Identity Resolution Daily

“The price of freedom is eternal vigilance,” Thomas Jefferson said. Conversely, the reverse is true: The price of eternal vigilance is freedom. To make the nation more secure from threats both external and internal, federal, state and local authorities have from time to time restricted some freedoms. When it comes to the need for security versus the right to privacy, the pendulum does sometimes swing too far to one side or the other. Thanks to the balance of powers outlined in the U.S. Constitution, this pendulum has so far found equilibrium once the threat to security has passed.

With its story, Terror Suspect List Yields Few Arrests, the Washington Post brought this balancing act to the fore over the weekend. WaPo staff writer Ellen Nakashima’s lead says it all:

“The government’s terrorist screening database flagged Americans and foreigners as suspected terrorists almost 20,000 times last year. But only a small fraction of those questioned were arrested or denied entry into the United States, raising concerns among critics about privacy and the list’s effectiveness.”

The criticisms are numerous.

The director of the Federation of American Scientists’ Project on Government Secrecy, Steven Aftergood, said, “There needs to be a reliable way to correct bad information and protect the innocent.”

People could be listed with only casual contact with a suspect, complained Harvey Grossman with the ACLU. “What you eventually get is a worthless list of people.”

Over on a UPI story, the Electronic Frontier Foundation’s David Sobel comments, “This really confirms the longstanding fear that this list is inaccurate and ultimately ineffective as an anti-terrorism tool.”

But the federal government maintains that its terrorist database is indeed an effective tool. The number of arrests last year was small — the Border Patrol said out of 20,000 encounters last year, only 550 people were refused entry in the U.S. or arrested. But the database did stop Omar Ahmed Ali from entering the country, though he tried many times. In 2005, this gentleman killed a U.K. citizen and injured 12 others with a suicide bomb in Qatar.

And if the database had been in place before 9/11, one of the hijackers would have been on the list. Two days before the attacks, Ziad Samir Jarrah got a ticket in Maryland for going 95 miles per hour. WaPo quotes Jim McMahon with the International Association of Chiefs of Police as saying, “Today, chances are he would have been on the list.”

To balance the need for heightened security, the federal government has elevated its redress response time. Reports WaPo, the agency in charge of the database, the Terrorist Screening Center has “created a redress unit that ensures that watch-list and source information is accurate, officials said. Since 2005, the unit has resolved more than 90 percent of the several hundred complaints it has received, including by deleting names or adjusting data.”

If the terrorist watch-list helps to keep suicide bombers out of the U.S., for the ten percent of the public still on the watch-list, one can only hope that this eternal vigilance is an acceptable price of freedom.

Share This

[Daily Post from Infoglide Software] Five Reasons to Read Identity Resolution Daily

“Identity resolution fans, twice a day, five days a week, we bring you the latest news and keenest insight. (Yes, there are fans. It’s a niche, but as the need for identity resolution grows in retail, banking, national security and insurance industries, the fan base grows as well.)”

Identity Insider: Identity Resolution and MDM – Bound By Governance?

“My prediction? In the short term, MDM vendors will need to integrate high-performance identity resolution into their solutions, and we can anticipate related new uses of searching and matching technologies. In the long term, the best of breed search and match methods will be greatly enhanced by the integration of unstructured analysis and content search, potentially paving the way for cross-pollination of methods between MDM, semantics, and content/knowledge management.”

Washington Post: Terror Suspect List Yields Few Arrests

“Agencies nominate names to the list based on rigorous, classified criteria, Kopel said. The TSC has created a redress unit that ensures that watch-list and source information is accurate, officials said. Since 2005, the unit has resolved more than 90 percent of the several hundred complaints it has received, including by deleting names or adjusting data.”

The Murfreesboro Post: Shoplifting case uncovers 3 major theft rings

“When arrested, Jensen gave a statement describing how DVD Plus employees gave her a shopping list of electronic equipment she stole. In turn, they paid her and sold the items on eBay.”

Share This

Identity resolution fans, twice a day, five days a week, we bring you the latest news and keenest insight. (Yes, there are fans. It’s a niche, but as the need for identity resolution grows in retail, banking, national security and insurance industries, the fan base grows as well.)

Below are five reasons you should read our blog every day. Or, just click this orange button, subscribe and never miss a single post.

