Adaptive Risk Scoring – Allows organizations to create their own identity risk scoring models that fit their own business rules and adapt to evolving fraud tactics. Identity attributes and fraud indicators can be assigned values based on risk and placed into risk thresholds that businesses can then score.
Anti-Money Laundering (AML) – term mainly used in the financial and legal industries to describe the legal controls that require financial institutions and other regulated entities to prevent, detect and report money laundering activities.
Age Verification – The process of verifying someone is of a minimum age such as 18 or 21; typically used to allow access to age restricted commerce and content.
Bank Secrecy Act (BSA) – requires financial institutions in the United States to assist U.S. government agencies to detect and prevent money laundering.
Children Online Privacy Protection Act (COPPA) – a law created to protect the privacy of children under the age of 13; requires parental consent before collecting or using any information on website users under the age of 13.
Children Online Protection Act (COPA) – Restricts the access of minors to any material defined as harmful on the Internet.
Consumer Privacy & Driver’s Privacy Protection Act (DPPA) – Prohibits the release or use by any State DMV (or any officer, employee, or contractor thereof) of personal information about an individual obtained by the department in connection with a motor vehicle record.
CTIA The Wireless Association – An industry trade group that represents a wide variety of interests on behalf of the wireless telecommunications industry in the United States. The CTIA has established various sets of Voluntary Industry Guidelines that its members follow including guidelines related to age verification of minors.
Customer Identification Program (CIP) – A Customer Identification Program verifies the identity of individuals wishing to conduct financial transactions. CIP became a requirement by the US Patriot Act for financial institutions in 2003 to prevent financing of terrorist operations and money laundering. Banks are required to keep records of identifying information and check customer names against terrorist lists. Read more about CIP Compliance here.
Fair and Accurate Transaction Act of 2013 (FACTA) – allows consumers to request and obtain a free credit report once every twelve months from each of the three nationwide consumer credit reporting companies.
Fair Credit Reporting Act (FCRA) – Promotes the accuracy, fairness and privacy of information in the files of consumer reporting agencies.
Federal Financial Institutions Examination Council (FFIEC) – Established by the Congress in 1979, the FFIEC was implemented to prescribe uniform principles, standards, and report forms for the federal examination of financial institutions, to make recommendations to promote uniformity in the supervision of financial institutions, and to conduct schools for examiners. The Council has six voting members: the Comptroller of the Currency, the Chairman of the Board of Directors of the Federal Deposit Insurance Corporation, a Governor of the Board of Governors of the Federal Reserve System, the Director of the Office of Thrift Supervision, the Chairman of the National Credit Union Administration, and the Chairman of the State Liaison Committee.
Federal Trade Commission (FTC) – An agency of the United States government which focuses on promoting a competitive market and protecting consumers from false advertising and unfair business practices.
Financial Industry Regulatory Authority (FINRA) – a private corporation that acts as a self-regulatory organization (SRO). It is a non-governmental organization that regulates member brokerage firms and exchange markets. The government agency which acts as the ultimate regulator of the securities industry, including FINRA, is the Securities and Exchange Commission.
Foreign Sanctions Evaders (FSE) List – OFAC publishes a list of foreign individuals and entities determined to have violated, attempted to violate, conspired to violate, or caused a violation of U.S. sanctions on Syria or Iran. It also lists foreign persons who have facilitated deceptive transactions for or on behalf of persons subject to U.S. sanctions. Collectively, such individuals and companies are called “Foreign Sanctions Evaders” or “FSEs.” Transactions by U.S. persons or within the United States involving FSEs are prohibited.
Gramm-Leach Bliley Act – This act requires financial institutions, companies that offer consumers financial products or services like loans, financial or investment advice, or insurance, to explain their information-sharing practices to their customers and to safeguard sensitive data.
Health Insurance Portability and Accountability Act (HIPAA) – The Health Insurance Portability and Accountability Act (HIPAA) is comprised of two parts. Title I of HIPAA protects health insurance coverage for workers and their families when they change or lose their jobs. Title II of HIPAA, provides federal protections for personal health information held by covered entities and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of personal health information needed for patient care and other important purposes.
