Register March 2024 No. 819
Chapter DFI-SB 12
REMOTE SERVICE UNITS
DFI-SB 12.02 Definitions.
DFI-SB 12.04 Restrictions on access prohibited.
DFI-SB 12.05 Discriminatory rates or services prohibited.
DFI-SB 12.06 Confidentiality and security requirements.
DFI-SB 12.07 Allocation of liability.
DFI-SB 12.08 Customer service and disclosure requirements.
DFI-SB 12.10 Advertising restrictions.
DFI-SB 12.11 Filing of supplemental information.
Ch. DFI-SB 12 Note
Note: Chapter SB 12 was renumbered ch. DFI-SB 12 under s. 13.93 (2m) (b) 1., Stats., and corrections made under s. 13.93 (2m) (b) 6. and 7., Stats.,
Register, November, 1997, No. 503.
DFI-SB 12.01
DFI-SB 12.01 Joint rule. This chapter is patterned after a joint rule promulgated by the division of banking and the office of credit unions in accordance with s.
214.04 (21) (b), Stats.
DFI-SB 12.01 History
History: Cr.
Register, February, 1994, No. 458, eff. 3-1-94;
CR 23-039: am. Register March 2024 No. 819, eff. 4-1-24.
DFI-SB 12.02(1)
(1) “Division" means the division of banking or its authorized representative.
DFI-SB 12.02(3)
(3) “Financial institution" means a state or federal savings bank or savings and loan, a state or national bank or a state or federal credit union.
DFI-SB 12.02(5)
(5) “Supplier" means any person furnishing equipment, goods or services used to complete any function performed through a given remote service unit.
DFI-SB 12.02 History
History: Cr.
Register, February, 1994, No. 458, eff. 3-1-94; correction in (4) made under s. 13.93 (2m) (b) 7., Stats.,
Register November, 1997, No. 503; correction in (1) made under ss. 13.92 (4) (b) 6. and 35.17, Stats.,
Register March 2020 No. 771.
DFI-SB 12.04
DFI-SB 12.04 Restrictions on access prohibited. DFI-SB 12.04(1)(1)
General provisions. Except as provided in sub.
(2), no savings bank may directly or indirectly acquire, place or operate a remote service unit, and no savings bank may participate in the acquisition, placement or operation of a remote service unit, unless the unit is available on a nondiscriminatory basis to the following financial institutions and their designated customers:
DFI-SB 12.04(1)(b)
(b) Any other savings bank which is qualified to do business in this state and has obtained the written consent of a savings bank or association that has its home office in this state and is making use of the unit; and
DFI-SB 12.04(1)(c)
(c) Any other bank which is qualified to do business in this state and has obtained the written approval of a bank that has its home office in this state and is making use of the unit; and
DFI-SB 12.04(1)(d)
(d) Any other credit union which is qualified to do business in this state and has obtained the written consent of a credit union that has its home office in this state and is making use of the unit.
DFI-SB 12.04(2)
(2)
Exceptions. The temporary limitation of access to a remote service unit to designated customers of designated financial institutions for reasonable test periods determined by the division is not a violation of this section if approved by the division in writing. The division may approve such limitations if:
DFI-SB 12.04(2)(a)
(a) The division considers it necessary or desirable to permit restricted operation during periods of testing or experimentation; or
DFI-SB 12.04(2)(b)
(b) The division determines that the accommodation of additional users is beyond the capacity of existing equipment and a good faith effort is being made to accommodate them within a reasonable period of time determined by the division.
DFI-SB 12.04 History
History: Cr.
Register, February, 1994, No. 458, eff. 3-1-94.
DFI-SB 12.05
DFI-SB 12.05 Discriminatory rates or services prohibited. A remote service unit will not be deemed available for use on a nondiscriminatory basis unless:
DFI-SB 12.05(1)
(1)
User fees. The fees charged to a financial institution for the use of the unit by the institution or its customers are equitably apportioned and reasonably reflect the costs of the services actually provided to the institution or customer. Such fees may provide for the amortization of development costs and capital expenditures over a reasonable period of time.
DFI-SB 12.05(2)
(2)
Customer services. Each financial institution making use of the unit permits its customers to make use of all of the functions performed by the unit at each location of the unit or only those functions and locations that such institution elects to make available to its customers.
