Saturday, July 18, 2026Independent education journalism for people who make learning happen.

Independent education news, with context.

Higher Education

New FAFSA fraud FAQ puts colleges on the hook for flagged applicants

Federal Student Aid says students routed into identity confirmation currently need a mobile device, while colleges must use existing verification workflows to clear many flagged records.

By EduHub newsroomJuly 18, 20266 min read
A financial aid adviser meets with a student at a desk with a laptop, a smartphone, and paperwork in a campus office.

The U.S. Department of Education on July 17 published a new FAQ that answers some of the most immediate operational questions colleges have had about the federal government’s live FAFSA fraud-screening system: students routed into the new identity-confirmation step currently need a mobile device, and colleges — not just the FAFSA itself — are now responsible for clearing many legitimate applicants who get flagged. The new document does not create the screening system; it clarifies how campuses are supposed to work around it while processing aid for the 2026-27 cycle. (fsapartners.ed.gov)

That distinction matters. Federal Student Aid rolled out real-time fraud detection on April 26, saying every FAFSA applicant would be screened in real time and that only a small portion would be sent into additional identity checks. But until this week’s FAQ, aid offices and college-access advisers had only partial instructions on practical questions such as what device a student could use, whether colleges had to demand in-person verification, when a corrected FAFSA would be screened again, and how schools should clear a flagged record inside the FAFSA Partner Portal. (fsapartners.ed.gov)

Mobile-only for now

The clearest new answer for students and advisers is also one of the most awkward. If a student is pushed into the identity-confirmation flow while completing the FAFSA, the process currently must be finished on a mobile device; a laptop or desktop with a camera does not count. The FAQ does say the device does not have to belong to the student: a parent’s phone or a counselor’s tablet can be used. For high schools, community groups, and colleges that run FAFSA-completion events mostly on desktops or library computers, that means a completion lab may no longer be enough on its own. In practice, advisers may need a backup mobile device strategy, not just a Wi-Fi password and a row of PCs. (fsapartners.ed.gov)

The department also clarified that colleges do not have to require in-person identity confirmation to clear fraud rejects. Instead, schools are supposed to use the existing V4/V5 identity-verification framework. For an enrolled or admitted student who contacts the school to resolve a fraud-related reject or comment code, the FAQ says the institution must work with that student using one of the in-person or video-call options already laid out in prior guidance. Separate verification guidance for 2026-27 says schools can also use newer alternatives such as third-party identity proofing that meets the federal NIST IAL2 standard, and the student-aid handbook says the reporting code for “remote” verification covers methods including video calls, NIST IAL2 verification, in-person notary verification, and correctional-facility representatives. (fsapartners.ed.gov)

The federal screen may be automated, but the cleanup is campus work

This is the part of the July 17 FAQ that most directly shifts day-to-day burden onto institutions. The document points schools to the FAFSA Partner Portal’s “FAA Information” section, where aid officers can use the FAA Fraud Override field after resolving identity questions. A department screenshot shows three choices: verification completed in person with no issues, verification completed remotely with no issues, or verification attempted with identity issues. In other words, once a student reaches the college with a flagged record, the last mile is an institutional workflow problem. Schools need someone who knows the rules, has access to the portal, and can translate a fraud-related reject into a yes-or-no enrollment decision quickly enough to avoid holding up packaging or disbursement. (fsapartners.ed.gov)

That campus-side responsibility is consistent with broader federal guidance issued this spring. In May, the department told colleges they have an “important and significant role” in identity verification, urged them to place account holds aggressively when risk indicators appear, and reminded them that institutions administering Title IV aid must maintain adequate internal controls and refer credible evidence of fraud to the Office of Inspector General. The 2026-27 Federal Student Aid Handbook likewise says schools must have written verification procedures, give selected students a clear explanation of what they must submit, and spell out deadlines and consequences. (fsapartners.ed.gov)

Corrections, older applications, and one code schools can ignore

The FAQ is also more precise than earlier guidance about when students are screened. Students are checked for fraud when they first submit the FAFSA. A student who was not previously evaluated can be evaluated later when submitting a new correction online. But corrections entered by financial aid administrators through the FAFSA Partner Portal or through EDE batch correction are not evaluated for fraud. That is an important operational distinction: a student-driven online correction can trigger screening, while an administrator’s technical fix will not. Aid offices therefore need to know whether they are looking at a student who has never been screened, a student already screened once, or a student whose record is simply being administratively corrected. (fsapartners.ed.gov)

The agency also used the FAQ to tie up loose ends for applications submitted before the April 26 launch. Those earlier 2026-27 FAFSAs went through a one-time fraud review, and Federal Student Aid said in May that about 300,000 applications were selected for Verification Tracking Group V5 as a result. The new FAQ says those previously screened applications will carry both the V5 verification flag and comment code 353 so they are not screened again as duplicates. Another useful clarification: if the department cannot run the real-time process because of system issues, it will use comment code 360 so the applicant is not blocked from submitting the FAFSA, and schools do not need to take additional action on that code alone. (fsapartners.ed.gov)

For colleges and counselors, the practical lesson is that the new federal anti-fraud system is no longer just a Washington compliance story. It is now an intake-design issue. Schools that rely on students to “just fix it online” may discover that a correction triggers a screen the student has never seen before. Advisers who host FAFSA nights on desktop computers may need a tablet on hand. And aid offices that do not have a clear handoff between admissions, student services, and financial aid risk turning a fraud-prevention measure into an avoidable melt point for legitimate students. Those are not new legal mandates in the FAQ’s text; they are the operational consequences of the workflow the department has now described. (fsapartners.ed.gov)

The bigger policy push is still moving. The House-passed No Aid for Ghost Students Act of 2026 would write an identity-fraud screening requirement into law for each FAFSA submitted on or after Oct. 1, 2026, and would require institutions to receive notice when an application presents a reasonable suspicion of fraud before aid can be disbursed. But colleges do not need to wait for Congress to act to feel the effects. As of July 17, the department has made clear that the screening system is already live, the edge cases are already reaching campuses, and the institutions best positioned for fall will be the ones that treat this not as a niche verification problem, but as a front-door enrollment workflow that now needs staffing, scripts, and at least one mobile-capable workaround.