Register June 2021 No. 786
Chapter DFI-CU 63
REMOTE SERVICE UNITS
DFI-CU 63.01   Joint rules.
DFI-CU 63.02   Definitions.
DFI-CU 63.04   Restrictions on access prohibited.
DFI-CU 63.05   Discriminatory rates or services prohibited.
DFI-CU 63.06   Confidentiality and security requirements.
DFI-CU 63.07   Allocation of liability.
DFI-CU 63.08   Customer service and disclosure requirement.
DFI-CU 63.10   Advertising restrictions.
DFI-CU 63.11   Filing of supplemental information.
Ch. DFI-CU 63 Note Note: Chapter CU 63 was renumbered chapter DFI-CU 63 under s. 13.93 (2m) (b) 1., Stats., and corrections made under s. 13.93 (2m) (b) 6. and 7., Stats., Register, October, 1997, No. 502.
DFI-CU 63.01 DFI-CU 63.01 Joint rules. This chapter is promulgated as a joint rule by the office of credit unions and the division of banking in accordance with s. 186.113 (15) (a), Stats.
DFI-CU 63.01 Note Note: See chs. DFI-Bkg 14, DFI-SB 12 and DFI-SL 12, Wis. Adm. Code.
DFI-CU 63.01 History History: Cr. Register, March, 1978, No. 267, eff. 4-1-78; correction made under s. 13.92 (4) (b) 6., Stats., Register March 2020 No. 771; CR 20-052: am. Register June 2021 No. 786, eff. 7-1-21.
DFI-CU 63.02 DFI-CU 63.02 Definitions. In this chapter:
DFI-CU 63.02(1) (1) Director. “Director" means the director of credit unions or authorized representative.
DFI-CU 63.02(2) (2) Days.
DFI-CU 63.02(2)(a)(a) “Days" mean calendar days computed under s. 990.001 (4), Stats.
DFI-CU 63.02(2)(b) (b) “Business day" means that part of any day on which a credit union is open for carrying on substantially all of its business functions.
DFI-CU 63.02(3) (3) Financial institution. “Financial institution" means a state or federal savings and loan association, a state or national bank, a mutual savings bank, or a state or federal credit union.
DFI-CU 63.02(4) (4) Remote terminal. “Remote terminal" means a remote terminal as defined in s. 186.113 (15) (b), Stats., a remote service unit as defined in s. 215.13 (46) (a), Stats., or a customer bank communications terminal as defined in s. 221.0303 (1), Stats.
DFI-CU 63.02(5) (5) Supplier. “Supplier" means any person furnishing equipment, goods or services used to complete any function performed through a given remote terminal.
DFI-CU 63.02 History History: Cr. Register, March, 1978, No. 267, eff. 4-1-78; correction in (4) made under s. 13.93 (2m) (b) 7., Stats., Register, June, 2000, No. 534.
DFI-CU 63.04 DFI-CU 63.04 Restrictions on access prohibited.
DFI-CU 63.04(1)(1)General provisions. Except as provided in sub. (2), no credit union may directly or indirectly acquire, place or operate a remote terminal and no credit union may participate in the acquisition, placement or operation of a remote terminal, unless the terminal is available on a nondiscriminatory basis to the following financial institutions and their designated customers:
DFI-CU 63.04(1)(a) (a) Any financial institution that has its home office in this state;
DFI-CU 63.04(1)(b) (b) Any other credit union which is qualified to do business in this state and has obtained the written consent of a credit union that has its home office in this state and is making use of the terminal;
DFI-CU 63.04(1)(c) (c) Any savings and loan association which is qualified to do business in this state and has obtained the written consent of a savings and loan association that has its home office in this state and is making use of the terminal; and
DFI-CU 63.04(1)(d) (d) Any other bank which is qualified to do business in this state and has obtained the written approval of a bank that has its home office in this state and is making use of the terminal.
DFI-CU 63.04(2) (2) Exceptions. The temporary limitation of access to a remote terminal to designated customers of designated financial institutions for reasonable test periods determined by the director will not be deemed in violation of this section if approved by the director in writing. The director may approve such limitations if:
DFI-CU 63.04(2)(a) (a) The director considers it necessary or desirable to permit restricted operation during periods of testing or experimentation; or,
DFI-CU 63.04(2)(b) (b) The director determines that the accommodation of additional users is beyond the capacity of existing equipment and a good faith effort is being made to accommodate them within a reasonable period of time determined by the director.
