Should we complete a risk rating on a customer opening a new saving account, as an example, or how are the accounts selected that this is completed on, i.e. based on what criteria?
We found an HPML in our audit. There is no escrow set up. What can we do?
Why can't we hold a customer or member liable for having the PIN with the card?
Is there a way to know if any SARs submitted to FinCEN by my institution were among those leaked in the recent data breach?
If an EFT claim is made long after the statement is sent showing the transaction, the rules of investigation don't apply. So why do we investigate any of these claims?