1. Retail Loss Prevention’s Biggest Concern: Internal Theft
Retailers, you know this: Employee theft is hands down the largest cause of shrinkage. Do you know how to prevent this form of retail fraud?

“…if 75 percent of internal thieves are never caught, wouldn’t it be easier to not hire high risk employees in first place than to catch them in the act? With software — specifically identity resolution software — retailers can get a clear comprehensive, composite depiction of current employees and potential new hires. Identity resolution solutions aggregate information from existing negative databases, uncovering convictions, bad debt, driving histories, lawsuits and more.”

2. Know Your Employees with Identity Resolution
Again retailers, if you want to catch thieves like the one below, you need an identity resolution solution.

“Newburgh town police say a local clerk at the Wal-Mart Super Center on Route 300 has been ‘returning’ Wal-Mart merchandise and pocketing the cash. Her take? Over $30,000. Police arrested Darlene Banks, 50, of the City of Newburgh, Tuesday night as she showed up for work. It ended her two-year tenure at the local Wal-Mart, where she was a customer service specialist — with the ability to do merchandise returns.”

3. Charlie Intriago is The Anti-Money Laundering Iconoclast
Money launders, watch out. The publisher of the Money Laundering Alert is monitoring your every move. Bankers, federal regulators, same thing.

“Intriago is also a big believer in striking a balance between privacy and security. In a 2002 interview after the passing of the USA Patriot Act, he commented on the new investigative authority of the federal government, ‘One has to pray that those powers are used responsibly.’ If not, Charlie Intriago will be the one to tell us about it.”

4. The Banking Industry Needs Identity Resolution
Bankers, you know how hard it is to comply with the Bank Secrecy Act (BSA). Here’s how to keep out of trouble and off the front page of the paper:

“Until the BSA is redrafted to clearly outline what is and is not required of Anti-Money Laundering (AML) officers, identity resolution software is the best way to protect the banks’ assets. To protect itself from an ambiguous law, banks should go beyond what federal regulators require. And for this, they need to implement an identity resolution solution that uses sophisticated similarity search techniques to resolve multiple identities into one unified view.”

5. Is Loss Prevention Getting Even More Dangerous?
Loss Prevention professionals, you know your job can be dangerous, even deadly. Please pay attention to Jeff Stein’s call to action:

“…large retail groups need to work together and set up trust funds for the families of future Loss Prevention professionals who sadly lose their lives while trying to protect the safety, security and profits of so many.”

5. The Daily Link Posts
Need to keep up with the latest news regarding identity resolution? Every morning, Monday through Friday, we collect the latest breaking stories so you don’t have to.

Share This

[Daily Post from Infoglide Software] Know Your Employees with Identity Resolution

“To shrink this shrinkage, wouldn’t it behoove the retail industry to go beyond ordinary employee screening procedures? If banks are required to Know Your Customer, then it’s probably a good idea for retailers to Know Your Employee (KYE).”

GovernmentExecutive.com: DHS issues range of traveler screening rules

“‘Under the program, TSA would receive passenger and certain non-traveler information from aircraft operators, conduct watch-list matching, and transmit watch-list matching results back to aircraft operators,’ the department said. The department also moved to create a system of records for Secure Flight and exempt it from parts of the Privacy Act.”

Bangkok Post: Amlo wants banks to compile information on their customers

“This is one of 49 anti-money laundering measures suggested by the World Bank and the International Monetary Fund (IMF), he said. KYC/CDD measures are also part of the International Convention for the Suppression of the Financing of Terrorism, introduced in 1999. The convention is issued after the 9/11 terrorist attacks in 2001, and Thailand is among the countries ratifying the convention.”

Financial Times: Top auditors’ median fees up by 345 per cent

“In a sign of the explosion in audit activity since the passage of the Sarbanes-Oxley compliance law, the median fees earned by the world’s top auditing firms shot up by 345 per cent in the five years to 2006, a study said on Wednesday.”

The News Journal: Kmart employees charged with theft of electronics

“Two Kmart stock room employees were arrested on charges they pilfered more than $6,000 in merchandise from the store while working.”