DFI-CU 63.04 History History: Cr. Register, March, 1978, No. 267, eff. 4-1-78.
DFI-CU 63.05 DFI-CU 63.05 Discriminatory rates or services prohibited. A remote terminal will not be deemed available for use on a nondiscriminatory basis unless:
DFI-CU 63.05(1) (1) User fees. The fees charged to a financial institution for the use of the terminal by the institution or its customers are equitably apportioned and reasonably reflect the cost of the services actually provided to the institution or customer. Such fees may provide for the amortization of development costs and capital expenditures over a reasonable period of time.
DFI-CU 63.05(2) (2) Customer services. Each financial institution making use of the terminal may permit its customers to make use of all of the functions performed by the terminal at each location of the terminal or only those functions and locations that such institution elects to make available to its customers.
DFI-CU 63.05(3) (3) Technical information and specifications. Each supplier provides at reasonable cost such technical information and specifications as may be necessary to enable a financial institution that is eligible to use the terminal, or any data processor serving the accounts of such an institution, to obtain interface with the terminal.
DFI-CU 63.05(4) (4) Other requirements. No financial institution eligible to use the terminal is required to purchase from any supplier any goods, equipment or services not reasonably necessary to complete a transaction through the terminal.
DFI-CU 63.05 History History: Cr. Register, March, 1978, No. 267, eff. 4-1-78.
DFI-CU 63.06 DFI-CU 63.06 Confidentiality and security requirements. No credit union may directly or indirectly acquire, place or operate a remote terminal, and no credit union may participate in the acquisition, placement or operation of a remote terminal, unless precautions acceptable to the director are provided to:
DFI-CU 63.06(1) (1) Precautions against unauthorized access. Prevent unauthorized access to, or use of, the terminal.
DFI-CU 63.06(2) (2) Precautions to assure confidentiality. Prevent information regarding a transaction conducted through the terminal from being disclosed to any person other than:
DFI-CU 63.06(2)(a) (a) The customer making the transaction;
DFI-CU 63.06(2)(b) (b) Any other person who is a party to the transaction or is necessary to effect the transaction, but only to the extent that the information disclosed is necessary to effect the transaction; or
DFI-CU 63.06(2)(c) (c) Those persons lawfully authorized to have access to the records of the credit union or of parties to the transaction.
DFI-CU 63.06(3) (3) Unsolicited access to remote terminals prohibited. Ensure that the plastic card or other means providing its customers access to the terminal is issued only:
DFI-CU 63.06(3)(a) (a) In response to a request or application therefore; or
DFI-CU 63.06(3)(b) (b) As a renewal of, or in substitution for an accepted card or other means of access, whether issued by the initial issuer or a successor.
DFI-CU 63.06 History History: Cr. Register, March, 1978, No. 267, eff. 4-1-78.
DFI-CU 63.07 DFI-CU 63.07 Allocation of liability.
DFI-CU 63.07(1)(1)Between credit union and third parties. Each activity authorized under s. 186.113 (15), Stats., shall be conducted in accordance with a written agreement between the credit union and any participating merchant, service center, data processor or other third party, setting out the manner in which liability from errors, malfunctions or the unauthorized use of a remote terminal will be allocated between the parties.
DFI-CU 63.07(2) (2) Limited customer liability for unauthorized use.
DFI-CU 63.07(2)(a) (a) The liability of a customer of a credit union for the unauthorized use of a plastic card or other access device to a remote terminal shall be determined as follows:
DFI-CU 63.07(2)(a)3. 3. If the customer notifies the credit union within 2 business days after learning of the unauthorized use or of loss or theft of the plastic card or other access device, the customer's liability may not exceed the lesser of $50 or the amount of unauthorized transfers that occur before notice to the credit union.
