05/31/2010
What are some things we can recommend to our business customers using online banking to protect them from losses such as those we read about in the tech papers?
05/10/2010
Many of our commercial clients originate ACH files and some transactions get returned for insufficient funds, etc. When an ACH transaction is returned to us, we charge it back to the client’s account, much like we do for returned checks. We have a couple of clients who have asked for an individual ID to appear on our ACH Return Notices, along with appearing on the transaction itself (though DDA and/or Online Banking history), and appearing on the DDA statement. We have a procedure in place that stops this information from printing on the original ACH transaction for consumer clients. Many of them complained, since this field may contain social security numbers. There is no regulation on what has to appear in this field. It may contain a SS number, but may also contain other information. I have seen a mix of things in this field ranging from a blank field, to a person’s name, to a string of numbers and letters that do not mean anything to me. Basically, we hide this field from consumers due to their complaints. The situation I am asking about is slightly different, but I would still like to confirm with you that there are no regulatory or privacy issues. For the custom we are getting ready to ask for, it will show the information that is in this field, it will show it on the actual return notice, it will print it on the statement, and will also appear through DDA and OLB history. The difference here though is that the client who sees this information on his return notice and on hus statement is the same client who populated that field, so I do not think it will be an issue, since it is information that the client provided to us originally, and that he already has access to it, but I wanted to double check before we get too far down this road.
10/26/2009
A hold was placed on a deposited check that the bank received by mail. The bank was unable to reach the customer by phone, but mailed the hold notification the same day. The customer contacted the bank by email a week later, upset that he wasn't notified at the time the hold was placed. He stated he received the notification three days after the deposit was made. Would it have been acceptable to notify the customer by email if the message was not detailed, but stated something to the effect "Please contact (bank employee) at (bank name) concerning a hold."?
03/23/2009
Can someone please explain what “push” and “pull” mean in regards to e-banking?
01/12/2009
We have a situation where an ex-spouse has been accessing the online banking portal of one of our customers. This ex-spouse has not transacted anything fraudulently as of yet. We have reset the password since being notified of this unauthorized access. We have verified, via IP addresses and times, that our customer did not log in and that it was in fact, the ex-spouse. What law(s) have been broken by the ex-spouse logging into the online banking site of the customer? Are there any areas of Reg E that would apply?
02/11/2008
Is there anything stating that we must force our credit union member to opt into answering a security question for password resets online?
11/20/2006
We are looking to implement email notification of receipt of deposit instead of mailing paper back. I have seen comments on e-statements and E-sign and disclosure requirements but don't think any of that applies to receipts. Can you refer me to the regulation that states we are required to provide a receipt and the corresponding rules?
05/15/2006
Is there any specific regulation that requires notification to deposit account holders who had funds embezzled from their accounts by a banking employee? This was not done through any type of electronic information security breach such as pharming, phishing, or hacking. The FBI has been working on the embezzlement case and a SAR was filed.
12/01/2005
- Nearly a third of victims surveyed blamed their compromised IDs on the Internet, where they think their information was exposed to hackers.
08/01/2005
Today's focus on protecting customer information combined with increased everyday use of laptop computers means more and more banks are seeking protections against theft of these portable machines.