Health Information Technology for Economic and Clinical Health Act (HITECH) – The Health Information Technology for Economic and Clinical Health Act (HITECH) was signed into law on February 17, 2009 as part of the American Recovery and Reinvestment Act of 2009 to promote the adoption and meaningful use of health information technology. In an effort to strengthen the civil and criminal enforcement of the HIPAA rules, subtitle D of the HITECH Act addresses the privacy and security concerns associated with the electronic transmission of health information.
Know Your Customer (KYC) – The process by which a bank or financial institution checks the identity, background and other aspects of the source of wealth of potential and existing customers. legislation and regulation require firms to obtain evidence of identity of a customer at take-on and to keep a record of that evidence for as long as there is a relationship with a customer. Read more about Know Your Customer Rules here.
Master Settlement Agreement (MSA) – An agreement between the Attorneys General of 46 U.S. states and the four largest American tobacco companies to settle lawsuits brought by the states to recover billions of dollars in costs associated with treating smoking-related illnesses. The agreement prohibits tobacco companies from targeting youth and using cartoons in cigarette advertising. It also ended outdoor advertising of cigarettes and the advertising of cigarettes in public transit facilities, as well as the use of cigarette brand names on merchandise, and a host of other restrictions.
National Automated Clearinghouse Association (NACHA) – NACHA maintains its Operating Rules and sound risk management procedures to govern the use of the Automated Clearing House (ACH) Network. These rules are used to ensure that the ACH Network is efficient, reliable, and secure for its members.
National Institute of Standards and Technology (NIST) – a measurement standards laboratory, also known as a National Metrological Institute (NMI), which is a non-regulatory agency of the United States Department of Commerce. The institute’s official mission is to “Promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.”
Office of Foreign Assets Control (OFAC) – The Office of Foreign Assets (OFAC) at the U.S. Department of the Treasury administers and enforces economic and trade sanctions against targeted foreign counties, terrorism-sponsoring organizations, and international narcotics traffickers based on U.S. foreign policy and national security goals.The events of September 11, 2001 increased the diligent need for financial institutions to monitor transactions performed by or through them to better comply with the economic and trade sanctions enforced by OFAC of the U.S. Department of the Treasury administers.
Payment Card Industry (PCI) – Data Security Standard- The PCI data security standard is a set of guidelines that were developed by Visa, MasterCard, Discover and American Express to optimize the security of credit, debit and cash card transactions and protect cardholders against misuse of their personal information. It is important for consumers to engage in a secure e-commerce, which is why the PCI data security standard was created.
Permissible Use – describes the intent of anyone accessing sensitive consumer data in that it must be for a legitimate business purpose. This prevents businesses from accessing information on people other than their customers.
Special Designated Nationals (SDN) – OFAC publishes a list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called “Specially Designated Nationals” or “SDNs.” Their assets are blocked and U.S. persons are generally prohibited from dealing with them.
Red Flag Regulations – Red Flag Regulations require financial institutions and creditors to develop and implement written identity theft prevention program. These programs must identify and detect the relevant warning signs or “red flags” of identity theft such as unusual account activity, fraud alerts on consumer report or attempted use of suspicious account application documents. There must also be appropriate responses that are described to prevent and resolve the crime and a plan to update the program.
U.S. PATRIOT Act – The U.S. PATRIOT Act was created in 2001 in an effort to combat terrorism by freezing finances used to threaten our country. Under Section 326 of this law, financial institutions are required to implement a Customer Identification Program (CIP) and verify new customer’s name, address, date of birth and Social Security number.
Uniform Commercial Code (UCC) – one of a number of uniform acts that have been promulgated to harmonize the law of sales and other commercial transactions in all 50 states within the United States of America. one of a number of uniform acts that have been promulgated to harmonize the law of sales and other commercial transactions in all 50 states within the United States of America.