ACATS Transfers PSA (fraud/theft)

[SJhawkins]

I did a search for ACATS and did not see a note on this.

Couple looses $150k in a ACATS transfer.

Something I have not gave much thought to, still trying to wrap my head around it.

https://www.bogleheads.org/forum/viewtopic.php?t=381060

And

https://old.reddit.com/r/fidelityinvestments/comments/vp522f/lost_around_150k_worth_of_stock_from_my_fidelity/

I generally don't like to post Boglehead posts here out of respect but feel this is something the more we all know about the better.

If I missed the thread here with my search, mods please remove.

 

[yakers]

Yes, saw it on Boglehead, fortunately uncommon problem. Eternal vigilance, constant cat & mouse with the bad guys (girls?).

 

[NW-Bound]

In a concurrent thread entitled "Don't look at your investment too closely", a poster brought up this same subject about ACATS theft.

The gist of it is that if you only look at your account once in a while, the next time you log in, there may not be anything left for you to look at. You will be free from having to look at anything ever again.

See: https://www.early-retirement.org/fo...stments-too-closely-114480-4.html#post2795782

 

[donheff]

Will a credit freeze stop brokerage firms from setting up new accounts in your name?

 

[SJhawkins]

In a concurrent thread entitled "Don't look at your investment too closely", a poster brought up this same subject about ACATS theft.

The gist of it is that if you only look at your account once in a while, the next time you log in, there may not be anything left for you to look at. You will be free from having to look at anything ever again.

See: https://www.early-retirement.org/fo...stments-too-closely-114480-4.html#post2795782

Thanks for the link, good information

 

[ERD50]

I think this deserves its own thread, the other is on a variety of subjects. JMO.

-ERD50

 

[Morgan22]

From these threads I've learned about the "lock" function at our brokerage. So we've locked all of our accounts where possible. It looks very easy to turn off. Let our kids know about it too so they could do the same.

It's too bad you can't lock accounts at all brokerages (yet).

 

[SJhawkins]

From these threads I've learned about the "lock" function at our brokerage. So we've locked all of our accounts where possible. It looks very easy to turn off. Let our kids know about it too so they could do the same.

It's too bad you can't lock accounts at all brokerages (yet).

Between work and personal we are at 5 houses, none that have a lock feature, I wish they did. I think a lock and a white list of accounts you can send to would be helpful.

 

[Morgan22]

Between work and personal we are at 5 houses, none that have a lock feature, I wish they did. I think a lock and a white list of accounts you can send to would be helpful.

Sorry, I've only been able to lock at Fidelity. It seems that you cannot lock at Vanguard, Schwab, or Merrill Edge at this time. But I think brokerages will catch on and create lock features as this type of fraud becomes more prevalent.

 

[NW-Bound]

I think this deserves its own thread, the other is on a variety of subjects. JMO.

-ERD50

Yes. I forgot to add that.

If anyone knows the resolution of the reported case(s), and if the brokerages make the victim whole, please share the info.

 

[jim584672]

I am skeptical of this story on the facts since both accounts need exact information to line up. It would move all positions at DTCC from broker A to B. Seems like it is very traceable and easy to reverse even if it did happen. Reddit is full of idiots in general and they probably are omitting some major information.

 

[Ncc1701]

I am skeptical of this story on the facts since both accounts need exact information to line up. It would move all positions at DTCC from broker A to B. Seems like it is very traceable and easy to reverse even if it did happen. Reddit is full of idiots in general and they probably are omitting some major information.

Yes it can be reversed - but only if the assets are still there. In the Reddit poster's case, the fraudster immediately sold securities and either wired or ACH'd out. They could've done this in one day if the assets were mutual funds or bonds which settle next day.

 

[NW-Bound]

I am skeptical of this story on the facts since both accounts need exact information to line up. It would move all positions at DTCC from broker A to B. Seems like it is very traceable and easy to reverse even if it did happen. Reddit is full of idiots in general and they probably are omitting some major information.

I don't know what ACATS has to do with this, but we know identity theft is rampant.

And I myself have transferred accounts from one brokerage to another several times through my life, and in only one case the existing broker called me to ask for the reason I was unhappy with their service (my answer was no, but the new broker just offered me much lower fees).

So, yes, if someone opened an account with your identity, and all it took was just your name, SS, birthdate, then transfer your existing account, it all goes very smooth.

What the theft needs is your account info at the existing broker, and if he could get your account statement, or has an inside source at the existing broker, it is trivial. Or perhaps he broke into your computer with a virus, and read the account info you saved there.

 

[NW-Bound]

Yes it can be reversed - but only if the assets are still there. In the Reddit poster's case, the fraudster immediately sold securities and either wired or ACH'd out. They could've done this in one day if the assets were mutual funds or bonds which settle next day.

Yes. Poof!

Then, that money from the security sales could be wired overseas, to a Nigerian bank for example, in no time.

All that could be done long ago, if you only look at your account quarterly, or monthly. If you don't care about your money, some thieves will take care of your money for you.