Share This

Lately we’ve been covering the Bank Secrecy Act (BSA) in depth, with particular emphasis on the mandate to Know Your Customer (KYC) and Know Your Customer’s Customer (KYCC). To aid in compliance with the BSA’s ambiguous requirement (PDF) to “form a reasonable belief that [the bank] knows the true identity of its customers,” and to avoid hefty fines and bad publicity, every bank should go beyond what federal regulators require. Infoglide Software strongly recommends an identity resolution solution that uses sophisticated similarity search techniques to resolve multiple identities into one unified view.

However, stories like this one below from Times Herald Record, lead us to a great idea for a similar mandate for retail industry:

“Newburgh town police say a local clerk at the Wal-Mart Super Center on Route 300 has been ‘returning’ Wal-Mart merchandise and pocketing the cash. Her take? Over $30,000. Police arrested Darlene Banks, 50, of the City of Newburgh, Tuesday night as she showed up for work. It ended her two-year tenure at the local Wal-Mart, where she was a customer service specialist — with the ability to do merchandise returns.”

Stories like this one involving the ironically-named Ms. Banks are rampant.

“The amount of employee theft nationwide is staggering,” observes the Observer Dispatch. “Employee theft made up 47 percent — or $17.6 billion — of the retail industry’s inventory loss in 2005, according to the National Retail Security Survey directed by Richard Hollinger at the University of Florida. In contrast, shoplifting amounted for only 33 percent of disappearing store items.”

To shrink this shrinkage, wouldn’t it behoove the retail industry to go beyond ordinary employee screening procedures? If banks are required to Know Your Customer, then it’s probably a good idea for retailers to Know Your Employee (KYE). With an identity resolution solution, Loss Prevention (LP) professionals are able to get a clear comprehensive, composite depiction of current employees and potential new hires. Identity resolution solutions will aggregate information from existing negative databases, uncovering convictions, bad debt, driving histories, lawsuits and more.

Back to the same Times Herald Record story:

“Police say the scam was simple enough. Clerks would take merchandise from Wal-Mart shelves and run it through registers as already-purchased items being returned. In some cases, Banks got cash back; in some cases she took gift cards she could use in the store — or sell on the street. Police say Banks took care to avert the eagle eyes of Wal-Mart loss prevention investigators. She never returned more than $200 worth of stuff at one time and mixed up the type of items she’d return: Wal-Mart jewelry, cigarettes, clothes, and, now and then, a television.”

Identity resolution solutions also tap into inventory and returns data and with a system in place, Ms. Banks’s scam would have been easier to detect and quicker to apprehend.

Please see Identity Focused Retailing for more information.

Share This

[Daily Post from Infoglide Software] The Anti-Money Laundering Iconoclast

“Charlie Intriago is also a big believer in striking a balance between privacy and security. In a 2002 interview after the passing of the USA Patriot Act, he commented on the new investigative authority of the federal government, ‘One has to pray that those powers are used responsibly.’”

The Transnational: New Transatlantic Security Measures Raise Complaints

“New rules signed into law this month by the U.S. government threaten to complicate international travel to and from the United States. According to regulations set to take effect within six months, carriers must provide U.S. Customs and Border Protection officials with passenger information at least 30 minutes and as early as 72 hours prior to departure. Current regulations require airlines to provide passenger data no later than 15 minutes after take-off.”

The Economic Times: Banks can’t wash hands of laundering

“Stringent US regulations to combat money-laundering have extended beyond its borders and have had an impact on banks around the world. The legal and regulatory landscape created in the US due to the US Patriot Act and the regime of the Office of Foreign Assets Control (OFAC) have increased compliance pressures on banks, according to a global study by KPMG Forensic.”

recordonline.com: Clerk charged in Wal-Mart scam

“Newburgh town police say a local clerk at the Wal-Mart Super Center on Route 300 has been “returning” Wal-Mart merchandise and pocketing the cash. Her take? Over $30,000.”

Share This

Ever hear of William Cowper Brann, AKA Brann the Iconoclast?

In the 1890’s, when men were men and journalists had to carry six-shooters, Brann was an irascible, unstoppable journalist out of Waco, TX whose pen may have been mightier than the sword — but ultimately not a bullet.

The master of the witty reposte, Brann famously wrote, “Too many people presume that they are full of the grace of God when they’re only bilious.” And also this: “Marriage is, perhaps, the only game of chance ever invented at which it is possible for both players to lose.”

