[Spooky23]

Clearly, both the bank and the individual are victims of the crime.

Generally speaking, the impact to the customer is usually greater, as bank business model aren't dependent on every loan being repaid. Consumers stand to lose money directly and lose the opportunity to access capital.

The credit agency or anyone else who has a breach is usually a negligent third party.

[ticviking]

They are victims of very different things though.

The bank is a victim of fraud.

The individual is a victim of impersonation by the borrower, and slander by the bank and credit agencies.

[zAy0LfpBZLC8mAC]

The individual isn't in any way a victim of the crime. A bank used some information presented to them to conclude that they were dealing with Alice when that information was objectively not sufficient to justify that conclusion. That has absolutely nothing to do with Alice. Alice is victimized in the next step by the bank when the bank claims that it somehow is Alice's responsibility that they took someone else for Alice.

[uiri]

Not sure how the individual is victimised by the fraudster here. If the bank had a 100% success rate at detecting fraud with no false positives and no false negatives, then the individual wouldn't need to know and likely would never find out about the impersonation attempt.

The individual is victimised by the bank and the credit reporting agencies by their spread of misinformation.

[perlpimp]

In some countries when you sign out a loan and a card you get picture snapped. but then this measure would stick banks with loans and not the consumer.