My name is John Dugan.  I am a partner with the law firm of Covington & Burling.  I am testifying today on behalf of the Financial Services Coordinating Council, or “FSCC,” whose members are the American Bankers Association, American Council of Life Insurers, American Insurance Association, Investment Company Institute, and Securities Industry Association.  The FSCC represents the largest and most diverse group of financial institutions in the country, consisting of thousands of large and small banks, insurance companies, investment companies, and securities firms.  Together, these financial institutions provide financial services to virtually every household in the United States.

The FSCC thanks the subcommittees for the opportunity to testify today on the misuse of the Social Security numbers (“SSNs”) of deceased individuals.  We continue to believe that SSNs play a central role in deterring and detecting fraud and identity theft because SSNs are the best “unique identifier” that financial institutions can use to determine whether an individual is really who he says he is.  To that end, the FSCC welcomes the attention the subcommittees are giving to the issue of SSN misuse, especially the misuse of the SSNs belonging to deceased individuals. 

As the subcommittee requested, my comments today focus on the Social Security Administration’s (“SSA”) maintenance of the Death Master File (“DMF”), on which financial institutions ultimately rely to update their records to prevent misuse of the SSNs of deceased individuals; the problems that financial institutions face in relying on the DMF due to notification lag times; and possible ways in which the system can be improved so that there is significantly less delay in updating and disseminating the DMF. 

My testimony today makes three fundamental points: 

• First, SSNs are key unique identifiers that are essential for financial institutions to use to guard against identity theft or other fraud or misuse (for example, use of SSNs is critical to the fight against money laundering, as has been recognized in the recently enacted anti-money laundering legislation).

• Second, the SSA’s DMF is a comprehensive record of deceased individuals’ SSNs, but delays in updating and disseminating this list can create opportunities for fraud and identify theft.

• Third, because financial institutions ultimately rely almost exclusively on the SSA’s DMF to determine whether an SSN belongs to a deceased individual, the more frequently the DMF is updated and disseminated, and the more accessible such information is, the more effective the list will be as a tool to detect and deter fraud and identity theft.

The Integral Role of Social Security Numbers in U.S. Commercial Activities

As the GAO noted in its February 1999 report,[1] the SSA created SSNs 65 years ago as a means to maintain individual earnings records for the purposes of that program.  But Congress soon realized the tremendous value to society of a unique identifier that is common to nearly every American.  As a result, it began to require federal government use of the SSN as a “common unique identifier” for a broad range of wholly unrelated purposes, such as tax reporting, food stamps, Medicaid, Supplemental Security Income, and child support enforcement, among others.  Moreover, as the GAO acknowledged, it has repeatedly recommended in numerous reports that the federal government use SSNs as a unique identifier to reduce fraud and abuse in federal benefits programs.[2]

Following the federal government’s lead, American businesses not only complied with federal requirements to use SSNs as identifiers for federal laws unrelated to social security, such as income tax reporting, but they also realized the powerful consumer benefits to be derived from comparable business use of SSNs as a common unique identifier.  Thus, businesses began to use SSNs in a manner similar to the federal government.  For example, businesses use SSNs to match records with other organizations to carry out data exchanges for legitimate business purposes such as transferring and locating assets, tracking patient care among multiple health care providers, and preventing fraud and identify theft.  Many businesses also use SSNs as an efficient, unique identifier for internal activities.

Similarly, the financial services industry has used the SSN for many decades as a unique identifier for a broad range of responsible purposes that benefit consumers and the economy.  For example, our nation’s remarkably efficient credit reporting system relies fundamentally on the SSN as a common identifier to compile disparate information from many different sources into a single, reliable credit report for a given individual.  Further, the banking, insurance, and securities industries each use SSNs as unique identifiers for a variety of important regulatory and business transactions, primarily to ensure that the person with whom a financial institution is dealing really is that person.  It is that essential need to verify a person’s identity using a common unique identifier—the SSN—that leads financial institutions to rely on the reporting of deceased individuals’ SSNs to guard against fraud and identity theft.  Thus, because SSNs are used so widely by government and businesses as the most reliable common unique identifier, it is critical that that reliability not be undermined by the theft and misuse of the SSNs of deceased individuals. 