DFI-CU 63.07(2)(a)4. 4. If the customer fails to notify the credit union within 2 business days after learning of the unauthorized use or of loss or theft of the plastic card or other access device, the customer's liability may not exceed the lesser of $500 or the sum of all of the following:
DFI-CU 63.07(2)(a)4.a. a. $50 or the amount of unauthorized transfers that occur within the 2 business days, whichever is less.
DFI-CU 63.07(2)(a)4.b. b. The amount of unauthorized transfers that occur after the close of 2 business days and before notice to the credit union, if the credit union establishes that these transfers would not have occurred had the customer notified the credit union within that 2-day period.
DFI-CU 63.07(2)(a)5. 5. A customer must report an unauthorized transfer from the unauthorized use of a plastic card or other access device to a remote terminal that appears on a periodic statement within 60 days of the credit union's transmittal of the statement to avoid liability for subsequent transfers. If the customer fails to do so, the customer's liability may not exceed the amount of the unauthorized transfers that occur after the close of the 60 days and before notice to the credit union and that the credit union establishes would not have occurred had the customer notified the credit union within the 60-day period. When a plastic card or other access device is involved in the unauthorized transfer, the customer may be liable for other amounts set forth in subd. 3. or 4., as applicable.
DFI-CU 63.07(2)(a)6. 6. If the customer's delay in notifying the credit union as provided in subd. 5. was due to extenuating circumstances, the credit union shall extend the time specified in subd. 5. to a reasonable period.
DFI-CU 63.07(2)(a)7.a.a. Notice to a credit union is given when a customer takes steps reasonably necessary to provide the credit union with the pertinent information, whether or not a particular employee or agent of the credit union actually receives the information.
DFI-CU 63.07(2)(a)7.b. b. A customer may notify the credit union in person, by telephone, or in writing.
DFI-CU 63.07(2)(a)7.c. c. Written notice is considered given at the time the customer mails the notice or delivers it for transmission to the credit union by any other usual means. Notice may be considered constructively given when the credit union becomes aware of circumstances leading to the reasonable belief that an unauthorized transfer to or from the customer's account has been or may be made.
DFI-CU 63.07(2)(a)8. 8. If an agreement between the customer and the credit union imposes less liability than is provided by this section, the customer's liability may not exceed the amount imposed under the agreement.
DFI-CU 63.07(2)(b) (b) A customer furnishing another person with a plastic card or other access device to the customer's account through a remote terminal shall be deemed to authorize all transactions that may be accomplished by that means, until the customer has given actual notice to the credit union that further transactions are unauthorized.
DFI-CU 63.07 History History: Cr. Register, March, 1978, No. 267, eff. 4-1-78; 2013 Wis. Act 136: am. (2) (a) (intro.), r. (2) (a) 1., 2., cr. (2) (a) 3. to 8., am. (2) (b) Register March 2014 No. 699, eff. 4-1-14.
DFI-CU 63.08 DFI-CU 63.08 Customer service and disclosure requirement.
DFI-CU 63.08(1)(1)Periodic statements. A credit union shall provide each customer with a periodic statement of each account of the customer accessible through a remote terminal. The statement shall be provided on a monthly basis for each month in which a transaction occurs, or once every 3 months, whichever is more frequent. The statement shall identify the date, location, and nature of each transaction. An account statement issued under this subsection may include transactions made through a remote terminal or otherwise.
DFI-CU 63.08(2) (2) Transaction documentation. Except as provided in sub. (4), every transfer of funds through a remote terminal made by a customer of a credit union shall be evidenced by a written document made available to the customer at the time of the transaction. The document shall indicate with reasonable specificity the identity of any third party to whom funds are electronically transferred, the identity of the customer's account, the amount of funds transferred, the type of transaction, and the date of the transaction. A customer may be required to reenter an access device, such as a card, at a terminal in order to receive transaction documentation if all of the following conditions are met:
DFI-CU 63.08(2)(a) (a) The terminal simultaneously controls the distribution of products at several locations on the same site to more than one customer;
DFI-CU 63.08(2)(b) (b) Each customer must remove the access device from the terminal and move to another location in order to complete the transaction; and
Loading...
Loading...
Published under s. 35.93, Stats. Updated on the first day of each month. Entire code is always current. The Register date on each page is the date the chapter was last published.