DFI-SB 12.06(1)(1) Precautions against unauthorized access. Prevent unauthorized access to, or use of, the unit. DFI-SB 12.06(2)(2) Precautions to assure confidentiality. Prevent information regarding a transaction conducted through the unit from being disclosed to any person other than: DFI-SB 12.06(2)(b)(b) Any other person who is a party to the transaction or is necessary to effect the transaction, but only to the extent that the information disclosed is necessary to effect the transaction; or DFI-SB 12.06(2)(c)(c) Those persons lawfully authorized to have access to the records of the savings bank or of parties to the transaction. DFI-SB 12.06(3)(3) Unsolicited access to remote service units prohibited. Ensure that the plastic card or other means providing its customers access to the unit is issued only: DFI-SB 12.06(3)(b)(b) As a renewal of, or in substitution for, an accepted card or other means of access, whether issued by the initial issuer or a successor. DFI-SB 12.06 HistoryHistory: Cr. Register, February, 1994, No. 458, eff. 3-1-94. DFI-SB 12.07(1)(1) Between savings bank and third parties. Each activity authorized under s. 214.04 (21), Stats., shall be conducted in accordance with a written agreement between the savings bank and any participating merchant, service center, data processor or other third party, setting out the manner in which liability from errors, malfunctions or the unauthorized use of a remote service unit will be allocated between the parties. DFI-SB 12.07(2)(a)(a) The liability of a customer of a savings bank for the unauthorized use of a plastic card or other access device to a remote service unit shall be determined as follows: DFI-SB 12.07(2)(a)3.3. If the customer notifies the savings bank within 2 business days after learning of the unauthorized use or of loss or theft of the plastic card or other access device, the customer’s liability may not exceed the lesser of $50 or the amount of unauthorized transfers that occur before notice to the savings bank. DFI-SB 12.07(2)(a)4.4. If the customer fails to notify the savings bank within 2 business days after learning of the unauthorized use or of loss or theft of the plastic card or other access device, the customer’s liability may not exceed the lesser of $500 or the sum of all of the following: DFI-SB 12.07(2)(a)4.a.a. $50 or the amount of unauthorized transfers that occur within the 2 business days, whichever is less. DFI-SB 12.07(2)(a)4.b.b. The amount of unauthorized transfers that occur after the close of 2 business days and before notice to the savings bank, if the savings bank establishes that these transfers would not have occurred had the customer notified the savings bank within that 2-day period. DFI-SB 12.07(2)(a)5.5. A customer must report an unauthorized transfer from the unauthorized use of a plastic card or other access device to a remote service unit that appears on a periodic statement within 60 days of the savings bank’s transmittal of the statement to avoid liability for subsequent transfers. If the customer fails to do so, the customer’s liability may not exceed the amount of the unauthorized transfers that occur after the close of the 60 days and before notice to the savings bank and that the savings bank establishes would not have occurred had the customer notified the savings bank within the 60-day period. When a plastic card or other access device is involved in the unauthorized transfer, the customer may be liable for other amounts set forth in subd. 3. or 4., as applicable. DFI-SB 12.07(2)(a)6.6. If the customer’s delay in notifying the savings bank as provided in subd. 5. was due to extenuating circumstances, the savings bank shall extend the time specified in subd. 5. to a reasonable period. DFI-SB 12.07(2)(a)7.a.a. Notice to a savings bank is given when a customer takes steps reasonably necessary to provide the savings bank with the pertinent information, whether or not a particular employee or agent of the savings bank actually receives the information. DFI-SB 12.07(2)(a)7.c.c. Written notice is considered given at the time the customer mails the notice or delivers it for transmission to the savings bank by any other usual means. Notice may be considered constructively given when the savings bank becomes aware of circumstances leading to the reasonable belief that an unauthorized transfer to or from the customer’s account has been or may be made. DFI-SB 12.07(2)(a)8.8. If an agreement between the customer and the savings bank imposes less liability than is provided by this section, the customer’s liability may not exceed the amount imposed under the agreement. DFI-SB 12.07(2)(b)(b) A customer furnishing another person with the plastic card or other access device to the customer’s account through a remote service unit shall be deemed to authorize all transactions that may be accomplished by that means until the customer has given actual notice to the savings bank that further transactions are unauthorized. DFI-SB 