The Social Security Administration’s Death Master File

A key method for preventing fraud and identity theft due to the misuse of a SSN is to identify the fraudulent use of a deceased individual’s SSN.  The linchpin of this prevention effort is the SSA’s DMF.  The SSA processes more than 2 million deaths each year and has compiled roughly 50 million deaths, total, in the DMF.[3]  The death reports used to update the DMF come from a wide variety of sources.  Nearly 95 percent of death reports come from family members, funeral homes, postal authorities and financial institutions.  The remaining 5 percent come from all 50 states and the District of Columbia, which are required to provide death information to the SSA within 90 to 120 days after the month of death.[4] 

The SSA takes the information it receives from these sources and updates the DMF on a monthly basis.  The records of each deceased person include his social security number, last name, first name, date of birth, date of death, state or country of residence, ZIP code of last residence, and ZIP code of lump sum payment of death benefits.[5]  

The DMF is made available to the public for a fee, but it is not made available as a searchable, centralized database.  Private entities may obtain the DMF in one of two ways.  Entities in the United States, Canada, and Mexico may purchase a quarterly subscription for $6,900per year, which means the SSA will send those subscribers an entire, updated DMF every quarter.  In the alternative, entities in the United States, Canada, and Mexico may purchase a full DMF for a one-time cost of $1,725 and then purchase a subscription to the Death Master Monthly Updates File for $2,760 per year.  The SSA requires those entities who purchase a single, full DMF and who intend to keep their DMF current to purchase the monthly updates subscription, which only distributes the updates to the DMF, rather than the entire updated DMF, on a monthly basis.[6]

Because the DMF is not provided in a simple, searchable format, most financial institutions do not purchase it directly.  Instead, when it is necessary to verify an SSN as part of an account opening procedure or otherwise, financial institutions generally rely on third party vendors, including credit bureaus, who purchase the DMF.  For example, when provided with the SSN at the time an account is opened, a financial institution would typically provide that SSN to the third party vendor, and the vendor would use its databases to compare the number with SSA’s updated DMF. 

Financial institutions may also learn of an individual’s death through the use of Death Notification Entries (“DNEs”).  The SSA is one of the agencies that generates a DNE when a benefit recipient dies.  The DNE is a zero-dollar entry with an addenda record.  That is, rather than sending the financial institution a beneficiary’s payment, the financial institution receives information about the individual’s SSN, date of death, and the amount of the next scheduled benefit payment.  The financial institution is then encouraged to flag the deceased recipient’s account to prevent the account from accepting any post-death Federal benefit payments.[7] 

Effectiveness of the Death Master File

There are two keys to preventing the misuse of SSNs of deceased individuals.  First, the list of such numbers must be kept current.  Second, the most current list must be widely accessible and easy to search and “cross-hatch” against a given SSN.  Unfortunately, while the current DMF is used to accomplish both these goals, there is clearly room for improvement. 

Currency of DMF numbers.  With respect to the currency of the information in the DMF, there can be significant delays in updating the list.  There are delays caused by the time taken for deaths to be reported to the SSA; delays caused by the entry of inaccurate information; and delays caused by the fact that the SSA releases comprehensive updates on only a monthly basis. 

To be more specific, the SSA’s Death Alert Control and Update System (DACUS) controls the processing of death information from the time an individual’s death is reported to the time the DMF is updated.  However, incoming death reports can be missing needed identifying information, such as date of death, or contain incorrect information, such as an incorrect SSN.  In addition, where the SSA’s Master Beneficiary Record contains information that is inconsistent with the information submitted to the DMF, the DMF cannot be updated, even though the Master Beneficiary Record is updated.[8]  Further, SSA does not verify death reports of individuals who are not social security beneficiaries.  This means that if multiple or incorrect death reports are submitted for a non-beneficiary, the SSA does not detect or correct the reports.  In turn, erroneous death information for non-beneficiaries would be passed on to financial institutions.[9]

Thus, not only are DMF updates sent to subscribers only once a month, but where an individual’s death record contains incomplete, incorrect, or inconsistent information, the delay in updating the DMF could be even longer.  Unfortunately, a criminal can take advantage of that lag time by attempting to use the deceased person’s SSN for fraudulent purposes, because the financial institution would not have the updated information to find out the true status of that SSN.  Indeed, according to recent testimony by the SSA’s Inspector General, the SSA’s death reporting system still needs a great deal of work to ensure that the DMF is updated on a timely basis.[10] 

“Searchability” of DMF.  As noted, the DMF is not provided in a form that is readily searchable.  As a result, because it contains such a large amount of information, the most practical way to use the list is through intermediaries that convert the DMF into a searchable database that can be used by financial institutions and others.  This service by third party vendors is valuable but can be costly, and cost can thus be a deterrent to the use of the DMF.  Obviously, if a centralized, searchable database containing the DMF were widely available at a reasonable price, it is likely that the DMF would be used more routinely for a wider variety of SSN authentication checks.

