Register June 2021 No. 786
Chapter DFI-CU 63
REMOTE SERVICE UNITS
DFI-CU 63.01 Joint rules.
DFI-CU 63.02 Definitions.
DFI-CU 63.04 Restrictions on access prohibited.
DFI-CU 63.05 Discriminatory rates or services prohibited.
DFI-CU 63.06 Confidentiality and security requirements.
DFI-CU 63.07 Allocation of liability.
DFI-CU 63.08 Customer service and disclosure requirement.
DFI-CU 63.10 Advertising restrictions.
DFI-CU 63.11 Filing of supplemental information.
Ch. DFI-CU 63 Note
Note: Chapter CU 63 was renumbered chapter DFI-CU 63 under s. 13.93 (2m) (b) 1., Stats., and corrections made under s. 13.93 (2m) (b) 6. and 7., Stats.,
Register, October, 1997, No. 502.
DFI-CU 63.01
DFI-CU 63.01
Joint rules. This chapter is promulgated as a joint rule by the office of credit unions and the division of banking in accordance with s.
186.113 (15) (a), Stats.
DFI-CU 63.02(1)
(1)
Director. “Director" means the director of credit unions or authorized representative.
DFI-CU 63.02(2)(b)
(b) “Business day" means that part of any day on which a credit union is open for carrying on substantially all of its business functions.
DFI-CU 63.02(3)
(3)
Financial institution. “Financial institution" means a state or federal savings and loan association, a state or national bank, a mutual savings bank, or a state or federal credit union.
DFI-CU 63.02(5)
(5)
Supplier. “Supplier" means any person furnishing equipment, goods or services used to complete any function performed through a given remote terminal.
DFI-CU 63.02 History
History: Cr.
Register, March, 1978, No. 267, eff. 4-1-78; correction in (4) made under s. 13.93 (2m) (b) 7., Stats.,
Register, June, 2000, No. 534.
DFI-CU 63.04
DFI-CU 63.04
Restrictions on access prohibited. DFI-CU 63.04(1)(1)
General provisions. Except as provided in sub.
(2), no credit union may directly or indirectly acquire, place or operate a remote terminal and no credit union may participate in the acquisition, placement or operation of a remote terminal, unless the terminal is available on a nondiscriminatory basis to the following financial institutions and their designated customers:
DFI-CU 63.04(1)(b)
(b) Any other credit union which is qualified to do business in this state and has obtained the written consent of a credit union that has its home office in this state and is making use of the terminal;
DFI-CU 63.04(1)(c)
(c) Any savings and loan association which is qualified to do business in this state and has obtained the written consent of a savings and loan association that has its home office in this state and is making use of the terminal; and
DFI-CU 63.04(1)(d)
(d) Any other bank which is qualified to do business in this state and has obtained the written approval of a bank that has its home office in this state and is making use of the terminal.
DFI-CU 63.04(2)
(2)
Exceptions. The temporary limitation of access to a remote terminal to designated customers of designated financial institutions for reasonable test periods determined by the director will not be deemed in violation of this section if approved by the director in writing. The director may approve such limitations if:
DFI-CU 63.04(2)(a)
(a) The director considers it necessary or desirable to permit restricted operation during periods of testing or experimentation; or,
DFI-CU 63.04(2)(b)
(b) The director determines that the accommodation of additional users is beyond the capacity of existing equipment and a good faith effort is being made to accommodate them within a reasonable period of time determined by the director.
DFI-CU 63.04 History
History: Cr.
Register, March, 1978, No. 267, eff. 4-1-78.
DFI-CU 63.05
DFI-CU 63.05
Discriminatory rates or services prohibited. A remote terminal will not be deemed available for use on a nondiscriminatory basis unless:
DFI-CU 63.05(1)
(1)
User fees. The fees charged to a financial institution for the use of the terminal by the institution or its customers are equitably apportioned and reasonably reflect the cost of the services actually provided to the institution or customer. Such fees may provide for the amortization of development costs and capital expenditures over a reasonable period of time.
DFI-CU 63.05(2)
(2)
Customer services. Each financial institution making use of the terminal may permit its customers to make use of all of the functions performed by the terminal at each location of the terminal or only those functions and locations that such institution elects to make available to its customers.
DFI-CU 63.05(3)
(3)
Technical information and specifications. Each supplier provides at reasonable cost such technical information and specifications as may be necessary to enable a financial institution that is eligible to use the terminal, or any data processor serving the accounts of such an institution, to obtain interface with the terminal.
DFI-CU 63.05(4)
(4)
Other requirements. No financial institution eligible to use the terminal is required to purchase from any supplier any goods, equipment or services not reasonably necessary to complete a transaction through the terminal.
DFI-CU 63.05 History
History: Cr.
Register, March, 1978, No. 267, eff. 4-1-78.
DFI-CU 63.06
DFI-CU 63.06
Confidentiality and security requirements. No credit union may directly or indirectly acquire, place or operate a remote terminal, and no credit union may participate in the acquisition, placement or operation of a remote terminal, unless precautions acceptable to the director are provided to:
DFI-CU 63.06(1)
(1)
Precautions against unauthorized access. Prevent unauthorized access to, or use of, the terminal.
DFI-CU 63.06(2)
(2)
Precautions to assure confidentiality. Prevent information regarding a transaction conducted through the terminal from being disclosed to any person other than:
DFI-CU 63.06(2)(b)
(b) Any other person who is a party to the transaction or is necessary to effect the transaction, but only to the extent that the information disclosed is necessary to effect the transaction; or
DFI-CU 63.06(2)(c)
(c) Those persons lawfully authorized to have access to the records of the credit union or of parties to the transaction.
DFI-CU 63.06(3)
(3)
Unsolicited access to remote terminals prohibited. Ensure that the plastic card or other means providing its customers access to the terminal is issued only:
DFI-CU 63.06(3)(b)
(b) As a renewal of, or in substitution for an accepted card or other means of access, whether issued by the initial issuer or a successor.
DFI-CU 63.06 History
History: Cr.
Register, March, 1978, No. 267, eff. 4-1-78.
DFI-CU 63.07(1)(1)
Between credit union and third parties. Each activity authorized under s.
186.113 (15), Stats., shall be conducted in accordance with a written agreement between the credit union and any participating merchant, service center, data processor or other third party, setting out the manner in which liability from errors, malfunctions or the unauthorized use of a remote terminal will be allocated between the parties.
DFI-CU 63.07(2)(a)
(a) The liability of a customer of a credit union for the unauthorized use of a plastic card or other access device to a remote terminal shall be determined as follows:
DFI-CU 63.07(2)(a)3.
3. If the customer notifies the credit union within 2 business days after learning of the unauthorized use or of loss or theft of the plastic card or other access device, the customer's liability may not exceed the lesser of $50 or the amount of unauthorized transfers that occur before notice to the credit union.
DFI-CU 63.07(2)(a)4.
4. If the customer fails to notify the credit union within 2 business days after learning of the unauthorized use or of loss or theft of the plastic card or other access device, the customer's liability may not exceed the lesser of $500 or the sum of all of the following:
DFI-CU 63.07(2)(a)4.a.
a. $50 or the amount of unauthorized transfers that occur within the 2 business days, whichever is less.
