The purpose of this section is to reduce the prevalence of synthetic identity fraud, which disproportionally affects vulnerable populations, such as minors and recent immigrants, by facilitating the validation by permitted entities of fraud protection data, pursuant to electronically received consumer consent, through use of a database maintained by the Commissioner.
The term “Commissioner” means the Commissioner of the Social Security Administration.
The term “financial institution” has the meaning given the term in section 509 of the Gramm-Leach-Bliley Act (15 U.S.C. 6809).
The term “permitted entity” means a financial institution or a service provider, subsidiary, affiliate, agent, subcontractor, or assignee of a financial institution.
The Commissioner shall make the modifications necessary to any database that is in existence as of May 24, 2018, or similar resource, or develop a database or similar resource, to effectuate the requirements described in paragraph (1).
For a permitted entity to use the consent of an individual received electronically pursuant to paragraph (1)(A), the permitted entity must obtain the individual’s electronic signature, as defined in section 7006 of title 15.
No provision of law or requirement, including section 552a of title 5, shall prevent the use of electronic consent for purposes of this subsection or for use in any other consent based verification under the discretion of the Commissioner.
Notwithstanding any other provision of law, including the matter preceding paragraph (1) of section 505(a) of the Gramm-Leach-Bliley Act (15 U.S.C. 6805(a)), any violation of this section and any certification made under this section shall be enforced in accordance with paragraphs (1) through (7) of such section 505(a) by the agencies described in those paragraphs.
Upon discovery by the Commissioner, pursuant to an audit described in paragraph (1), of any violation of this section or any certification made under this section, the Commissioner shall forward any relevant information pertaining to that violation to the appropriate agency described in subparagraph (A) for evaluation by the agency for purposes of enforcing this section.
Amounts obligated to carry out this section shall be fully recovered from the users of the database or verification system by way of advances, reimbursements, user fees, or other recoveries as determined by the Commissioner. The funds recovered under this paragraph shall be deposited as an offsetting collection to the account providing appropriations for the Social Security Administration, to be used for the administration of this section without fiscal year limitation.
The Commissioner shall establish the amount to be paid by the users under this paragraph, including the costs of any services or work performed, such as any appropriate upgrades, maintenance, and associated direct and indirect administrative costs, in support of carrying out the purposes described in this section, by reimbursement or in advance as determined by the Commissioner. The amount of such prices shall be periodically adjusted by the Commissioner to ensure that amounts collected are sufficient to fully offset the cost of the administration of this section.
The Commissioner shall not begin development of a verification system to carry out this section until the Commissioner determines that amounts equal to at least 50 percent of program start-up costs have been collected under paragraph (1).
The Commissioner may use funds designated for information technology modernization to carry out this section.
The Commissioner shall annually submit to the Committee on Ways and Means of the House of Representatives and the Committee on Finance of the Senate a report on the amount of indirect costs to the Social Security Administration arising as a result of the implementation of this section.