02/03/2025
Blog
Bust-out fraud can be difficult to predict, given that any individual with a good credit history can go delinquent quickly after maxing out their credit line. Bust-out is a billion-dollar problem for lenders, and the potential exposure of synthetic identities is even higher. Successful mitigation against bust-out likely benefits from identity verification tools that use a layered approach to better detect both synthetic identities and individuals with propensity for malicious credit behavior.
Bust-out is a type of credit fraud where an individual (or fraudster using a synthetic identity) acquires credit, establishes a normal usage pattern and solid repayment history and then maxes out the account with no intention of repaying.
Bust-out fraud is specific account behavior that’s a part of overall credit delinquencies, but with unique characteristics for severity, utilization rate and multiple bad tradelines. Bust-out account behavior generated $1 billion in annualized losses for bankcard in a recent TransUnion internal analysis.
Successful bust-out fraud deceives not only banks and consumer lenders, but also credit bureaus. Bust-out fraud typically happens in stages. A fraudster:
Identities with the potential to bust-out are difficult to uncover because they can be both real, completely fabricated or a combination of both. At the same time, bust-out fraud is often signaled by account behavior, driven by the intention of the individual for whom credit is extended, including:
Improving the ability to determine if an identity has the potential to bust-out prior to originating a line of credit requires connecting disparate signals that include identity, device reputation and behavior.
Synthetic identities are a unique challenge for U.S. financial institutions given the lack of a national identity registry. Consequently, criminals have devised ways to fabricate partial or complete identities to seek credit for financial gain through bust-out fraud.
Using synthetic identities, fraudsters assemble a credit identity from different identifiers--perhaps a Social Security number from a child or deceased grandparent — fused with a name and date of birth from someone within the prison population. The fraudster then adds their own mailing address, phone number, etc., and applies for “under the radar” credit (like a department store credit card) with a lower bar to entry.
Slowly and patiently, often up to two years, the fraudster builds credit history, such as additional credit cards, a consumer loan, or even a car loan, making reasonable purchases and paying off the balances, building bigger and bigger credit lines. Until finally, when they’ve developed enough of a credit balance, they “bust-out” and max out the credit line. But because there’s no actual person on the other end of the credit file, there’s no one to go after.
Synthetic fraud is widely recognized as a growing threat because the potential loss is so significant. TransUnion estimates total lender exposure for credit card and consumer loans in the US attributed to synthetic identities are at their highest point since TransUnion began tracking, reaching $2.9 billion in H1 2023.[1]
A recent CU (Credit Union) podcast emphasized synthetic fraud must be stopped at the front door because once synthetic fraudsters enter, it’s nearly impossible to get them out. Banks, credit unions and lenders should ensure their fraud technology stacks are up to date with the tools necessary to mitigate synthetic identity risk, including:
Learn how TransUnion TruValidate™ Fraud Analytics can help detect synthetic identity and bust-out fraud.
[1] The synthetic fraud analysis encompasses US credit activity recorded between Jan 1, 2009 and June 30, 2023. Total lender exposure is the credit amount a synthetic identity has access to for US auto loans, bank credit cards, retail credit cards and unsecured personal loans. It is based upon TransUnion's proprietary formula to capture potential total loss at risk for lenders.