12.07 HistoryHistory: Cr. Register, February, 1994, No. 458, eff. 3-1-94; 2013 Wis. Act 136: am. (2) (a) (intro.), r. (2) (a) 1., 2., cr. (2) (a) 3. to 8., am. (2) (b) Register March 2014 No. 699, eff. 4-1-14. DFI-SB 12.08DFI-SB 12.08 Customer service and disclosure requirements. DFI-SB 12.08(1)(1) Periodic statements. A savings bank shall provide each customer with a periodic statement of each account of the customer that is accessible through a remote service unit. The statement shall be provided on a monthly basis for each month in which a transaction occurs, or once every 3 months, whichever is more frequent. The statement shall identify the date, location and nature of each transaction. An account statement issued under this subsection may include transactions made through a remote service unit. DFI-SB 12.08(2)(2) Transaction documentation. Except as provided in sub. (4), every transfer of funds made through a remote service unit by a customer of a savings bank shall be evidenced by a written document made available to the customer at the time of the transaction. The document shall indicate with reasonable specificity the identity of any third party to whom funds are electronically transferred, the identity of the customer’s account, the amount of funds transferred, the type of transaction and the date of the transaction. A customer may be required to reenter an access device, such as a card, at a terminal in order to receive transaction documentation if all the following conditions are met: DFI-SB 12.08(2)(a)(a) The terminal simultaneously controls distribution of products at several locations on the same site to more than one customer; DFI-SB 12.08(2)(b)(b) Each customer must remove the access device from the terminal and move to another location in order to complete the transaction; and DFI-SB 12.08(2)(c)(c) The terminal cannot produce transaction documentation for a particular transaction until the customer completes distribution of the product and the amount of the transaction is known. DFI-SB 12.08(3)(3) Written disclosure of services and charges. Each customer of a savings bank whose account with the savings bank is accessible through a remote service unit shall be provided with a written statement of the terms and conditions governing the account. The statement shall be provided at the time that the customer is issued a card or other means providing access through the remote service unit, and whenever the terms and conditions governing the account are amended. The statement shall set out: DFI-SB 12.08(3)(a)(a) Applicable limitations on the customer’s liability for unauthorized use of the means providing access through the remote service unit, and the address and telephone number of the person to be notified in the event that the means affording the customer access through the remote service unit is lost or stolen or the customer otherwise believes that unauthorized access to the account may be obtained. DFI-SB 12.08(3)(b)(b) The customer’s right to a periodic statement of transactions affecting the account. DFI-SB 12.08(3)(c)(c) An initial disclosure of the specific transactions which, subject to the capabilities of individual terminals, may be performed through the remote service unit. DFI-SB 12.08(3)(d)(d) Any charges to the customer for account maintenance or for the use of the remote service unit. DFI-SB 12.08(3)(e)(e) Any limitation imposed on the number of remote service unit transactions permitted within any given period of time. DFI-SB 12.08(4)(4) Exception for written document in small-value transfers. A savings bank is not subject to the requirement to make available a written document under sub. (2) if the amount of the transfer is $15 or less. DFI-SB 12.08 HistoryHistory: Cr. Register, February, 1994, No. 458, eff. 3-1-94; 2013 Wis. Act 136: am. (2) (intro.), cr. (4) Register March 2014 No. 699, eff. 4-1-14. DFI-SB 12.10DFI-SB 12.10 Advertising restrictions. If use of a remote service unit is restricted under s. DFI-SB 12.04 (2) to designated financial institutions, all advertisements regarding the unit shall clearly state that use of the unit will be available to customers of other financial institutions at the end of the period of restricted use authorized by the division. DFI-SB 12.10 HistoryHistory: Cr. Register, February, 1994, No. 458, eff. 3-1-94; am. Register, March, 1996, No. 483, eff. 4-1-96. DFI-SB 12.11DFI-SB 12.11 Filing of supplemental information. Each savings bank engaging in an activity authorized under s. 214.04 (21), Stats., shall file with the division such additional information regarding its activity as the division may from time to time require. DFI-SB 12.11 HistoryHistory: Cr. Register, February, 1994, No. 458, eff. 3-1-94.
/code/admin_code/dfi/dfi_sb/12
true
administrativecode
/code/admin_code/dfi/dfi_sb/12/08/2/a
DFI-SB
Chs. DFI-SB 1-22; Department of Financial Institutions-Savings Banks
administrativecode/DFI-SB 12.08(2)(a)
administrativecode/DFI-SB 12.08(2)(a)
section
true