Customer Security Awareness Education For Both Retail and Business Customers
For most of us the Internet has become a basic part of daily life. As the comfort level with the internet continues to grow so does doing other types of business online. Millions of consumers today are doing some or all of their banking online.
It’s convenient and efficient. You can access your account and make banking transactions at anytime from anywhere you have an Internet connection. Investar Bank offers Online Banking and Mobile Banking as a free service.
Through our Online Banking service, you can manage eligible accounts from your home or office computer or internet enabled mobile device.
Online banking can be used to conduct any of the following “Online Financial Services”:
- To receive and download balance and transaction information for INVESTAR BANK accounts
- To transfer funds between any authorized Accounts
- To export account information into a formatted file. This file will be downloaded onto your computer where it will be available for import into a personal financial management software program
- To initiate a stop payment on a check
- To receive your monthly statements online
- To apply for products and services
- To pay bills electronically from a Deposit Account
- To receive e-mail from and transmit e-mail to the Bank
Examples of Deceptive Ways Criminals Contact Account Holders
- The FDIC does not directly contact bank customers (especially related to ACH and Wire transactions, account suspension, or security alerts), nor does the FDIC request bank customers to install software upgrades. Such messages should be treated as fraudulent and the account holder should permanently delete them and not click on any links. User should also keep in mind; Investar Bank will not contact a customer on an unsolicited basis and will never ask you to provide them with Online Banking credentials such as the password, security answers and questions or secure token information.
- Messages or inquiries from the Internal Revenue Service, Better Business Bureau, NACHA, and almost any other organization asking the customer to install software, provide account information or access credentials is probably fraudulent and should be verified before any files are opened, software is installed, or information is provided.
- Phone calls and text messages requesting sensitive information are likely fraudulent. If in doubt, account holders should contact the organization at the phone number the customer obtained from a different source (such as the number they have on file, that is on their most recent statement, or that is from the organization’s website). Account holders should not call phone numbers (even with local prefixes) that are listed in the suspicious email or text message.
Consumer Protection- Regulation E
- Regulation E provides rules for error resolution and unauthorized transactions for electronic fund transfers, which includes most transactions processed online. In addition, it establishes limits to your financial liability for unauthorized electronic fund transfers. These limits, however, are directly related to the timeliness of your detection and reporting of issues to Investar Bank. It is for this reason that we encourage you to immediately review periodic account statements and to regularly monitor your account activity online.
- The "Electronic Fund Transfers" disclosure provided to you at the time of account opening provides detailed information. We will provide to you, upon request, a free printed copy of this disclosure.
- In the event suspicious account activity has occurred or information security–related events have been experienced please contact your local branch or contact Investar Bank directly at firstname.lastname@example.org or you can reach us at 1.866.604.2006.
Sign On and General Controls
Investar Bank’s online banking service is equipped with features that can help safeguard your sensitive personal account information:
Business Banking General Controls
Investar Bank encourages commercial users to evaluate each user role, limits and accessibility assigned to users. We also encourage commercial Online Banking customers to perform a risk assessment and evaluate controls periodically as it relates to their Online Banking access. We also encourage all business customers to develop an incident response plan and applicability of laws and regulations to business owners to safeguard information.
Additionally, Business account holders should be aware of their exposure to electronic theft. In particularly, corporate account takeovers and cyber thieves, exposure risks, security measures, benefits of a risk assessment, insurance coverage needs related to electronic thefts.
User Roles and Entitlements
- Service entitlements - Online Banking supports customer level entitlements for all services allowing Investar Bank to establish our own risk review process before allowing access to a feature.
- Separation of duties - Customers should assign roles and use account entitlements to separate duties in a company. For instance, one user can enter an ACH or Wire transaction and another can transmit it.
- Limit approvers - Role-based access can be used to limit the number of users with approval authority.
- Mandatory alerts - Online Banking supports the following mandatory alerts for all Online Banking users. An alert is automatically sent to customers in particular:
- A password is changed.
- An e-mail address is changed.
- Failed Transfers (Internal and external).
- Transfer Completed (Internal and external).
- ACH (optional) - An alert can be sent to customers when:
- An ACH template has been added, edited, or deleted.
- An ACH transfer is pending approval.
- Wire (optional) - An alert can be sent to customers when:
- A wire transfer template has been added, edited, or deleted.
- A wire transfer is pending approval.
- ACH - Multiple approvals can be required to send an ACH transaction. These can be set by Investar Bank or by a user at the company who has the Administration role.
- Wire - Multiple approvals can be required to send a wire. These can be set by Investar Bank or by a user at the company who has the Administration role.
- Funds Transfer - Multiple approvals can be required to enter a funds transfer including external transfers. These can be set by Investar Bank or by a user at the company who has the Administration role.
- File Transfer - Multiple approvals can be required for customers to send Files to Investar Bank including NACHA files. These can be set by Investar Bank or by a user at the company who has the Administration role.
History and Audit Information
- Transfer history - History reports are available for ACH, Wire and Funds Transfer. Customers should review this information regularly.
Payment and Transfer Service Best Practices
The following action can be taken for ACH:
- Prenotes - Financial organizations should recommend using prenote for new transactions.
- NACHA guidelines - Investar Bank reviews their standard risk approval process for ACH activity per NACHA guidelines.
- Balance check - Online Banking supports Funds Verification for out-going funds.
Resources for Business Account Holders
Additionally, Business account holders should be aware of their exposure to electronic theft. In particularly, corporate account takeovers and cyber thieves, exposure risks, security measures, benefits of a risk assessment, and insurance coverage needs related to electronic thefts. Below are resources available on these topics: