them? Identifying potentially risky customers, among cell phone-only consumers, becomes more difficult. Perfectly good customers may no longer use a landline. From a marketing point of view, calling cell phones for a sales pitch is not allowed, how then do you reach your prospects?     What concerns you? Certainly, this list is by no means complete. The concerns above warrant further discussion in future blog posts. I want to know what concerns you most when it comes to the rise in cell phone-only consumers. This feedback will allow me to gear future posts to better address your concerns.

By: Staci Baker According to Wikipedia, mobile banking is defined as, “a term used for performing balance checks, account transactions, payments, credit applications, etc. via a mobile device such as a mobile phone or Personal Digital Assistant (PDA).” However, as several large lenders and phone carriers test mobile banking and mobile payments, there is still much to be deciphered. Will it help businesses compete? Is it safe for a consumer? Should a bank offer a mobile solution; and if so, what precautions will they need to take to ensure their customer’s information, i.e. fraud, consumer identity? Peter Garuccio, spokesman for the American Bankers Association in Washington D.C., noted that “various experts predict that some 20 million people may be banking via cell phone this year, and that number is projected to skyrocket to 50 million by 2013.” And, according to a mobile payment study by Juniper Research ,“Combined market for all types of mobile payments is expected to reach more than $630B globally by 2014.” For the purpose of this blog, I will focus on the mobile banking solution, and questions to consider before entering into the mobile banking arena. Mobile banking today is akin to online banking a few years ago. It’s new, getting a lot of press, late adopters want more information, while the early adopters are already participating and it appears to be on the verge of taking over more conventional banking and payments. Before entering into the world of mobile solutions, there are a few things to consider: How will new regulations, such as the Durbin Amendment to the Frank-Dodd Act (a new Interchange fee proposal), affect implementation and usage? The current average interchange fee is between $1 and $1.30, the new cap at $.12 will reduce the charges by up to 90%.While the interchange fee proposal will not be finalized until after February, it is not known how the new “swipe fee” legislation will affect mobile solutions. If the new amendment directly affects debit cards only, mobile solutions can become a new revenue stream for many lenders. As more information becomes available regarding the Durbin Amendment, I will relay additional details and implications. What fraud prevention solutions do you have in place? Fraud is an issue in all industries; therefore utilizing fraud best practices specific to your market, or identifying fraud trends is essential in keeping retailers, consumers and your company safe. As consumers replace the need for a wallet with a phone, identity theft can become an issue. This is especially true of phones with minimal security, or if their phone gets into the hands of a hacker. Therefore companies can initiate an identity theft prevention program to raise awareness in consumers and retailers. As well as implement new internal processes and requirements. As we delve further into an IT-led economy, businesses will continually need to adjust how they do business in order to meet consumer demand, as well as finding new revenue streams. I am curious, how many businesses have already begun to implement a mobile solution, and what issues or results have you already seen? If you have not already implemented a mobile solution, is this in your planning for the upcoming year?

By: Kari Michel Lending institutions are more challenged today than ever before when assessing credit risk to find creditworthy consumers. Since 2006, the start of the housing bust and recession, consumer’s overall creditworthiness has deteriorated, especially those consumers who once had a high score (low risk). “For example, a study earlier this year by VantageScore® Solutions LLC found that the probability of serious delinquency, defined as nonpayment for 90 days or more, had increased by 417 percent among “super prime” borrowers between June 2007 and June 2009. Default risk during the same period rose by 406 percent for the second-highest rated category of “prime” consumers, and nearly doubled for those at the “near prime” scoring level.”* The VantageScore® credit score model is one example of a credit risk model that was recently redeveloped to capture the changing consumer behavior of repayment. The development data set included 45 million consumer credit profiles for the time period of 2006 to 2009.  The VantageScore® credit score will be released for lenders use January 2011. *Source: The Washington Post, “Walk-aways leading to big changes for all borrower’s credit score, November 5, 2010 Link for article:  http://www.washingtonpost.com/wp-dyn/content/article/2010/11/05/AR2010110502133.html

By: Kristan Frend According to the 2011 Identity Theft Assistance Center Outlook (ITAC), new forms of small business identity theft are emerging. This shouldn’t be a surprise that criminals view small business accounts as a lucrative funding source. What is surprising is that the ‘new’ form of small business identity theft consists of the U.S. Postal Inspection Service reporting a surge in criminal rings using small business information from stolen mail, check writing software and other tactics to counterfeit checks. That’s the new wave of small business identity theft??? I consider this one of the least sophisticated types of fraud that can easily be eliminated by small business owners not leaving mail unattended. Reading this report makes me realize that we have a long way to go in identifying and reporting the more sophisticated types of small business fraud.  As I’ve mentioned before, the industry has come a long way in advancing consumer fraud solutions.  Yet, as fraud has migrated into business accounts, we as an industry still have a ways to go in reporting the latest business fraud trends and tracking statistics.  I’m adding this to my wish list for 2011… What’s on your wish list? On a side note, I’ve noticed nearly all of the articles posted in our blog include no reader comments. I’d like to think that this means our readers are too busy to add comments and/or our articles are so well-written that they answer all of your questions. One can dream right? Seriously though, as we approach 2011 and plan our topics, we’d love to hear from you- if you can think of any topic you’d like us to cover more in depth, please let us know.

By: Kristan Frend As my colleague Margarita Lim discussed in her December 3rd article, the SSA announced that it will change how social security numbers (SSNs) will be issued, with a move toward a random method of assigning SSNs. For organizations that currently incorporate the validation of an applicant’s SSN issue date and state as a part of their risk-based decisioning, they will lose this piece of applicant authentication post-randomization. But there is some good news - first, this validation piece won’t be entirely terminated on day one of the SSN randomization for organizations. All the change means is that the newly issued SSNs will be randomized. In other words, the only SSNs that the issue data and state won’t be validated on day one are the SSNs that have just been issued to the recently born or immigrants. Given that its likely newborns won’t be applying for credit for another 18 years, the bulk of the newly issued SSNs that organizations will see for a while are those belonging to adults who were recently issued a SSN…A growing number of applicants, but not the majority of applicants. The other bit of good news is this may actually be a good thing for all of us in the long run.   While we’ll end up losing the ability to validate an applicant’s SSN issue data and state, the criminals will be at an even greater disadvantage. Consider this- Last year researchers* were able to “identify all nine digits for 8.5 percent of people born after 1988 in fewer than 1,000 attempts. For people born recently in smaller states, researchers sometimes needed just 10 or fewer attempts to predict all nine digits.” I don’t expect this change to drastically reduce third party fraud rates but over time it should eliminate one component of identity theft and ultimately benefit an organization’s Customer Information Program. *The National Science Foundation, the U.S. Army Research Office, Carnegie Melon Cylab, and the Berkman Faculty Development Fund provided support for the research.  To view the entire study, please visit http://www.pnas.org/content/106/27/10975.full.pdf+html.

By: Ken Pruett The majority of the customers I meet with use some sort of Velocity Checks to assist with their Fraud and Compliance process. However, there are still quite a few that do not, especially when opening up New Business Accounts. Historical data checks have proven to be an effective form of identity theft prevention for both Consumer fraud and Commercial Fraud. We see scenarios where a perpetrator will have one successful penetration of a business and opens up a fraudulent account.  They then try and replicate this against the same business. All of the information may be different, with the exception of one element, often the phone number. Without velocity checks, this may not be identified at the time the account is being opened. More sophisticated rings try to be more creative in their fraudulent attempts. They may gain access to a consumers information and then go and apply at a variety of entities. They are more careful, so they never attempt to target the same business twice. They are aware that many companies have velocity checks, so they do not want to take a chance of having their information questioned. At a minimum, the use of in-house velocity checks should be a standard process for you fraud detection measures. Typical data elements to check against are; name (business or consumer), address, phone number, and Social Security Number. A fraud best practice would be to use a tool that provides velocity checks and incorporates the information into a fraud prevention tool. There are tools that provide checks across multiple businesses and this typically provides the best level of protection. By looking at inquiry information across multiple businesses, you are able to help prevent being a victim of some of the more sophisticated rings. Don’t find yourself being the easiest target. Once you get hit, it could snowball and you may be victimized multiple times. We all know there is no way to stop all of the fraud, but let’s not make it too easy on the perpetrators. Try and find a way to use some sort of velocity checks in your process to at least minimize your fraud risk.

By: Andrew Gulledge Bridgekeeper: “What is the air-speed velocity of an unladen swallow?” King Arthur: “What do you mean?  An African or European swallow?” Here are some additional reasons why the concept of an “average fraud rate” is too complex to be meaningful. Different levels of authentication strength Even if you have two companies from the same industry, with the same customer base, the same fraudsters, the same natural fraud rate, counting fraud the same way, using the same basic authentication strategies, they still might have vastly different fraud rates.  Let’s say Company A has a knowledge-based authentication strategy configured to give them a 95% pass rate, while Company B is set up to get a 70% pass rate.  All else being equal, we would expect Company A to have a higher fraud rate, by virtue of having a less stringent fraud prevention strategy.  If you lower the bar you’ll definitely have fewer false positives, but you’ll also have more frauds getting through.  An “average fraud rate” is therefore highly dependent on the specific configuration of your fraud prevention tools. Natural instability of fraud behavior Fraud behavior can be volatile.  For openers, one fraudster seldom equals one fraud attempt.  Fraudsters often use the same techniques to defraud multiple consumers and companies, sometimes generating multiple transactions for each.  You might have, for example, a hundred fraud attempts from the same computer-tanned jackass.  Whatever the true ratio of fraud attempts to fraudsters is, you can be confident that your total number of frauds is unlikely to be representative of an equal number of unique fraudsters.  What this means is that the fraud behavior is even more volatile than your general consumer behavior, including general fraud trends such as seasonality.  This volatility, in and of itself, correlates to a greater degree of variance in fraud rates, further depleting the value of an “average fraud rate” metric. Limited fraud data It’s also worth noting that we only know which of our authentication transactions end up being frauds when our clients tell us after the fact.  While plenty of folks do send us known fraud data (thus opening up the possibility of invaluable analysis and consulting), many of our clients do not.  Therefore even if all of the aforementioned complexity were not the case, we would still be limited in our ability to provide global benchmarks such as an “average fraud rate.” Therefore, what? This is not to say that there is no such thing as a true average fraud rate, particularly at the industry level.  But you should take any claims of an authoritative average with a grain of salt.  At the very least, fraud rates are a volatile thing with a great deal of variance from one case to the next.  It is much more important to know YOUR average fraud rate, than THE average fraud rate.  You can estimate your natural fraud rate through a champion/challenger process, or even by letting the floodgates open for a few days (or however long it takes to gather a meaningful sample of known frauds), then letting the frauds bake out over time.  You can compare the strategy fraud rates and false positive ratios of two (or more) competing fraud prevention strategies.  You can track your own fraud rates and fraud trends over time. There are plenty of things you can do to create standardize metrics of fraud incidence, but good heavens for the next person to ask me what our average fraud rate is, the answer is “No.”

By: Andrew Gulledge I hate this question. There are several reasons why the concept of an “average fraud rate” is elusive at best, and meaningless or misleading at worst. Natural fraud rate versus strategy fraud rate The natural fraud rate is the number of fraudulent attempts divided by overall attempts in a given period. Many companies don’t know their natural fraud rate, simply because in order to measure it accurately, you need to let every single customer pass authentication regardless of fraud risk. And most folks aren’t willing to take that kind of fraud exposure for the sake of empirical purity. What most people do see, however, is their strategy fraud rate—that is, the fraud rate of approved customers after using some fraud prevention strategy. Obviously, if your fraud model offers any fraud detection at all, then your strategy fraud rate will be somewhat lower than your natural fraud rate. And since there are as many fraud prevention strategies as the day is long, the concept of an “average fraud rate” breaks down somewhat. How do you count frauds? You can count frauds in terms of dollar loss or raw units. A dollar-based approach might be more appropriate when estimating the ROI of your overall authentication strategy. A unit-based approach might be more appropriate when considering the impact on victimized consumers, and the subsequent impact on your brand. If using the unit-based approach, you can count frauds in terms of raw transactions or unique consumers. If one fraudster is able to get through your risk management strategy by coming through the system five times, then the consumer-based fraud rate might be more appropriate. In this example a transaction-based fraud rate would overrepresent this fraudster by a factor of five. Any fraud models based on solely transactional fraud tags would thus be biased towards the fraudsters that game the system through repeat usage. Clearly, however, different folks count frauds differently. Therefore, the concept of an “average fraud rate” breaks down further, simply based on what makes up the numerator and the denominator. Different industries. Different populations. Different uses. Our authentication tools are used by companies from various industries. Would you expect the fraud rate of a utility company to be comparable to that of a money transfer business?  What about online lending versus DDA account opening? Furthermore, different companies use different fraud prevention strategies with different risk buckets within their own portfolios. One company might put every customer at account opening through a knowledge based authentication session, while another might only bother asking the riskier customers a set of out of wallet questions. Some companies use authentication tools in the middle of the customer lifecycle, while others employ fraud detection strategies at account opening only. All of these permutations further complicate the notion of an “average fraud rate.” Different decisioning strategies Companies use an array of basic strategies governing their overall approach to fraud prevention. Some people hard decline while others refer to a manual review queue.  Some people use a behind-the-scenes fraud risk score; others use knowledge based authentication questions; plenty of people use both. Some people use decision overrides that will auto-fail a transaction when certain conditions are met. Some people use question weighting, use limits, and session timeout thresholds. Some people use all of the out of wallet questions; others use only a handful. There is a near infinite possibility of configuration settings even for the same authentication tools from the same vendors, which further muddies the waters in regards to an “average fraud rate.” My next post will beat this thing to death a bit more.

A recent article in the USA Today titled, “Jobs rebound will be slow”*, outlines state-by-state forecasts for the United States, as released by Moody's Economy.com. Although the national forecasted increase, 0.9%, reflects the expectation that unemployment will remain an issue throughout 2011, the state-level detail possesses interesting variances that should be further considered by lenders in determining their marketing and acquisition strategies. What I find intriguing, is that Moody’s forecasts job growth for several states that since the beginning of the housing decline have been the hot-spots for mortgage default and high delinquency rates. Moody’s projects job growth for Florida (+2.5%), Nevada (+1.5%), and California (+0.5%) – the so called “sand states” – with comparable growth rates to states like Texas (+2.5%) and North Carolina (+1.3%), which have not experienced the same notoriety for increased risk levels and delinquency. Should this growth transpire, then these states that have been the center of credit risk in recent years will soon become centers of opportunity for lenders, as increased employment should result in decreasing delinquency rates, improved repayment habits, and a generally more creditworthy consumer population. This shift is important, since any economic recovery will start with jobs growth, leading to increased lending, which will drive housing and a broader economic growth. As I noted above, the Moody’s forecast implies that lenders who are looking to drive growth may find that profitable portfolio segments exist in some of what appear to be the unlikeliest places. __________________ *http://www.usatoday.com/money/economy/2009-02-06-new-jobs-growth-graphic_N.htm

By: Margarita Lim It’s the holiday season and a festive time of year. Colorful Christmas lights and decorations, holiday songs, all of these things contribute to the celebratory atmosphere which causes many people to let their guards down. Unfortunately, fraudsters and other criminals take advantage of the prevailing goodwill and can help make one of the busiest shopping times of the year, a miserable one for their victims. It’s not a surprise that articles and news stories are released advising shoppers on how to continue enjoying their holiday season by not being victims of identity theft or other known fraud activities. Consumers can get tips from the Federal Trade Commission and other websites to prevent or minimize exposure to identity theft but I think key ones include: • If using credit cards for purchases, write ‘Check Photo ID’ on the back of your credit card. • Be very protective about disclosing personal information, especially Social Security Numbers. Did you know that it only takes one piece of personal information about you for a thief to steal your identity? • If shopping online, only make purchases from recognizable online retailers and websites. Many fraudsters will create fake websites that offer goods for sale in order to collect personal and credit information that can then be used to make fraudulent purchases. If consumers need to be careful this holiday season, businesses should also be vigilant. Fraudsters cause businesses like banks, retailers and credit card companies to lose millions of dollars that ultimately get passed on to their customers. Companies need to make sure they have tools in place to minimize these fraud losses. I’ve mentioned this in a previous post but Experian supports Identity Theft Prevention Programs by offering highly accurate consumer identity verification services. Our consumer authentication and fraud prevention product, Precise ID, and our knowledge based authentication product, Knowledge IQ, are highly respected in the marketplace for their reliability, quality and accuracy. Implementing either of these products would go a long way in preventing fraud this holiday season.

The U.S. Senate passed legislation recently that would exempt certain businesses from complying with the Red Flags Rule.  Sponsored by Senator John Thune (R-SD), the bill (S. 3987) creates an exception to the Red Flags Rule for businesses that do not advance funds to a customer. The bill would, for example, redefine the term “creditor” as currently described under the Red Flags Rule guidelines, to apply only to those businesses who advance funds to, or on behalf of, a customer, and based upon an obligation to repay those advanced funds.  The legislation also still provides the Federal Trade Commission with authority to require certain organizations to comply with the Red Flags Rule. The legislation now moves to the U.S. House of Representatives, where the chamber must approve the bill before the end of the year in order for the bill to become law.  This may alleviate many businesses in industries such as law practices, healthcare providers (particularly solo practitioners), and perhaps some service providers in telecommunications and utilities.  However, it is likely that many businesses in the utilities space will still fall under Red Flags Rule enforcement given their accessing of consumer credit profiles in many of their application processing procedures.  Again, one has to wonder what the original intent of the Red Flags Rule was.  If it was to protect consumers from identity theft and other fraud schemes via a robust identity theft prevention program, then vastly narrowing the businesses under which potential enforcement applies seems counter-productive.  The advancement of funds or not doesn’t necessarily add to or reduce risk of fraud, as much as the actual obtainment of accounts and services with identity information…regardless of industry.  More to follow…