From the January 2003 issue of Investment Advisor • Subscribe!

Stop, Thief

Identity theft may be the most insidious fraud of

Identity theft, byproduct of an information age rife with accessibility, is the nation's fastest growing white-collar crime, according to the Federal Bureau of Investigation. How serious a problem this is became clear in November, when three men in New York were charged with orchestrating the largest identity-theft scheme in U.S. history.

Authorities say the caper began when a computer software company employee gave a co-conspirator passwords and codes needed for downloading consumer credit reports. In precisely this fashion, thousands of Americans have literally lost control of their credit card and identities, landing them in financial and emotional turmoil.

"News like that is a harsh reminder of the downside of living in a digital world," says Kip Gregory, a marketing expert in Washington who helps advisors use desktop tools and the Internet in their practices. "It leaves us all feeling exposed and vulnerable." Especially vulnerable as "natural targets" for identity theft and various types of business scams are high-net-worth consumers, according to Nick Peck, principal at Gryphon Investigations, an Armonk, New York-based firm that counts wealthy individuals, multinational corporations, and financial institutions among its clients.

Given the increase of identify theft and other highly sophisticated white-collar crimes, it is important for advisors to be aware how easy it is for unsuspecting clients--and some advisors--to fall prey to them. Even if an advisor isn't the victim of fraud, he or she may face liabilities. For example, are you liable if you unwittingly steer a client into a crooked business deal, or lose clients' data to a thief?

According to Tim Wyman, an attorney and advisor with the Center For Financial Planning Inc. in Southfield, Michigan, the onus lies upon investment advisors who, unlike brokers, have a fiduciary obligation to their clients. "Just because someone's been ripped off doesn't mean the advisor's liable," Wyman says. "But if it's shown that the advisor didn't do adequate due diligence, that's a different issue." Relevant also is whether the advisor is beholden to regulations under the Investment Advisers Act of 1940 or the National Association of Securities Dealers Inc.

In protecting clients it helps to understand how identity theft and other scams work, and what can be done to avoid them. Broaching the topic with clients, be it over a cup of coffee, or via alternate communiqu?s, can serve as an opportunity for personal client contact. Wyman notes that at his firm an increasing number of clients now ask about privacy issues. "People are more aware and saying, 'Where is my information held? Who is going to have access to it?' And it's not just the normal high-net-worth client anymore, either."

What, Me Worry?

The Identity Theft Resource Center (www.idtheftcenter.org), based in San Diego, estimates that 700,000 consumers became victims of identity theft during 2001, a trend the center says has reached epidemic proportions. The center defines identity theft as a crime in which an impostor obtains key pieces of information such as Social Security and driver's license numbers to obtain credit, merchandise, and services in the name of the victim. The methodologies identity thieves employ vary, according to www.consumer.gov/idtheft, a Federal Trade Commission Web site.

Thieves may open a new credit card account, using a victim's name, date of birth, and Social Security number. The thieves may call the credit issuer, and, pretending to be the victim, change the mailing address on the account. The impostors run up charges on the account, and because the bills are sent to a new address, the victim remains unaware. When the thieves don't pay the bills, the delinquent account is reported on the victim's credit report.

Jon Meyer, an advisor with Boeckermann, Grafstrom & Mayer Wealth Management in Minneapolis, has a client whose identity was stolen through a local bank. Fortunately, the client's managed assets were not involved. In fact, Meyer's firm, which custodies with Charles Schwab, moved the account promptly into Schwab's confidential branch, limiting access to the account. Still, 10 months after the crime, Meyer says his client is having account problems daily.

Meyer has used the incident as an impetus to step up his efforts to get his clients to guard their identities. For example, he drafted letters to be sent out to clients on their birth dates, providing addresses for various credit bureaus. Clients then can forward the letters to receive credit reports in order to double-check information on file.

Criminals can obtain personal data without actually stealing in-house data, credit cards, or documents, let alone breaking into anyone's home, warns the U.S. Department of Justice. For example, in public places criminals may engage in "shoulder surfing"--watching as you punch in your telephone calling card number or credit card number, or listening in on your conversation while you give your credit-card number to a hotel or rental car company. Some criminals also engage in "Dumpster diving," searching for copies of checks or credit card or bank statements.

Whether your own identity or those of clients have been purloined, a good starting point for tips on preventing identity theft is www.consumer.gov/idtheft. The site includes sections on how to minimize theft risks, what victims should do, and how to file a complaint.

