A known bug — not the new fraud screening — is behind a wave of unexpected ISIR rejections. Here’s what’s happening and what to do about it.
Background
On April 26, 2026, the U.S. Department of Education launched a new real-time identity fraud detection capability within the FAFSA, marking one of the most significant changes to federal student aid integrity in recent years. Detailed in Electronic Announcement APP-26-03, the new system screens every applicant in real-time, placing them into one of four risk categories — Low, Moderate, High, or Highest — and requiring a small subset of applicants to confirm their identity through documentation and a live camera check before receiving federal student aid.
In addition to screening new applications going forward, the Department also began a one-time review of all previously submitted 2026-27 FAFSA forms using the new technology. According to the announcement, flagged applications would likely be selected for V5 verification.
The Issue Surfacing in the Field
In the days following the rollout, financial aid administrators began reporting a troubling pattern through the FSATECH listserv: previously valid 2026-27 ISIRs were returning from reprocessing in rejected status. Rather than being selected for V5 as anticipated, the new transactions were missing student signatures — triggering rejections for missing signature.
Compounding the confusion, many of the affected ISIRs also carried Comment Code 353 (Moderate Risk), which per APP-26-03 requires no institutional action and should not, on its own, result in a rejection.
Federal Student Aid’s Response
Federal Student Aid responded on the listserv to clarify the situation. The rejections are not the result of a fraud determination. Instead, FSA identified a bug that is causing certain students’ signatures to be deleted upon submission of a form or correction, which then cascades into a missing-signature reject.
Key points from FSA’s response:
- The bug is expected to be fixed in the coming days.
- Once the fix is deployed, affected students must submit a correction to re-add their signature. FSA cannot restore signatures via reprocessing.
- FSA is exploring a one-time notification to impacted applicants to encourage them to make the correction.
What This Means for Financial Aid Offices
If your office is seeing previously valid 2026-27 ISIRs returning from reprocessing with missing-signature rejects — particularly those carrying Comment Code 353 — these are most likely affected by this bug rather than by a fraud determination.
A few practical considerations as you navigate this:
- You generally cannot rely on the previously valid ISIR. Once a subsequent rejected ISIR is received, schools must review and resolve it before making further disbursements — a rejected transaction stops disbursement until the rejection is cleared, even when the underlying cause is a known bug rather than a true fraud determination. If ED announces a flexibility allowing schools to continue using the previously valid ISIR in these cases, we will provide an update.
- Comment Code 353 alone does not require institutional action. Per the announcement, Moderate Risk applicants should not have their applications rejected due to fraud risk. A 353 paired with a missing-signature reject points to the signature bug, not a fraud screening outcome.
- Affected students will need to submit a correction. Once ED deploys the fix, students will need to actively submit a correction to re-add their signature. FSA has been clear that signatures cannot be restored automatically through reprocessing.
- Consider proactive identification. Identifying impacted students now positions your office to communicate with them quickly once the fix is live — particularly if FSA’s planned notification does not reach all affected applicants or arrives later than your packaging timeline allows.
- Legitimate fraud screening outcomes still apply. For ISIRs flagged through the new fraud screening process, the reject and comment code framework outlined in APP-26-03 remains in effect. This includes Comment Codes 354, 355, and 357, as well as the new FAA Fraud Override process available beginning May 3, 2026.
Looking Ahead
The new real-time fraud detection capability represents a significant shift in how identity verification is handled at the front end of the FAFSA process — and as with any system of this scale, early implementation issues are to be expected. The signature bug appears to be a contained, fixable problem rather than a systemic flaw in the new screening framework.
We will continue to monitor FSA communications and provide updates as additional guidance becomes available. Financial aid offices with questions about the new fraud detection framework, the reprocessing review, or how to support affected students are encouraged to reach out.
If you have questions or need assistance preparing for these changes, please contact us.
______________________________
Sign-up for our newsletter to stay up to date.
