Distinguishing Between Disputes & Complaints Versus Fraud

It’s hard enough for financial institutions to receive, research, respond to and track consumer disputes and complaints, but when one of those disputes or complaints stem from fraud, the process becomes even more complicated.  Banks generally have different departments that handle frauds, disputes and complaints, and those departments are generally on different systems.  So, linking together a fraud and a complaint or a fraud and a dispute when they happen can be difficult at best, impossible at worst.   

But before we dig into ways to overcome these issues – let’s take a look at each of these circumstances independently and provide some additional insight into handling them.

There are several different types of fraud that financial institutions must be aware of and address: 

Lost or stolen card:

  • Card Not Present – fraudster obtains credit card number, expiration date and CCV illegally, and then uses it to shop online or via phone orders.
  • Account Takeover – hacker obtains the cardholder’s data, act as though they are the real cardholder, reach out to the credit card company, report the lost card and change address at the same time. New card goes to different address. Fraudster now has the card.

Fraudulent Applications for Credit:

  • Identity Theft – fraudster takes over someone else’s identity (from Phishing, Spam, Click Bait or other form)
  • Sleeper Fraud – fraudster opens credit card using false info, uses the card, but pays minimum payment for months, or even years, then maxes out the card and ‘disappears’.
  • Synthetic Fraud – fraudster uses a real name, address and SSN but from three different people. Each element is correct, but together they are a fake identity.  Fraudsters will use this method to create a totally new identity, build up a credit footprint by obtaining different credit cards and identifying documentation such as a library card, phone number, etc.  Many times this is not detected until the synthetic identity has maxed out several credit cards, at which time they will simply disappear.
  • Mail-Intercept Fraud/Mail Non-Receipt Fraud – fraudsters steal information such as email user names and passwords, which provide enough information for them to hack into personal or business accounts. They then monitor incoming emails that contain personal or private information (such as bills/invoices) that may have banking or account information.  This information can be used to access existing accounts, or used to create new accounts.
  • Data Breach/Hacking – fraudsters can obtain valuable personal and account information via hacking into systems. Hackers are getting very creative with spam and phishing emails, in hopes of obtaining access to a system that will allow them to access and steal information. Once in the hands of the hackers, the information is either sold or used by the hackers themselves to open fraudulent accounts, or fraudulently access existing accounts. 


  • Fraudsters will hijack a cash machine by inserting their own card reader at the card input slot (skimming), and have a hidden camera to capture the PIN number. Once they have the card info – they can create a whole new card and use it with the PIN they have obtained. (This actually happened to both me and my husband while traveling in Mexico – our information was stolen from the same cash machine.  The credit cards were duplicated and used in another cash machine in South America).

Once the fraud is detected, the financial institution must take immediate action to attempt to reduce the amount of money stolen by the fraudster.

How is Fraud Detected?

Depending on the type of fraud, it may take a while to detect (as with sleeper fraud or synthetic fraud), or the consumer may be the one to report a fraudulent transaction on their credit card statement, or a bank may notice unusual activity on a credit card, such as cash advances from across the globe in a short period of time. 

There are also data companies that have products that help with fraud detection, some have specific products for synthetic fraud identification that you can run your prospective new customer’s through to determine if the name, address and social security number all belong together. 

Most financial institutions have some sort of technology and analytics in place to help with fraud detection.  A change in charging/spending habits and patterns is often the initial indication of fraud.  Many fraudulent transactions start with a fishing expedition to see if the card is valid.  A charge of a few cents up to a few dollars may initially appear on your statement.  Once they know the card is good – they will continue to use it until it is denied. 

Regardless of how the fraud is initially identified, once an account is flagged, there is likely a manual review process to research.  But one important step is frequently missed – communicating this information to your collection team. 

Collection activities are often-times handled from a different host system from the financial institutions regular CRM.  If an account is moved from your regular CRM to your collection CRM, the account may not be properly flagged as fraud in the collection environment.  This may result in calls to an incorrect consumer, wasted time, money and effort in trying to skip trace a synthetic identity, letters going out to incorrect consumers, or turning over of the account to a collection agency.  All of this could result in a complaint or dispute by a consumer. 

Consumer Disputes

A consumer dispute arises when a consumer does not agree with certain information relating to their account.  It could be a dispute of a credit card charge, a fee, a balance, of existence the account itself or any number of other reasons.  Often, determining what constitutes a dispute is can be tricky.  If a consumer calls to ask the balance of the debt, and asks for the most recent statement – are they disputing?  How about if they say they can’t remember this account and need more information? Or that their ex-spouse was supposed to pay it in the divorce agreement?

Collection agencies are required to handle disputes in accordance with the Fair Debt Collection Practices Act (FDCPA).  Additionally, pursuant to the Fair Credit Reporting Act (FCRA) credit reporting agencies, collection agencies and creditors are required to verify disputes made by consumers about items appearing on their credit report.   Both regulations have timelines associated with responding to a consumer’s dispute. 