Individuals can contact the FTC through the www.consumer.gov/idtheft site or by phone at 877-438-4338. You can also contact a local FBI or Secret Service office. If you suspect that an identity thief has submitted a change-of-address form to redirect your mail, or has used the mail to commit frauds involving your identity, contact the Postal Inspection Service through a local post office. Call the Social Security Administration at 800-269-0271 if you believe a Social Security number is being used fraudulently. And if you suspect that your identity is being used in connection with tax violations, contact the IRS at 800-829-0433.

According to the Better Business Bureau, identity theft isn't something that only happens to consumers. The Postal Inspection Service notes that corporations lose millions of dollars each year from computer crime and credit card fraud linked to identity theft.

Risky Business?

If identity theft issues were not enough, advisors may also have to deal with a wide range of due diligence concerns involving clients. The U.S. Patriot Act alone has added a whole new level of scrutiny to financial transactions. But while "know your customers and investors" would seem to be standard procedure, often it isn't. Advisor Meyer goes as far as to say that the majority of advisors with whom he is acquainted "don't do anything, and wouldn't know what to do if something were to happen."

Clients at Wyman's firm, for example, haven't been victimized by scams or identity theft. But Wyman says he knows other advisors whose clients have gotten into trouble because they hadn't performed adequate due diligence. "Many advisors were getting onto the venture capital bandwagon and trying to put together their own deals. I would suggest based on their training and experience they weren't qualified to do so--and they paid for it." Whether or not the advisor proves liable in terms of lawsuits brought against them, the result is generally loss of reputation and clients.

While identity theft and Enron-style scandals have made everyone aware of the prevalence of white-collar crime and the need to perform background checks for security and investment reasons, it's not just the bum economy that weakens these efforts. The Internet, with its cornucopia of data, can lead to a false sense of security, maintains Peck. "People have the feeling that I can just run the name in a couple of places, and if there's any problem, it will show up. The reality is there are limitations to this approach."

Executive mindset is another stumbling block. A few years ago Peck was looking at an executive a client had recently hired. Peck asked the company's management for their personnel file. As Peck relates, the client said, "we really don't have a personnel file." Peck asked if they had checked references. "Well, we didn't think that was right." Yet the executive was hired at a starting salary of $500,000 a year.

"For certain people the mentality is almost, if you're dealing in either a big transaction or a senior level hire, it's insulting to check," says Peck, "whereas the reality is you have so much more at stake. Those are the ones you should really be looking at, and not just taking at face value when they mention people you know." Often when an executive is caught, say, embezzling money, the employer will simply ask for the funds back, explains Peck. "From the company's perspective, it's embarrassing, and they don't want to be associated with a known crook, especially one they hired."

Fighting Back

Peck would be the first to admit that there are certain types of revealing data that can remain hidden. For example, due diligence or not, detailed fraudulent financials are hard to spot. Take hedge funds. Fraud in the hedge fund industry has made headlines. As private investment pools, hedge funds provide little disclosure. Much hedge fund fraud involves falsified data. Often a fund manager will assume a risky position only to be clobbered by the market, so the fund manager cooks the statements. Then he'll tread water, waiting for that one big score to bail out his fund, hoping no one will notice what he's done. One notable example: Michael Berger of Manhattan Investment Fund, who in 2001 pleaded guilty to covering up more than $400 million in losses.

What you can look for in financial reports and documents are warning flags, Peck says to start with the people behind them. What has been the fund manager's record on past transactions? Since there are hedge fund managers whose previous jobs were not even in financial services, does the manager have a history in the hedge fund business? Has he ever been sued? As for business deals, talk to people who have either been involved in joint ventures with them, or former business associates, advises Peck. Try to get an understanding as to how these people are to deal with. "If you find out that in the past someone had misrepresented his company's financials to someone else who was considering a deal, well obviously, that's a concern to you," he says.

Playing the Odds

What are the easiest and most effective ways advisors can help their clients, after advisors have educated themselves? Kip Gregory offers these suggestions:

  • Put together and distribute an identity theft prevention checklist.
  • Deliver a talk at your next client appreciation event on how to protect yourself.
  • Send an annual reminder to request fresh copies of their credit reports and offer assistance in reviewing the reports.
  • Negotiate a discount with your local office supply company for clients who purchase a shredder from their store.
  • Ready a list of books, articles, contacts, and phone numbers to help clients whose identities have been stolen. (One place to start is http://www.identitytheft.org).
  • Keep data secure, especially now that account aggregation systems have third parties handling client information.

The best defense against identify theft and other white-collar scams is to take simple precautions.

Reprints Discuss this story
This is where the comments go.