Home   Resources   Financial Guidelines   Identifying and Responding to Red Flags
Financial Affairs

Identifying and Responding to Red Flags

Purpose/Scope

This guideline provides guidance for identifying and responding to "Red Flags" in accordance with the University of Texas at San Antonio (UTSA) Identity Theft Prevention Program found in HOP 9.39.

All UTSA areas, departments, colleges and schools that hold personally identifiable student financial records and information and/or covered accounts (see HOP 9.39) must comply with the requirements of this guideline.

Authority

University Guidelines

Table of Contents
  1. Overview
  2. Identifying and Responding to Red Flags
    1. Alerts, notifications or warnings from consumer reporting agencies
    2. Suspicious documents
    3. Suspicious personal identifying information
    4. Unusual use of or suspicious activity related to covered accounts
    5. Notice from consumers, victims of identity theft, law enforcement or others regarding possible identity theft.
    6. Other

A. Overview

UTSA is required to develop, implement and maintain a written Identity Theft Prevention Program to identify, prevent and mitigate identity theft in accordance with 16 CFR 681, the Federal Trade Commission’s Red Flag Rules.
The Assistant Vice President of Financial Services and University Bursar is the program administrator and is responsible for developing, implementing and maintaining the Identity Theft Prevention Program.

The detailed program, including specific responsibilities and procedures, is found in HOP 9.39.

B. Identifying and Responding to Red Flags

Red Flags are suspicious patterns or practices, or specific activities that indicate the possibility that identity theft may occur. All UTSA departments must follow these guidelines and report their actions to the program administrator if identity theft is suspected.

1. Alerts, notifications or warnings from consumer reporting agencies
Red Flag Required Response/Action
A fraud or active duty alert accompanies a consumer report requested by UTSA.
  1. Verify activity reported with applicant.
  2. If verified, proceed with evaluation of applicant based on consumer report received.
  3. If unable to verify, do not use this report in evaluating applicant – no further action required.
A notice of a credit freeze is received in response to a request for a consumer report.
  1. Verify activity reported with applicant.
  2. If verified, proceed with evaluation of applicant based on consumer report received.
  3. If unable to verify, do not use this report in evaluating applicant – no further action required.
A notice of address discrepancy is received in response to a request for a consumer report.
  1. Compare reported address with that provided by applicant and if necessary, contact the applicant to verify.
  2. If address has been verified, report to credit report agency.
  3. If unable to determine relationship between the applicant and the notice, do not use the report to evaluate the applicant and notify the applicant. No further action required.
Indication from a consumer report of a pattern of activity inconsistent with the history and usual pattern of activity of an applicant or consumer.
  1. Verify activity reported with applicant.
  2. If verified, proceed with evaluation of applicant based on consumer report received.
  3. If unable to verify, do not use this report in evaluating applicant – no further action required.
Top
2. Suspicious documents
Red Flag Required Response/Action
Identification documents or card provided appears to have been altered or forged.
  1. Retain identification and notify management for assistance.
  2. If identification appears fraudulent,
  3. report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.
Identification documents or card provided on which the photograph or physical description is not consistent with the appearance of the customer presenting the documents.
  1. Retain identification, notify management for assistance.
  2. If identification appears fraudulent, report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.
Identification documents or card provided on which other identifying information is not consistent with information provided by the customer or other readily accessible information that is on file. For example, a birth date doesn't match appearance of customer.
  1. Retain identification, notify management for assistance.
  2. If identification appears fraudulent, report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.
Request for information, applications, or other documents presented appear to have been altered or forged, or gives the appearance of having been destroyed and reassembled.
  1. Retain documents, notify management for assistance.
  2. If documents appear fraudulent, report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.
Top
3. Suspicious personal identifying information
Red Flag Required Response/Action
Identifying information is inconsistent with other external information sources. For example, an address that does not match the address printed on a loan application.
  1. Inspect identification and compare with other external information sources.
  2. Retain identification and notify management for assistance.
  3. If situation appears fraudulent, report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.
Identifying information is inconsistent with other information provided by the customer. For example, inconsistent birth dates.
  1. Inspect identification and compare with Banner Student Identification forms, such as SPAPERS or SPAIDEN.
  2. Retain identification and notify management for assistance.
  3. If situation appears fraudulent, report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.
Identifying information is associated with known fraudulent activity. For example, an address or phone number being used is also known to be associated with a fraudulent application.
  1. Inspect identification and compare with documentation indicating fraudulent activity.
  2. Retain identification and notify management for assistance.
  3. If situation appears fraudulent, report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.
Identifying information is of the type commonly associated with fraudulent activity. For example, an address is fictitious or the phone number is invalid.
  1. Inspect identifying information.
  2. Retain identifying information and notify management for assistance.
  3. If situation appears fraudulent, report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.
Social Security (SSN) or Banner ID number is the same as that submitted by another customer.
  1. Inspect identifying information.
  2. Retain document provided, request to see student's SSN card, Banner ID or driver's license card and retain a copy if discrepancy is not resolved.
  3. Do not provide any services until identity proven. Place hold on original customer who provided the duplicate ID number if identity is proven. Notify management for assistance.
  4. If situation appears fraudulent, report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.
Address or phone number is the same as that presented by an unusually large number of other customers.
  1. Request and inspect identifying documents to confirm information provided.
  2. If situation appears fraudulent, report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.
A customer fails to provide all of the required personal identifying information on an application or in response to notification that the application is incomplete.
  1. Do not provide any services or award aid until application is complete.
  2. If situation appears fraudulent, report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.
Identifying information is inconsistent with internal information sources on file.
  1. Inspect identifying information.
  2. Retain identifying information and notify management for assistance.
  3. If situation appears fraudulent, report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.
Customer cannot provide information in response to challenge questions beyond that which generally would be available from a wallet or consumer report.
  1. Do not provide any services, do not reset PIN's.
  2. If situation appears fraudulent, report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.
Top
4. Unusual use of or suspicious activity related to covered accounts
Red Flag Required Response/Action
Change of address for an account that is followed shortly by a request for a name change
  1. Request official documentation reflecting name change (court order, marriage certificate, etc.) and compare with photo identification.
  2. Verify change of address previously submitted.
  3. If situation appears fraudulent, report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.
An account is used in a manner inconsistent with established patterns of activity on that account. For example, payments are no longer made on an otherwise consistently up-to-date account.

