A Vulnerable Age: Fraud Against Seniors Often Is Routed Through Banks

Bruno Koch, 83, told the telemarketer on the line that, yes, of course he would like to update his health insurance card. Then Mr. Koch, of Newport News, Va., slipped up: he divulged his bank account information.

What happened next is all too familiar. Money was withdrawn from Mr. Koch’s account for something that he now says he never authorized. The new health insurance card never arrived.

What is less familiar — and what federal authorities say occurs with alarming frequency — is that a reputable bank played a crucial role in parting Mr. Koch from his money. The bank was the 140-year-old Zions Bank of Salt Lake City. Despite spotting suspicious activity, Zions served as a gateway between dubious Internet merchants and their marks — and made money for itself in the process, according to newly unsealed court documents reviewed by The New York Times.

The Times reviewed hundreds of filings in connection with civil lawsuits brought by federal authorities and a consumer law firm against Zions and another regional bank that has drawn even more scrutiny, First Bank of Delaware. Last November, First Delaware reached a $15 million settlement with the Justice Department after the bank was accused of allowing merchants to illegally debit accounts more than two million times and siphon more than $100 million.

The documents, as well as interviews with state and federal officials, paint a troubling picture. They outline how banks profit handsomely by collecting fees while ignoring warnings of potential fraud and, in some instances, enabling dubious merchants to prey on consumers.

Anyone, young or old, can be targeted by unscrupulous marketers. But for several reasons — financial worries, age, loneliness — older people are particularly vulnerable to what is known as mass market fraud, deceptive pitches that arrive by telephone, mail and the Internet.

The problems at Zions and First Delaware, where the banks became financial conduits and quiet enablers for questionable businesses, extend well beyond those two institutions, federal authorities say. Indeed, banks across the country, from some of the largest to smaller regional players, help facilitate billions of dollars of fraud each year, according to interviews with consumer lawyers and state and federal prosecutors.

Officials at the Justice Department say they are taking aim at banks’ role in giving predatory lenders and fraudulent merchants access to the United States financial system. The department is considering civil and criminal actions against a number of banks for allowing tainted money to flow through branches, for failing to safeguard against suspicious merchants, and for originating transactions on behalf of businesses that they know make unauthorized withdrawals from customer accounts, according to people with direct knowledge of the matter.

“You can’t close your eyes anymore to the fraud that you are allowing to happen,” said Michael Blume, the director of the consumer protection branch at the Justice Department. “Banks are in business to make a profit. Unfortunately, this is a moneymaking operation at consumers’ expense.”

Zions did not interact directly with the company that called Mr. Koch, National Health Net Online. What the bank did was establish a banking relationship with an intermediary, Modern Payments, that handled payments for National Health. Mr. Koch’s account at a small Virginia bank was debited by National Health, which in turn paid Modern Payments for processing the transaction. Modern Payments gave its bank, Zions, a cut of its fee.

In all, Zions in effect let roughly $39 million be withdrawn from hundreds of thousands of accounts from 2007 to 2009. Much of that money was ultimately transferred to bank accounts in Canada, India and the Caribbean, according to a Times review of court records. Many of the Internet merchants’ customers were older people and others on shaky financial footing. But that, too, worked in banks’ favor: the withdrawals set off a cascade of insufficient fund fees — more than $20 million in all, court records show.

Slipstream: Acxiom Consumer Data, Often Unavailable to Consumers

I recently asked to see the information held about me by the Acxiom Corporation, a database marketing company that collects and sells details about consumers’ financial status, shopping and recreational activities to banks, retailers, automakers and other businesses. In investor presentations and interviews, Acxiom executives have said that the company — the subject of a Sunday Business article last month — has information on about 500 million active consumers worldwide, with about 1,500 data points per person. Acxiom also promotes a program for consumers who wish to see the information the company has on them.

As a former pharmaceuticals industry reporter who has researched all kinds of diseases, drugs and quack cures online, I wanted to learn, for one, whether Acxiom had pegged me as concerned about arthritis, diabetes or allergies. Acxiom also has a proprietary household classification system that places people in one of 70 socioeconomic categories, like “Downtown Dwellers” or “Flush Families,” and I hoped to discover the caste to which it had assigned me.

But after I filled out an online request form and sent a personal check for $5 to cover the processing fee, the company simply sent me a list of some of my previous residential addresses. In other words, rather than learning the details about myself that marketers might use to profile and judge me, I received information I knew already.

It turns out that Acxiom, based in Little Rock, Ark., furnishes consumers only with data related to risk management, like their own prison records, tax liens, bankruptcy filings and residential histories. For a corporate client, the company is able to match customers by name with, say, the social networks or Internet providers they use, but it does not offer consumers the same information about themselves.

Jennifer Barrett Glasgow, Acxiom’s chief privacy officer, said that the company kept consumer data in different databases and that its system was not designed to assemble all the information it had amassed on a single person.

“We do not have the capability to look up an individual’s data in the system,” Ms. Barrett Glasgow said. “We don’t have a search-by-name capability.”

Data brokers like Acxiom have developed advanced techniques to collect and collate information about consumers’ offline, online and mobile behavior. But they have been slow to develop innovative ways for consumers to gain access to the information that companies obtain, share and sell about them for marketing purposes.