Time Magazine wrote of Brann back in 1958:

“Editor William Cowper Brann grew so bitter about sham and injustice that he longed for “a language whose words are coals of juniper-wood, whose sentences are woven with a warp of aspics’ fangs and woof of fire.” The language came so naturally that in three years of publishing in Waco, then a town of 25,000, he built a phenomenal worldwide circulation of 120,000 for his one-man monthly Iconoclast. It also tore Waco into feuding factions, got Brann himself kidnapped, beaten and almost lynched, caned and horsewhipped at pistol point, and finally shot to death.”

If you’re in banking, then you already know the modern day iconoclast — Charlie Intriago, the publisher of the Money Laundering Alert. Intriago, like Brann, is a witty white knight who tilts against the forces of corruption while handing out MoneyLaundering.com-branded bars of soap etched with “Keeping you clean since 1989.”

Originally only covering the South Florida money laundering operations of South American drug lords, Intriago’s empire expanded across the globe after 9/11 spurred international interest in stopping terrorist funding. His publishing, conferences and anti-money laundering training operations were recently purchased by Fortent, maker of compliance and risk software. According to the Miami Herald, Fortent “has woven a portfolio of providers of high-end consulting, technology and information services to banking clients like JPMorganChase and Wachovia. The goal is to guide them through the often-treacherous regulatory waters that can swirl around money laundering issues.”

Back in the 1990’s, Intriago broke the story on the worst financial scandal in history and beat the mainstream media to the Bank of Credit and Commerce International scandal. And the Columbia Journalism Review tells of a previous coup on “how the U.S. intelligence agencies were using sophisticated electronic monitoring devices to watch how General Manuel Noriega was providing money-laundering services to the Colombia drug cartels.”

Intriago is also a big believer in striking a balance between privacy and security. In a 2002 interview after the passing of the USA Patriot Act, he commented on the new investigative authority of the federal government, “One has to pray that those powers are used responsibly.”

If not, Charlie Intriago will be the one to tell us about it.

Share This

[Daily Post from Infoglide Software] The Banking Industry Needs Identity Resolution

“Until the BSA is redrafted to clearly outline what is and is not required of Anti-Money Laundering (AML) officers, identity resolution software is the best way to protect the banks assets. To protect itself from an ambiguous law, banks should go beyond what federal regulators require. And for this, they need to implement an identity resolution solution that uses sophisticated similarity search techniques to resolve multiple identities into one unified view.”

New York Times: Cutting Off Terror’s Money Supply

Gary M. Osen: “Ultimately what we were trying to do was send a message to respectable institutions as to why they should get out of this line of work. […] The notion that these foreign terrorist organizations can move money through their local bank like you or I would use Chase Manhattan to send money to our Aunt Tillie is untenable. But it happens. All major terrorist organizations depend on dollars. Dollars are the currency of the realm.”

ACAMS.org: A member’s perspective on the evolution of compliance

“We saw the rapid passage of the USA Patriot Act, implementation of new special recommendations by the FATF and nations previously relaxed in their approach to AML regimes, pass proceeds of crime legislation and create active Financial Intelligence Units (FIUs). Financial institutions sought experienced compliance officers, but they were far and few between. The compliance function was now a hot-button. Insurance companies, money services businesses, jewelers and an expanding array of financial and non-financial trades and businesses were pulled into the AML whirlwind. International fraud schemes, staggering financial levels of official corruption and other organized criminal activities began to fall to money laundering and proceeds of crime statutes around the world. Banks and non-bank financial institutions were struck with extraordinary fines, penalties and lawsuits. There appears to be no end in sight.”

MiamiHerald: Newsletter publisher cleans up on money laundering

“Subscriptions — at $245 annually — started to sell themselves. Bankers were desperate for information on how to comply with voluminous and often confusing laws and regulations. They wanted to know what other banks were doing. And they desperately needed to stay on the good side of regulators to avoid steep fines and negative publicity.”

Share This

For the banking industry, Knowing Your Customer (KYC) is not just good business, it’s the law. The Banking Secrecy Act (BSA) and its recent update require banks to

“include a Customer Identification Program with risk-based procedures that enable an institution to form a reasonable belief that it knows the true identity of its customers.” (Complete enforcement update available in PDF.)

Problem is, the BSA does not regulate what is reasonable and no one is exactly sure what is the legal, enforceable definition of a bank’s responsibility to “form a reasonable belief that it knows the true identity of its customers.”