Banner automatically places financial hold and restricts any services from being provided until the hold has been removed by Office of Financial Services and University Bursar or Fiscal Services.

If situation appears fraudulent, report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.
Mail sent to customer is returned repeatedly although transactions continue to be conducted.
  1. Attempt to contact student by using: Contact information in Banner Student Identification screen (SPAIDEN); email address in Banner Email Address Form (GOAEMAL); phone number in Banner Telephone form (SPATELE).
  2. If situation appears fraudulent, report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.
Customer notifies UTSA — via phone, e-mail or in-person — that the customer is not receiving mail.
  1. Verify address information with customer and ensure listed addresses are active.
  2. If address on file was not entered by customer, notify management for assistance.
  3. If situation appears fraudulent, report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.
Customer notifies UTSA — via phone, e-mail or in-person — that an account has unauthorized activity.
  1. Notify management for assistance and investigation.
  2. If situation appears fraudulent, report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.
Customer notifies UTSA — via phone, e-mail or in-person — that unauthorized use of MyUTSA Account has occurred based on last logon date posted. For example, they did not attempt access during the time/date indicated on the date stamp.
  1. Request photo identification from the customer to verify identity.
  2. Reset MyUTSA Account password.
  3. If situation appears fraudulent, report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.
Customer notifies UTSA — via phone, e-mail or in-person — that unauthorized use of MyUTSA Account has occurred. For example, the customer was automatically logged off during an online session due to multiple log on attempts.
  1. Request photo identification from the customer to verify identity.
  2. Reset MyUTSA Account password.
  3. If situation appears fraudulent, report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.
Top
5. Notice from customers, victims of identity theft, law enforcement or others regarding possible identity theft
Red Flag Required Response/Action
Customer notifies UTSA — via phone, e-mail or in-person — that an account has been opened fraudulently or is being maintained by UTSA for a person engaged in identity theft.
  1. Notify management for assistance.
  2. Place a financial hold on the account and contact pd.utsa and request officer assistance.
  3. If situation appears fraudulent, report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.
Customer reports — via phone, e-mail or in-person — receiving a bill for another individual or for a service that the customer denies receiving.
  1. Notify management for assistance and investigation.
  2. If situation appears fraudulent, report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.
Customer reports — via phone, e-mail or in-person — their personal information has been compromised.
  1. Notify management for assistance and investigation.
  2. Place a comment on appropriate Banner screen (TGACOMC, SPACMNT, RHACOMM, etc.).
  3. If situation appears fraudulent, report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.
Top
6. Other
Red Flag Required Response/Action
Customer reports — via phone, e-mail or in-person — that an unauthorized change has occurred to direct deposit information stored on the BAnner Direct Deposit screen (GXADIRD).
  1. Notify management and inactivate direct deposit entry.
  2. If situation appears fraudulent, report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.
Customer reports — via phone, e-mail or in-person — than an unauthorized change has occurred to the student address information on Banner Address screen (TUIADDR).
  1. Notify management and inactivate address entry.
  2. If situation appears fraudulent, report to UTSA Police Department (UTSAPD) and the UTSA Institutional Compliance & Risk Services.

Related Forms

None at this time.

Top

Revision History

Date Description
11/16/20 Updates to links and position titles. Editorial updates for clarity.
11/16/16 Complete overhaul of FMOG.