1.1
|
Response to Alerts, Notifications or Warnings from a Consumer Reporting Agency
|
|
When a company representative is presented with an alert, notification or warning from a consumer reporting agency, they must act quickly in an effort to prevent or mitigate loss for the customer and the University. Appropriate responses are as follows: | 1. |
Take additional steps to verify identity. |
| 2. |
Flag relevant accounts. |
| 3. |
Monitor account activity. |
| 4. |
Decline account application. |
| 6. |
Document with a Suspicious Activity Report (SAR). |
| 7. |
Notify existing customer on record. |
|
1.2
|
Response to Suspicious Documents
|
|
In the course of business, a company representative may be presented with suspicious documents. Appropriate responses are as follows: | 1. |
Verify using third party resources. |
| 2. |
Verify using existing account records. |
| 4. |
Decline account access. |
| 5. |
Document with a Suspicious Activity Report (SAR). |
| 6. |
Notify law enforcement (if necessary) |
| 7. |
Notify existing customer on record |
|
1.3
|
Response to Suspicious Identifying Personal Information
|
|
When a person provides suspicious or inconsistent identifying information to a company representative, the response is as follows: | 1. |
Escalate verification to a higher level. |
| 2. |
Decline account application. |
| 3. |
Decline account access. |
| 4. |
Notify existing customer on record. |
| 5. |
Change account access information. |
| 6. |
Change account numbers. |
| 7. |
Document with a Suspicious Activity Report (SAR). |
| 8. |
Involve law enforcement. |
|
1.4
|
Response to Unusual Use of or Suspicious Activity Related to the Covered Account
|
|
Company representatives shall be vigilant in protecting customer accounts when transacting, servicing, or processing business. When suspicious activity or unusual patterns emerge in covered accounts, the appropriate responses are as follows: | 1. |
Use Personal Knowledge questions for verification. |
| 3. |
Decline account access. |
| 4. |
Document with a Suspicious Activity Report (SAR). |
| 5. |
Notify existing customer on record. |
| 6. |
Change account access information. |
| 7. |
Change account numbers. |
| 8. |
Involve law enforcement. |
|
1.5
|
Response to Notice From Customers, Victims of Identity Theft, Law Enforcement Authorities, or Other Persons Regarding Possible Identity Theft in Connection with Covered Accounts
|
|
Company representatives that are notified of a security incident from customers, victims of identity theft, law enforcement authorities, or other persons regarding possible identity theft in connection with covered accounts must immediately inform senior management and the Identity Theft Prevention Officer. Appropriate responses are as follows: | 1. |
Decline account access |
| 2. |
Close fraudulent account |
| 3. |
Document with a Suspicious Activity Report (SAR) |
| 4. |
Notify existing customer on record |
| 6. |
Do Not Attempt to Collect on the Fraudulent Account from the True Identity |
| 7. |
Cooperate with law enforcement |
|
To Home Page 