DFI-SB 12.05(3)
(3)
Technical information and specifications. Each supplier provides at reasonable cost such technical information and specifications as may be necessary to enable a financial institution that is eligible to use the unit, or any data processor serving the accounts of such an institution, to obtain interface with the unit.
DFI-SB 12.05(4)
(4)
Other requirements. No financial institution eligible to use the unit is required to purchase from any supplier any goods, equipment or services not reasonably necessary to complete a transaction through the unit.
DFI-SB 12.05 History
History: Cr.
Register, February, 1994, No. 458, eff. 3-1-94.
DFI-SB 12.06
DFI-SB 12.06 Confidentiality and security requirements. No savings bank may directly or indirectly acquire, place or operate a remote service unit, and no savings bank may participate in the acquisition, placement or operation of a remote service unit, unless precautions acceptable to the division are provided to:
DFI-SB 12.06(1)
(1)
Precautions against unauthorized access. Prevent unauthorized access to, or use of, the unit.
DFI-SB 12.06(2)
(2)
Precautions to assure confidentiality. Prevent information regarding a transaction conducted through the unit from being disclosed to any person other than:
DFI-SB 12.06(2)(b)
(b) Any other person who is a party to the transaction or is necessary to effect the transaction, but only to the extent that the information disclosed is necessary to effect the transaction; or
DFI-SB 12.06(2)(c)
(c) Those persons lawfully authorized to have access to the records of the savings bank or of parties to the transaction.
DFI-SB 12.06(3)
(3)
Unsolicited access to remote service units prohibited. Ensure that the plastic card or other means providing its customers access to the unit is issued only:
DFI-SB 12.06(3)(b)
(b) As a renewal of, or in substitution for, an accepted card or other means of access, whether issued by the initial issuer or a successor.
DFI-SB 12.06 History
History: Cr.
Register, February, 1994, No. 458, eff. 3-1-94.
DFI-SB 12.07(1)(1)
Between savings bank and third parties. Each activity authorized under s.
214.04 (21), Stats., shall be conducted in accordance with a written agreement between the savings bank and any participating merchant, service center, data processor or other third party, setting out the manner in which liability from errors, malfunctions or the unauthorized use of a remote service unit will be allocated between the parties.
DFI-SB 12.07(2)(a)
(a) The liability of a customer of a savings bank for the unauthorized use of a plastic card or other access device to a remote service unit shall be determined as follows:
DFI-SB 12.07(2)(a)3.
3. If the customer notifies the savings bank within 2 business days after learning of the unauthorized use or of loss or theft of the plastic card or other access device, the customer's liability may not exceed the lesser of $50 or the amount of unauthorized transfers that occur before notice to the savings bank.
DFI-SB 12.07(2)(a)4.
4. If the customer fails to notify the savings bank within 2 business days after learning of the unauthorized use or of loss or theft of the plastic card or other access device, the customer's liability may not exceed the lesser of $500 or the sum of all of the following:
DFI-SB 12.07(2)(a)4.a.
a. $50 or the amount of unauthorized transfers that occur within the 2 business days, whichever is less.
DFI-SB 12.07(2)(a)4.b.
b. The amount of unauthorized transfers that occur after the close of 2 business days and before notice to the savings bank, if the savings bank establishes that these transfers would not have occurred had the customer notified the savings bank within that 2-day period.
DFI-SB 12.07(2)(a)5.
5. A customer must report an unauthorized transfer from the unauthorized use of a plastic card or other access device to a remote service unit that appears on a periodic statement within 60 days of the savings bank's transmittal of the statement to avoid liability for subsequent transfers. If the customer fails to do so, the customer's liability may not exceed the amount of the unauthorized transfers that occur after the close of the 60 days and before notice to the savings bank and that the savings bank establishes would not have occurred had the customer notified the savings bank within the 60-day period. When a plastic card or other access device is involved in the unauthorized transfer, the customer may be liable for other amounts set forth in subd.
3. or
4., as applicable.
DFI-SB 12.07(2)(a)6.
6. If the customer's delay in notifying the savings bank as provided in subd.
5. was due to extenuating circumstances, the savings bank shall extend the time specified in subd.
5. to a reasonable period.
DFI-SB 12.07(2)(a)7.a.a. Notice to a savings bank is given when a customer takes steps reasonably necessary to provide the savings bank with the pertinent information, whether or not a particular employee or agent of the savings bank actually receives the information.