FTC Identity Theft Affidavit: Purpose and Use

The FTC Identity Theft Affidavit is a standardized federal document that identity theft victims use to formally dispute fraudulent accounts, transactions, and debts opened or incurred in their name. Administered by the Federal Trade Commission under its consumer identity theft recovery infrastructure at IdentityTheft.gov, the affidavit functions as the foundational evidentiary instrument in the recovery process. Its acceptance is recognized by credit bureaus, financial institutions, and debt collectors nationwide, making it the primary procedural entry point for victims navigating the identity protection service landscape.

Definition and scope

The FTC Identity Theft Affidavit is a sworn statement — not a complaint form — in which a victim attests under penalty of perjury that specific financial accounts or transactions were opened or conducted without authorization. The document was developed by the FTC in coordination with the banking, credit reporting, and consumer advocacy sectors to provide a single, universally accepted format for disputing fraudulent activity.

The affidavit is formally integrated into the FTC's recovery framework under 16 C.F.R. Part 603, which governs the FTC's Identity Theft Program. It operates in conjunction with the Fair Credit Reporting Act (15 U.S.C. § 1681), which grants consumers the right to place fraud alerts, block fraudulent tradelines, and obtain free credit reports after an identity theft event.

The scope of the affidavit is limited to disputed accounts and transactions — it does not cover all forms of identity-related harm. Tax fraud, medical identity theft, and criminal identity theft each require supplementary filings beyond the standard affidavit. The maps these variant recovery pathways against the affidavit's core function.

Two structural versions exist:

• Standalone FTC Identity Theft Affidavit: Used when a creditor or institution requires a sworn statement independent of a police report.
• IRS Identity Theft Affidavit (Form 14039): A separate instrument issued by the Internal Revenue Service specifically for tax-related identity theft; it shares naming conventions with the FTC document but follows distinct IRS procedures and is submitted to the IRS, not to creditors.

These two instruments are frequently conflated by victims but serve different regulatory channels with no procedural overlap.

How it works

The FTC Identity Theft Affidavit is generated through a structured intake process at IdentityTheft.gov, which combines the affidavit with an individualized recovery plan. The platform auto-populates dispute letters addressed to specific creditors and credit reporting agencies based on the victim's reported facts.

The functional workflow proceeds through the following phases:

1. Report creation: The victim submits details of fraudulent activity through IdentityTheft.gov. The system generates a personalized recovery plan and produces the completed affidavit.
2. Affidavit execution: The victim reviews, signs, and dates the document. Signature constitutes a sworn declaration subject to federal perjury statutes.
3. Credit bureau notification: The affidavit supports requests to the three major nationwide credit reporting agencies — Equifax, Experian, and TransUnion — to place extended fraud alerts (valid for 7 years under FCRA) or to block fraudulent tradelines under 15 U.S.C. § 1681c-2.
4. Creditor submission: Copies of the signed affidavit are submitted to each financial institution holding a fraudulent account. Creditors are obligated under FCRA § 615(f) to cease collection activity on accounts flagged as identity theft after receiving proper documentation.
5. Follow-up documentation: In cases where a police report is also available, the two documents are submitted together as the "Identity Theft Report," which carries stronger blocking authority than the affidavit alone.

The affidavit itself does not initiate a criminal investigation. That function belongs to law enforcement agencies and, for federal matters, the FTC's complaint database, which feeds the Consumer Sentinel Network used by over 2,800 law enforcement agencies (FTC Consumer Sentinel Network).

Common scenarios

The affidavit applies across a defined set of identity theft categories. The four most frequently documented scenarios in FTC reporting include:

• New account fraud: A fraudster opens a credit card, loan, or utility account using the victim's Social Security number and personal identifiers. The affidavit is submitted to the originating creditor to dispute the account's validity.
• Existing account takeover: Unauthorized charges appear on an account the victim legitimately holds. The affidavit supplements the institution's internal dispute process when standard chargeback procedures are insufficient.
• Debt collection harassment: A victim is contacted by a debt collector for a debt originating from a fraudulent account. Submitting the affidavit to the debt collector triggers FCRA and Fair Debt Collection Practices Act (15 U.S.C. § 1692) protections against continued collection.
• Credit reporting disputes: Fraudulent tradelines appear on a consumer credit report. The affidavit enables tradeline blocking under FCRA § 605B, which requires credit bureaus to block information resulting from identity theft as processing allows of receiving a complete identity theft report.

Professionals working within the identity protection service sector routinely encounter affidavit submission as a prerequisite step before more specialized recovery interventions — such as credit monitoring reinstatement, legal referral, or financial counseling — can proceed.

Decision boundaries

The affidavit is appropriate when the harm involves fraudulent financial accounts or credit reporting entries tied to the victim's personal identifiers. It is not appropriate — and will not be accepted as sufficient documentation — in the following circumstances:

Affidavit is sufficient as a standalone instrument:
- Disputing a specific fraudulent credit or loan account with the originating lender
- Requesting a 7-year extended fraud alert from a credit bureau
- Blocking a fraudulent tradeline under FCRA § 605B

Affidavit must be combined with a police report to form an "Identity Theft Report":
- Obtaining an extended block on fraudulent information that a credit bureau disputes
- Compelling a creditor to provide copies of the fraudulent application under FCRA § 609(e)
- Situations where the FTC affidavit alone is rejected by a specific institution's internal compliance policy

Affidavit is insufficient and a separate instrument is required:
- Tax return fraud → IRS Form 14039
- Medicare or Medicaid fraud → CMS or HHS Office of Inspector General complaint
- Criminal identity theft (fraudulent use of identity in an arrest or prosecution) → State law enforcement and court records correction process
- Social Security number misuse in employment → Social Security Administration dispute process

The distinction between using the affidavit alone versus pairing it with a police report is operationally significant. Under FCRA § 605B(a), an "identity theft report" that includes both documents provides broader and more durable blocking rights than the FTC affidavit submitted independently. Victims whose initial blocking requests are disputed by a bureau or creditor are directed by FTC guidance to obtain the police report component to elevate the claim to full Identity Theft Report status.