Some people are proud to look at their account only every 6 months or yearly. I wish them luck.

 

[NW-Bound]

I use Quicken to look at all of my accounts every day, unless I am traveling and have no access to the Internet. It's easy to hit "Download all". All brokerage accounts as well as banking accounts and credit cards are updated at day's end.

I had some smaller accounts of less than 6 figures each. The brokers changed something, and Quicken could not download, and that has been going for a few months. I was just too lazy to fix it.

After reading about this account theft, I spent some time to establish the connection again to get the download working. Whew, all my money is still there.

One of the brokers that had the Quicken connection broken was Vanguard. And in going through to rebalance Quicken against Vanguard records, I found a problem that started way back when Vanguard made me do transfers from old accounts to new accounts. I don't understand what the deal was about, but in the transfer somehow one of the dividend payouts was not seen in Quicken.

Don't know whether Quicken or Vanguard dropped the ball in the transaction reporting, but I am glad to find out I had a bit more money, not less, than Quicken showed until I did the reconciliation.


PS. The reason I have been lazy in re-establishing the Quicken download from smaller accounts is that even without the download, Quicken can still update the price of stocks and MFs at the end of the day. Hence, I can still get an update of account balances without a link to the brokerages.

For my main large accounts, I had a lot of trades, and wanted to be sure to see that, hence made sure I could get an update from the broker. From now on, I will want to be aware of any transactions in the smaller accounts with other brokers as well.

 

[Letj]

Is it safe to assume that once Fidelity establishes that this is a fraud situation, the customer would be made whole?

 

[COcheesehead]

I use transfer lockdown at Fidelity. It would have stopped the scenario in the OP.

 

[ncbill]

Is it safe to assume that once Fidelity establishes that this is a fraud situation, the customer would be made whole?

IIRC, from the bogleheads thread it is the receiving brokerage (E-Trade) who is on the hook legally.

So I woudn't worry about being made whole...eventually.

The question is can you live w/o those funds until their investigation is complete?

 

[jim584672]

A bit of background info on ACATS...

11870. Customer Account Transfer Contracts
https://www.finra.org/rules-guidance/rulebooks/finra-rules/11870

" (H) there is a mismatch of the Social Security number/Tax ID (e.g., the number on the transfer instruction does not correspond to that on the carrying member's records);
(I) the account title on the transfer instruction does not match that on the carrying member's records;
"

So the thief would need to set up the account with the exact Social Security and account title of the original. They would probably check other stuff as well.

 

[NW-Bound]

A bit of background info on ACATS...

11870. Customer Account Transfer Contracts
https://www.finra.org/rules-guidance/rulebooks/finra-rules/11870

" (H) there is a mismatch of the Social Security number/Tax ID (e.g., the number on the transfer instruction does not correspond to that on the carrying member's records);
(I) the account title on the transfer instruction does not match that on the carrying member's records;
"

So the thief would need to set up the account with the exact Social Security and account title of the original. They would probably check other stuff as well.

Identity thefts have been able to get people's names, SS numbers, and date of birth. That's not hard for them. They have been stealing people's identities forever.

What the financial industry needs to prevent this are some simple measures, such as requiring the owner of the existing account to explicitly allow this transfer by notifying the old broker via a written form.

I was thinking that perhaps the funds should be blocked from a withdrawal from the new account for a period of a month or so. The problem is if people need to access the account for legitimate purposes, you cannot put such a restriction on it.

 

[Ncc1701]

Will a credit freeze stop brokerage firms from setting up new accounts in your name?

No, Mine are frozen at all 3 bureaus and I opened two accounts at Fido without issue

 

[Sojourner]

This type of ACATS transfer fraud is definitely worrisome, but I suspect it must be quite rare. Otherwise, we'd be hearing a lot more about it and brokerages would have uniformly implemented some simple protocols to prevent it. IOW, they must be losing a very small amount of money (in reimbursements, legal settlements, etc.) due to this, otherwise it would be something we'd all be very familiar with, like identity theft.

Having said that, though, the fact that Vanguard has no outgoing-transfer lock feature is one more black mark against them, in my book. I already hate their very limited implementation of 2FA, so I'm giving renewed consideration to moving to Fidelity.

 

[jazz4cash]

I use transfer lockdown at Fidelity. It would have stopped the scenario in the OP.

This thread prompted me to double check my security settings at Fido. To my surprise I must’ve disabled this feature to permit a transfer out at some point but I can’t recall. I need to be more diligent about checking and reenabling this feature.

 

[jim584672]

I would think changing your passwords very often, and using the longest and most complex passwords is always a good idea. Usually you initiate a transfer after you log on, so I would think the attacker would need the password to go forward.

 

[Ncc1701]

I would think changing your passwords very often, and using the longest and most complex passwords is always a good idea. Usually you initiate a transfer after you log on, so I would think the attacker would need the password to go forward.

Not with this type of fraud. All they need is your name, address, DOB, SS# and brokerage account number. They will create their own credentials at the new firm they are transferring your money to.