Despite the update to BSA, banks are still caught between knowing their customers and knowing what banking regulators want them to know about their customers. This is an old problem and it begs to be fixed.

Back in 2004, this article from Bank Systems and Technology on the Riggs Bank Scandal reported:

“Currently, the USA PATRIOT Act requires banks to check customers’ names against a list of known and suspected terrorists. But that leaves room for interpretation as to the correct spelling of a name and its variants, as well as a degree of uncertainty as to the proper formatting of addresses and phone numbers. Furthermore, as the recent Riggs Bank scandal shows, a system that relies upon names alone is subject to manipulation. (The New York Times reported this week that a Riggs Bank employee changed the name of an account held for Chile’s General Pinochet to “A. Ugarte,” using his mother’s maiden name. As a result, searches for “Pinochet” would come up empty.).”

This article is so old they used the term “entity resolution” instead of the now common term “identity resolution” and Jeff Jonas’ SRD had not yet hooked its wagon to IBM.

Still, three years and one updated federal banking regulation later, banks like American Express are being fined $65 million.

“This is a worldwide bank. This is significant,” said Ken Thomas, a Miami bank analyst and lecturer at the Wharton School of Business of the University of Pennsylvania. “It tarnishes the American Express name. More important than the [amount of the fine] is the reputational risk.”

Until the BSA is redrafted to clearly outline what is and is not required of Anti-Money Laundering (AML) officers, identity resolution software is the best way to protect the banks’ assets. To protect itself from an ambiguous law, banks should go beyond what federal regulators require. And for this, they need to implement an identity resolution solution that uses sophisticated similarity search techniques to resolve multiple identities into one unified view.

Here’s more from the Identity Resolution Daily archives:

American Express Fined $65 Million — Bank Secrecy Act/Anti-Money Laundering STILL Needs Work
“No one wants to have the head of the DEA saying something like this about their bank: ‘Today an established and respected financial institution learned a valuable lesson about its legal responsibilities,’ said Karen Tandy, head of the Drug Enforcement Administration.”

Knowledge Center: Barry Graubart on Complexity of Identity Resolution and Anti-Money Laundering
“…when comparing customer records to Anti-Money Laundering (AML) or Terrorism watch lists, banks and other financial institutions frequently have very limited access to information (on the watch list side). Terrorists, money launderers and drug traffickers don’t often provide a SSN or a street address. Instead, AML pros are limited to matching a name and, at best, city or country. Further complicating matters is the fact that…”

Feds Update BSA/AML Compliance Regs: Still No One Know What KYC Means
“It’s really scary that because of the ambiguity surrounding BSA/AML compliance, bankers are forced to play defense against their own government, instead of being on offense against money-launders, drug traffickers and terrorists.”

No One Knows What Know Your Customer Really Means
“Now let’s assume that this hypothetical developer/exotic car aficionado/gambler happens to also be a terrorist financier, though that can’t be found on his resume. Now what would happen if a catastrophic terrorist attack succeeds due to funding from this gentleman and the subsequent forensic investigation ties him to the crime? Would the bank be fined for not knowing this customer well enough?”

Share This

[Daily Post from Infoglide Software] Retail Loss Prevention’s Biggest Concern: Internal Theft

“Hardware-wise, Closed Circuit Television (CCTV) can be a good deterrent. But if 75 percent of internal thieves are never caught, wouldn’t it be easier to not hire high risk employees in first place than to catch them in the act? With software — specifically identity resolution software — retailers can get a clear comprehensive, composite depiction of current employees and potential new hires.”

Threat Level: DHS Data Mining Program Suspended After Evading Privacy Review, Audit Finds

“A controversial Homeland Security data mining system called ADVISE that dreamed of searching through trillions of records culled from government, public and private databases analyzed personal information without the required privacy oversight, may cost more than commercially available alternatives and has been suspended until a privacy review has been completed, according to an internal audit.”

The Observer-Dispatch: Area retailers target thieves on the payroll

Recent arrests of employees at Old Navy, Home Depot, Sears, Circuit City and Kohl’s Department Store, however, show that more effective loss-prevention techniques are making a difference, police said. “As the thieves become smarter, technology becomes smarter,” New Hartford police Lt. Timothy O’Neill said. “It’s a constantly evolving process.”

Share This