Financial Institutions’ Use of the DMF

Although the main purpose of the DMF is to inform the SSA that an individual has died and therefore should no longer receive payment of benefits,[11] the DMF information also is purchased by private information vendors, upon whom financial institutions ultimately rely for accurate information about the status of individuals’ SSNs.  Therefore, while the accuracy of the DMF is crucial to saving the SSA millions of dollars each year in overpayments, it is equally crucial to financial institutions who seek to prevent fraud and misuse of the SSNs of deceased individuals.

For example, many large banks contract with information vendors—including, but not limited to, the major credit bureaus—to compare the bank’s list of individuals who have been approved for credit cards against the DMF.   Similarly, banks, securities broker-dealers, mutual fund transfer agents, and insurance companies frequently use information vendors to conduct the same type of SSN comparison for new account openings, changes in parties on accounts, to determine whether to allow a client to maintain a margin account, to detect possible fraudulent transactions, to locate lost shareholders, and to review loan applications.  Because the vendors receive their information about the status of SSNs from the SSA’s DMF, if the information in the DMF is incorrect or incomplete because of delays in updating the list of deceased individuals, then financial institutions will receive incorrect information about the validity of the SSN that a potential customer has provided.  Simply put, therefore, the more current the DMF is, then the more current the vendor’s data is, and the better financial institutions can be at uncovering identify theft and other fraud involving the use of deceased individuals’ SSNs.

Conclusion

The FSCC believes that the most effective way to combat fraud and identity theft stemming from the misuse of SSNs of deceased individuals is to make those numbers more current and more easily accessible at a reasonable price by all institutions, including smaller ones.  We welcome suggestions for achieving both goals, and would be happy to work with the subcommittees and their staffs to facilitate these efforts.  Thank you.

[1] “Social Security – Government and Commercial Use of the Social Security Number is Widespread,” February 1999, GAO/HEHS-99-28.

[2] Id.

[3] Nearly every record in the DMF relates to an individual who died after 1962, which is when the SSA began keeping the death records on computer.  Jack Gehring, Social Security Death Master File: A Much Misunderstood Index, at http://www.ancestry.com/search/rectype/vital/ssdi/article.htm (last visited Nov. 6, 2001).

[4] Social Security Administration’s Program Integrity Activities:  Hearing Before the Subcomm. on Social Security of the House Comm. on Ways and Means, 106th Cong. (March 30, 2000) (statement of William A. Halter, Deputy Commissioner of Social Security), available at http://www.ssa.gov/policy/congcomm/testimony_033000.html (last visited Nov. 6, 2001). 

In 1999, SSA contracted with the National Center for Health Statistics and the National Association for Public Health Statistics and Information Systems to begin developing a national electronic death registry, within which SSA could obtain death information from states within 24 hours of the state’s receipt of that information.  Id.  However, that system is not in use at this time, and the SSA expects only 10 states per year to implement the electronic registry.  Id.

[5] NTIS, Social Security Administration’s Death Master File,  at http://www.ntis.gov (last visited Nov. 6, 2001).

[6] Id.  Entities outside the United States, Canada, and Mexico may purchase the DMF Quarterly subscription for $13,800, a single DMF for $1,725, and the Death Master Monthly Updates file for $5,520.  Id. 

[7] Returns–Reasons, DNE, Green Book, available at http://www.fms.treas.gov/greenbook/returns/returns-a2.html (last visited Nov. 6, 2001).

[8] “Social Security—Most Social Security Death Information Accurate But Improvements Possible,” Aug. 1994, GAO/HEHS 94-211, available at 1994 Westlaw 838092.

[9] “Social Security—Most Social Security Death Information Accurate But Improvements Possible,” Aug. 1994, GAO/HEHS 94-211, available at 1994 Westlaw 838092.

[10] Social Security Administration Improper Payment Issues:  Hearing Before the Senate Committee on Finance, 107th Cong. (April 25, 2001) (statement of James G. Huse, Jr., Inspector General of the SSA), available at http://www.ssa.gov/oig/testimony04252001.htm (last visited Nov. 6, 2001).  The Inspector General’s comments were directed toward the need to improve death reporting in order to ensure that social security benefits are not paid to an individual after his death; however, his comments illustrate the need for quicker death reporting as it relates to identify theft or misuse of deceased individuals’ SSNs.

[11] The Office of Management and Budget “required that, beginning in March 1992, federal and federally assisted programs match SSA’s death information against their  payment files on a monthly basis to more quickly remove deceased beneficiaries from their roles and reclaim overpayments.”  “Social Security—Most Social Security Death Information Accurate But Improvements Possible,” Aug. 1994, GAO/HEHS 94-211, available at 1994 Westlaw 838092.