The application looked perfect: a professional with a modest, clean credit file applying for a checking account and a credit card. Over the next several months, the relationship flourished. The member made consistent payments, gradually qualifying for higher limits.
Then, in less than 48 hours, every credit line was maxed out and the account went dark.
When investigators peeled back the layers, they discovered the identity behind the account was built on a Social Security Number (SSN) that belonged to someone who had died months before the account was opened—four states away.
This wasn’t a simple case of mistaken identity; it was the result of a sophisticated criminal strategy built on "Frankenstein" identities. By stitching together a real (but deceased) SSN, a real address, and an AI-generated identification document, fraudsters create profiles that bypass traditional filters. For credit unions, this represents a quiet, existential risk that thrives in the gaps in our financial infrastructure.
As a former banker, I’ve seen the conventional fraud response process from the inside. Traditional identity theft triggers an immune response: a credit monitoring alert, a phone call, or a rejected application that tips off the victim.
But with deceased-based synthetic fraud, there is no victim to answer the phone or check a report.
The "person" on the application is a ghost.
The fraud can persist for months or even years, with the identity being recycled across multiple institutions until the final "harvest." In the modern fraud landscape, the most dangerous member is the one who doesn't exist at all.
The mortality data gap
Why is this form of fraud so effective?
In many cases, we simply don’t have access to timely or complete mortality data. While the Social Security Administration maintains a Death Master File (DMF), the full database is restricted.
What some financial institutions rely on is the Limited Access DMF (LADMF), which currently captures only about 16% of total U.S. deaths—a percentage that only continues to decline.
This creates three critical vulnerabilities:
- The reporting gap: Many deaths never appear in the limited databases used by private lenders.
- The sync lag: Even when a death is reported correctly, there is a significant delay before that information spreads across the broader financial ecosystem—up to 10x slower than can be reported through other approaches.
- The onboarding blind spot: Most institutions prioritize a name-to-SSN match from a credit bureau. If the bureau has already "accepted" the synthetic identity because of its clean payment history, the fraudster is effectively "vetted" by the system itself.
Closing the gap: How credit unions can strengthen identity defenses
Fraudsters are exploiters of friction—or the lack thereof. They know that many institutions do not cross-reference every application against high-fidelity mortality databases. Instead, they rely on traditional verification methods designed for a different era of fraud.
For credit unions, strengthening defenses means looking beyond traditional bureau checks and integrating additional identity intelligence into onboarding and monitoring workflows.
As fraud tactics evolve, the industry has turned to artificial intelligence to dismantle the very "Frankenstein" identities that AI helped create. The goal is to identify synthetic profiles earlier in their lifecycle, before the inevitable "bust out" occurs.
Because official mortality data can be fragmented or delayed, some emerging fraud detection models attempt to identify signals that an individual may have passed away before that information appears in government databases.
These AI systems ingest massive volumes of unstructured data, including obituary postings, probate filings, social media memorial pages, and real estate listings associated with estate settlements.
By analyzing these digital traces, AI models generate a “death probability score,” estimating the likelihood that an individual is deceased before official records propagate throughout the financial system. This can help close the timing gap that fraudsters exploit: the window where a recently deceased individual’s SSN still appears valid because death records have not yet been updated across databases.
However, these systems rely on probability, not confirmation.
That’s why many institutions are adopting a layered approach to identity verification. Predictive models can surface emerging risks earlier, while authoritative mortality data provides definitive validation. But the validation process itself is what delivers certainty. By combining authoritative data with expert-led verification, institutions get confirmed results rather than probabilistic signals—reducing false positives, preventing unnecessary account disruption, and removing the investigative burden from internal teams.
A verified death record serves as a hard stop signal rather than a speculative estimate.
For credit unions, the most robust defense isn't a choice between AI and traditional data—it’s the integration of both. AI-driven probability models act as the scout, identifying emerging risks in real-time, while comprehensive death data serves as the final arbiter.
Synthetic identity fraud continues to evolve, and credit unions remain attractive targets because of their strong member relationships and trusted brands. Prevention requires more than traditional verification methods. By combining modern data sources, predictive analytics, and proactive identity validation, credit unions can close the gaps that synthetic identity fraud depends on.
In the fight against synthetic identity fraud, speed matters. But certainty remains the most powerful defense. Learn how your credit union can strengthen its identity controls and reduce exposure to synthetic fraud at berwyngroup.com.
