Pub. 8 2013-2014 Issue 3

September | October 2013 19 Extraordinary Service for Extraordinary Members. $200,000 and $1,000,000 stolen from a single customer’s account. Some banks have added an additional control of requiring a fax confirmation each time a customer uses the internet banking system to initiate an ACH or wire transfer. However, many customers use the same computer to send fax transmis- sions as they use to initiate legitimate ACH transactions. So the crook that has taken over a customer’s computer can also cause the fax confirmation to be sent. To prevent this type of scam from causing loss to a bank’s customers, many banks are now implementing a verbal call back to a pre-verified customer voice phone number before allowing each large-dollar ACH transaction file or large-dollar wire transfer request to be processed. Also, the same control is implemented if a customer initiates multiple small ACH or wire transfer requests over a short period. Some customers have objected to the added inconvenience of having the bank contact them at a predetermined phone number for a verbal confirmation. Most customers, however, will agree to such a procedure once they understand it is protecting them from the potential of a large loss. The UniformCommercial Code (UCC) 4A-202(b) provides that if a bank and customer agree to a commercially reason- Reach KBS at (785) 228-0000. able security procedure and the bank follows the security procedure, the bank can enforce the transaction as authorized if the bank accepted the transaction in good faith and in ac- cordance with written agreements and instructions. In cases where a customer chooses a lesser security pro- cedure, UCC 4A-202(c) deems such security procedure to be commercially reasonable if the bank offered and the customer refused a commercially reasonable security procedure and the customer expressly agrees in writing to be bound by the transaction orders, whether or not authorized, if the bank followed the security procedure chosen by the customer. (Please read the actual law.) Banks should work with their bank’s attorney to make sure they implement a commercially reasonable security procedure and that the customer agrees to be liable when the bank follows such procedure. In cases where the bank offers a commercially reasonable security procedure and a customer chooses a lesser security procedure, the bank needs to make sure its contract is used to protect the bank as allowed by UCC 4A and that the bank actually follows all agreed upon security procedures. 