Now federal regulators are pressuring data brokers to operate more transparently. In a report earlier this year, the Federal Trade Commission recommended that the industry set up a public Web portal that would display the names and contact information of data brokers, as well as describe consumers’ data access rights and other choices.

Julie Brill, a member of the Federal Trade Commission, said consumers should have access to all the details that data brokers collect on them, as well as any analyses that the companies sell about their behavior.

“I include in that not just the raw data, but also how that information has been analyzed to place the consumer into certain categories for marketing or other purposes,” she said. “I believe that giving consumers this kind of granularity will greatly increase consumer trust in the information flow process and will lead to more accurate marketing.”

At the moment, however, information brokers have wildly different policies. Acxiom lets people opt out of its marketing databases, while Epsilon, another marketing services firm, allows people to opt out of having their data rented to third parties. Epsilon says it will also furnish individuals, upon request, with general information about their past retail transactions — including the categories and years of purchase. But it does not include exact product or retailer names.

Andrew Frawley, the president of Epsilon, says his company has set up a task force to explore giving consumers greater access and choices.

“We agree in principle that more transparency is better,” he said.

But setting up a system for consumers to gain access to their own marketing data could be costly and technically challenging for data brokers, said Stuart Madnick, a professor of information technology at the Massachusetts Institute of Technology. Companies would have to develop security systems to verify a consumer’s identity and to ensure that no one else could have access to that individual’s record, he said. At the same time, they would have to be prepared to respond to people who questioned the accuracy of the records.

“How correct is the information they have and are disseminating on you?” Professor Madnick asked. “How do they know who is asking for it?”

Information security experts said data brokers might be reluctant to make public access easier lest consumers react by wanting to opt out of the data collection process altogether.

E-mail: slipstream@nytimes.com.

Slipstream: Acxiom Consumer Data, Often Unavailable to Consumers

I recently asked to see the information held about me by the Acxiom Corporation, a database marketing company that collects and sells details about consumers’ financial status, shopping and recreational activities to banks, retailers, automakers and other businesses. In investor presentations and interviews, Acxiom executives have said that the company — the subject of a Sunday Business article last month — has information on about 500 million active consumers worldwide, with about 1,500 data points per person. Acxiom also promotes a program for consumers who wish to see the information the company has on them.

As a former pharmaceuticals industry reporter who has researched all kinds of diseases, drugs and quack cures online, I wanted to learn, for one, whether Acxiom had pegged me as concerned about arthritis, diabetes or allergies. Acxiom also has a proprietary household classification system that places people in one of 70 socioeconomic categories, like “Downtown Dwellers” or “Flush Families,” and I hoped to discover the caste to which it had assigned me.

But after I filled out an online request form and sent a personal check for $5 to cover the processing fee, the company simply sent me a list of some of my previous residential addresses. In other words, rather than learning the details about myself that marketers might use to profile and judge me, I received information I knew already.

It turns out that Acxiom, based in Little Rock, Ark., furnishes consumers only with data related to risk management, like their own prison records, tax liens, bankruptcy filings and residential histories. For a corporate client, the company is able to match customers by name with, say, the social networks or Internet providers they use, but it does not offer consumers the same information about themselves.

Jennifer Barrett Glasgow, Acxiom’s chief privacy officer, said that the company kept consumer data in different databases and that its system was not designed to assemble all the information it had amassed on a single person.

“We do not have the capability to look up an individual’s data in the system,” Ms. Barrett Glasgow said. “We don’t have a search-by-name capability.”

Data brokers like Acxiom have developed advanced techniques to collect and collate information about consumers’ offline, online and mobile behavior. But they have been slow to develop innovative ways for consumers to gain access to the information that companies obtain, share and sell about them for marketing purposes.

Now federal regulators are pressuring data brokers to operate more transparently. In a report earlier this year, the Federal Trade Commission recommended that the industry set up a public Web portal that would display the names and contact information of data brokers, as well as describe consumers’ data access rights and other choices.

Julie Brill, a member of the Federal Trade Commission, said consumers should have access to all the details that data brokers collect on them, as well as any analyses that the companies sell about their behavior.

“I include in that not just the raw data, but also how that information has been analyzed to place the consumer into certain categories for marketing or other purposes,” she said. “I believe that giving consumers this kind of granularity will greatly increase consumer trust in the information flow process and will lead to more accurate marketing.”

At the moment, however, information brokers have wildly different policies. Acxiom lets people opt out of its marketing databases, while Epsilon, another marketing services firm, allows people to opt out of having their data rented to third parties. Epsilon says it will also furnish individuals, upon request, with general information about their past retail transactions — including the categories and years of purchase. But it does not include exact product or retailer names.

Andrew Frawley, the president of Epsilon, says his company has set up a task force to explore giving consumers greater access and choices.

“We agree in principle that more transparency is better,” he said.

But setting up a system for consumers to gain access to their own marketing data could be costly and technically challenging for data brokers, said Stuart Madnick, a professor of information technology at the Massachusetts Institute of Technology. Companies would have to develop security systems to verify a consumer’s identity and to ensure that no one else could have access to that individual’s record, he said. At the same time, they would have to be prepared to respond to people who questioned the accuracy of the records.

“How correct is the information they have and are disseminating on you?” Professor Madnick asked. “How do they know who is asking for it?”

Information security experts said data brokers might be reluctant to make public access easier lest consumers react by wanting to opt out of the data collection process altogether.

E-mail: slipstream@nytimes.com.