We had a person come in and request their debit card to be returned to him after it was kept by our ATM. He was alleging that we did not have a right to keep his card. Our procedures are to keep and destroy any card that is not ours. Is there a regulation that I can refer to if this ever happens again?
NCR Corporation recently announced availability of a new integrated platform that will allow smaller financial institutions to enhance their image-based operations.
In our last issue we reported on several companies who are offering systems to help prepare for Check 21.
On July 30, 2002 the Sarbanes-Oxley Act (SOX) was signed into law.
I have many customers who have used their debit card for monthly debits such as to a satellite provider or Internet service provider. After they close their account, these transactions still try to hit. I have closed the debit cards and even hotcarded them but these companies still force the transactions through. When I dispute the transaction, the company says they will not honor the dispute without the cardholder's signature... yet most of the time we have closed the account due to negative balances. Is there any way around this? Can we not stop these companies from steadily forcing payments through closed accounts and cards?
Commonly cited violations have long been a source of important information for the design and management of compliance programs.
Are banks to have disaster recovery facilities at least 50 miles away from any of their existing facilities?
I would welcome any suggestions regarding how to conduct an information technology risk assessment.
- Only about 10% of the people that report identity theft are senior citizens (in their study, people over 60) and of those, 52% involved credit cards.
Are there any requirements or criteria for Penetration testing? Can we perform the penetration testing ourselves? If we hire a third party vendor, should we require documentation saying they are authorized by the Regulators to perform the tests or that the testing will meet certain standards? Does the penetration testing requirement only apply to wired network or do we have to have penetration testing on the wireless as well?