While original creditors collecting on their own debt don’t have to abide by the FDCPA, if the debt is turned over to a collection agency, that agency will generally request additional information from the original creditor when a dispute arises – this is called verification of debt (VOD).  When this happens, both the collection agency and the creditor are responsible for getting the information quickly in order to respond to the consumer. 

Additionally, if the debt has been reported to a credit bureau, the debt must be marked as “disputed” until such time as it is resolved.

What is the Timeline to Respond to a Consumer Dispute?

If the dispute is originally made to the consumer reporting agency (CRA), the CRA has a defined process under the FCRA that they must follow, which includes a timeline.  The CRA has 30 days to reach out to the original creditor, data furnisher or source of the information being disputed, and reinvestigate.  If they find the information on the credit bureau is incorrect, it must be updated.  However, if they find the information is correct at the source, then it can remain on the credit report.  In these instances, the original creditor or the collection agency, whichever one reported the debt to the credit bureau or both if both reported it, must review their documentation, and report back the results.  Often-times, this process is handled through the e-Oscar platform. 

Consumer Complaints

A consumer complaint is different from a dispute but could converge at some time.  With a dispute the consumer is questioning the factual information relating to their account.  However, in a complaint, the range of topics is nearly unlimited.   Additionally, there are several different ways a consumer may file a complaint, and it can be filed with many different entities.  

A consumer can file a complaint with the Better Business Bureau (BBB), the Consumer Financial Protection Bureau (CFPB), the FTC (Federal Trade Commission) [although FTC complaints are generally forwarded to the CFPB], their State Attorney General, or directly to the creditor or collection agency, whoever their complaint is against.  Furthermore, the complaint can be submitted in any number of ways; verbally, in writing, via text, email, voicemail, chat or any other the consumer would like, and all ways must be treated equally as important. 

The complaint itself can be a variety of things, a few of the more common complaint topics related to collections are listed below (note this is not a comprehensive list):

  • A previous dispute was not handled properly
  • A collector mistreated them on the phone, text, email, voice mail, chat or in person
  • A collection letter did not contain required regulatory language
  • A collection agency didn’t have proper notifications on their website, letters, phone message, etc.
  • A collection agency or creditor was unfair, deceptive or abusive under the terms of UDAAP (Unfair Deceptive Abusive Acts or Practices)
  • A collector made misrepresentations under the FDCPA (i.e. threatening to sue when they don’t have the ability to, threatening to arrest, etc.)
  • The debt being collected does not belong to the consumer
  • Threaten to contact a manager, superior officer, relative, neighbor or other person and share information about the debt.
  • Calling or texting a cell phone without permission (also a TCPA violation)

The CFPB Complaint Portal went live in June 2013 – since then, there have been increasingly more and more complaints filed with the CFPB relating to debt collections.  For additional information on the CFPB complaint process, see my blog post Using CFPB Complaints to Assist Portfolio Management.

Source: www.consumerfinance.gov

It is a best practice that the creditor or collection agency act quickly to resolve the complaint.  If the complaint has been submitted via another party and not directly to the creditor or agency, then that other party will likely initiate communication with the creditor or agency in order to get the complaint resolved to the consumer’s satisfaction. 

If the complaint comes through the consumer’s attorney, it is vital that the creditor or agency get their own legal counsel involved immediately.  With the increase in number of consumer attorneys looking to represent large classes in class action lawsuits, it is important to immediately address any concerns and resolve them immediately.  Especially when they relate to a repeatable issue that may have happened numerous times, such as incorrect language in a letter.  In these cases, attorneys just assume that every letter sent to a consumer had the same incorrect language, and the situation is ripe for a class action.

The Intersection of a Fraud, Dispute and Complaint

While one activity could spur all three, it is more likely that two of the three would be involved in an overlapping situation: fraud + dispute or fraud + complaint or dispute + complaint.   

In these cases, if your company is using disparate systems to handle frauds, disputes, and complaints, it may be difficult to know that an overlap has occurred.  But it is very important to be able to identify situations where it has.   It could save a lot of time, effort and more importantly frustration to the consumer, if you are aware that a complaint or dispute is actually the result of a fraudulent activity on their account. 

For collection agencies, the situation is even more difficult because they likely do not have access to the fraud database or information in their creditor client’s system.  Even if the consumer does not mention fraud, the agency should immediately contact their creditor client to inquire if they have had any notification of fraud on the account. 

Best practice for creditors is to always check your host system for fraud prior to sending an account into internal collections and checking again prior to forwarding to a collection agency or law firm.  If a fraud report comes in and the account has already been sent to collections, the account should immediately be recalled until the fraud has been properly researched and resolved. 

If an account goes into collections, and the consumer seems to have disappeared off the face of the earth, it may be a case of synthetic fraud.  Before committing too much time, effort, and money to skip tracing, it’s worth a scrub past a data vendor that offers a synthetic fraud scrub.  If the consumer didn’t exist in the first place, it’s not worth trying to locate them. 

Having a solid fraud, dispute and complaint process in place and ensuring you can communicate between your systems will go a long way in saving extra work and frustration and will result in better customer satisfaction.