How do we include vendors in our Cyber Incident Response Plan? We don’t know their Plan.
I am looking for a sample of a script I can use for our front line employees to explain the opt-in requirement. We have had so many go off on their own tangent, further confusing things, that we need to bring everyone to same page so to speak.
At the end of March, one of our customers filed a dispute on two transactions where the merchant processed them as PIN-less debits. The customer maintains that he did not authorize the transaction, and that the merchant refuses to provide a refund. The customer was well within the sixty day guideline for filing a claim, but now is threatening to sue us because we have not processed the claim within the forty-five day timeline required by Reg E. We did not provide the client with provisional credit after day ten, nor have we provided the client with any written communication regarding the claim. Are we liable to the client for failure to follow Reg E, and what can we do to get out of a lawsuit?
I've been looking for an alternative to our current image technology. My institution is in the same position as many others: the need to upgrade our system and the desire to do better at providing an image of investigative quality, with no money to do it. Are there any new alternatives for our existing cameras? We've already dropped our lobby cameras to six feet and installed height-marker cameras.
We had a customer call in to the bank because she had a transaction that was being denied. She was trying to place an order for a camera over the internet. It turns out that she was over her limit for the day. I reset the limit so her transaction would go through and then she placed her order. Within 30 minutes she called back and spoke to one of our call center reps stating that the company had preauthorized more than she had authorized and she wanted to do a dispute for fraud. In her phone call with the call center she had mentioned that the company was cancelling her order and was going to credit her account. What should be done in a situation like this? The customer is claiming Visa Zero Liability stating that under it she can dispute a charge for any purpose. Our ATM department has had some training on Reg E, but we are still confused as to when Visa rules come into play and what exactly Visa considers unauthorized charges. The customer gave her information to this company so she authorized them to use it, but they took more than they were authorized., so shouldn't this be between the customer and the merchant?
What is the requirement for training employees on Information Technology - Use and Monitoring...including computer access, email do's and don'ts, etc?
I am in the process of preparing training materials for Reg E and I reviewed the PowerPoint presentation that I found in the <a href="http://www.bankersonline.com/tools/tools.html#Regulatione">Reg E section of the BOL Tools</a>. It states that a "covered transaction" is one that is "initiated by check". Is this correct? I thought this was a non-covered transaction.
I recently read in some training that we did that if an EFT has a stop payment put on it that it will stop any and all future transactions for any amount of time until the customer contacts the bank and asks them to resume payments. Is this true, or can we place a normal stop period of six months on an EFT like we would for a paper item or check?
I'm new to auditing and have to perform an IT audit and know nothing about it. Where can I find some information?
Several banks have grant programs designed to help low income people pull themselves out of the poverty cycle.