Is there anything in Reg E / Opt In that prevents it from being offered to bank employees?
Between the potential for customer files and account trials to walk away and the possible introduction of viruses, I am curious as to what kinds flash drive controls (if any) are being implemented and/or if regulators have started questioning this.
We offer an Overdraft Privilege Product, and to date, have allowed bank employees to use it just as the non-employee customers. We're looking at drafting a new Employee Overdraft policy and would like to know if it would be discriminatory to not allow our employees to have the Overdraft Privilege Product? What do you hear from examiners on this issue?
A business has a credit/debit card that multiple employees can use, but one of the employees makes a purchase that is unauthorized by the business, or an employee stole the card to make an unauthorized purchase. We have been told (by Fiserv) that the business has to deal with the merchant directly, leaving us (the bank) completely out of it. Is this in compliance with Reg E or are there steps that we, as an institution, must take to keep from having a Reg E violation?
Our bank is currently in the process of testing electronic delivery of monthly deposit account statements to employees on a voluntary basis. The statements are delivered in the following manner: an e-mail notification is sent to customers letting them know that the statement is available for review. Then, in order to view the statement, the customer is required to sign onto the bank's website, where the statement can then be accessed (in order to receive electronic statements, the customer must be signed up for e-banking). The statement can then be printed and/or saved to another file by the customer. What would be the E-SIGN ramifications, if any, of this type of statement delivery? Does this type of statement delivery require the bank to obtain demonstrable consent? Would the log on procedures (username and password) suffice for the customer's electronic signature, etc.?
While doing our year end accounting we found a fraudulent credit card charge from June of last year. We called the credit card company who indicated that they will not deal with the fraudulently charged items (someone apparently stole the card information and charged plane tickets from another state, as it is a business card it may have been a dishonest employee of one of our vendors). The names of the people who received the plane tickets as well as the vendor (name of the online travel site withheld) is listed, but the credit card company says that 120 days is the maximum time to make a claim. What can be done?
Does anybody know if there is any guidance available about the password requirements on bank employee cell phones? Do they need to be the typical 6-8 characters, at least one upper and one lower case, and contain a special character? Also, for those of you who have password protected cell phones, how many attempts do you allow before the cell phone is wiped clean?
Can you please clarify the bank's responsibility and liability regarding Reg E compliance and MasterCard Zero liability related to business debit cards?
Under Reg E, Section 205.9(b) lists the transaction information that must be included on the periodic statement. Is this applicable to transfers that are initiated over the phone where the customer is making the request to a bank employee directly and not an automated phone system?
In what section of Reg E does it state that it is a violation for a bank to mandate a certain bank or their own bank to be used for employee payroll direct deposit?