• Individual's body language conveys nervousness, uncertainty, or being in an extreme hurry.
• Individual avoids making eye contact.
• Individual is unusually talkative or avoids conversation.
• Prospective member is being coached or directed on their request.
  • Examples:
    • Looking to someone else in the branch for signals on what to ask for or how to respond to questions.
    • Receiving prompts/coaching from a third party either in person or via phone or text.
• During the field of membership discussion, the prospective member changes the sponsor relationship (e.g., originally referred to as friend or co-worker, changes to sibling).
• Needs to search for basic information about a "family member" sponsor (e.g., name, date of birth).                                            

A transaction was completed without the member's knowledge or consent, or the member provided their account information or credit/debit card number due to fraud or robbery.

Whenever an address is changed, a Level 3 Change of Address alert appears on the account for 30 days. If the address changed on NFOAA, the system places a member level note and the alert may not appear until the next business day.

You must review a second form of identification while this alert is present before processing the following requests:

• Change of address
• New or replacement debit card
• New or replacement credit card

Add a member-level note with a 1-year expiration date and include the following information:

• Type of ID
• ID Issuer
• ID #
  • Example: Member/non-member presented driver's license and Military ID; issued by the state of FL/DoD; #T11-22-3333/4567891011-012

This level 5 alert is placed on an account when all debit card products need to be restricted as a result of multiple fraud and/or dispute claims or not safeguarding the card. 

• Team members cannot add, update, or delete this alert.
• Only one abuse alert can be on an account.
• The default expiration period is 36 months but may vary.
  • There is no appeal process if the alert is placed for excessive Fraud claims. 
  • For excessive Dispute claims, review the Appeal process below. 

• It must be PIN verified.
  • If the last four numbers do not auto-populate, the team member should add them manually.
  • The last four digits of the card needs to be documented (e.g., 5678).

• To ensure we have current and correct demographic information on file, member addresses should be verified each time a member's account is accessed to perform a transaction.
  • Use open-ended questions to verify the member's contact information, such as:
    • What is your address?
    • What is your phone number?
    • What is your email?
  • It is important not to prompt the individual making the request with any information in the event they are a fraudster posing as the member.

Member Profile - NFCU eNet

A transaction was completed by a member but is incorrect, duplicated, or the purchased item was not received, returned without refund, or of a lower quality than expected.

This level 3 alert is placed when the member's online or mobile banking credentials are believed to have been compromised. 

• Branch team members can only  delete this alert after determining that no fraud has occurred on the member's account.
  • Team members must verify 2 forms of CIP identification prior to conducting transactions or deleting this alert. 
• This alert does not require an Encore override.

The level 5 alerts below are placed when a member has one or more accounts that have been charged off causing Navy Federal a financial loss and the member has settled the account for less than the full amount owed.

• This alert does not affect a member's access to their existing open accounts.

Team members should contact LCR and/or Charged Off Checking via Internal Chat for guidance, if necessary. Please keep the following in mind prior to opening a new accounts:

• Any charge-off makes an applicant ineligible to re-establish new accounts unless the charged-off debt is paid-in-full. 
• In cases where a former member made a settlement with Navy Federal and we incurred a loss, the former member is not eligible for membership, unless the charged-off debt is paid-in-full/being paid. 
• UAD (member-level) notes will be placed by the appropriate department indicating what actions (e.g., paid-in-full, payment arrangements) have been taken by the member.

• Only the identification number is needed (e.g., 241786327)

Abusive Behavior
Be On the Lookout (BOLO)
Disruptive/Disoriented Individuals
Environmental Threats (AC Outages, floods)
Homeless Activity/Panhandlers
In-Branch/Parking-Area Disturbances
Suspected Fraud

Law enforcement should not be called for fraudulent transactions (e.g., fraudulent check presented for deposit) conducted at the branch by any individual unless directed by Security. Team members must do the following for suspected fraud:

• Complete the procedures in the "Suspected Fraud" section for notifying Security of fraud or scams.
• Allow individuals suspected of attempting to conduct fraudulent transactions the opportunity to leave; they should not be held at the branch.
  • Team members must not unnaturally stall members or prevent them from leaving (e.g., stating system issues or retaining ID) while contacting Security or waiting for law enforcement, when applicable, to arrive.

An item (e.g., check, account opening) was completed or altered without the member's knowledge or consent.

This level 3 alert indicates the member has advised Navy Federal that they have:

• Experienced identity theft at another financial institution.
• Reported a lost or stolen physical ID.
• When performing transactions:
  • Request two acceptable forms of identification when this alert is present, regardless of transaction amount or type (e.g., wire transfers, Encore transactions) until proper steps have been taken to remove the alert.
    • The forms of identification must be from the list of CIP acceptable documents due to the ID Theft concern.
    • If documents are from the Address list, the address on the provided documentation must match the address listed in the member record.
    • Bank statements presented for Address verification must be from another NCUA/FDIC insured financial institution. 
      • Bank statements can not be Navy Federal issued. 
  • The Fraud Fighter pen must be used to verify the applicable security features on the IDs presented.
  • Refer to Performing Transactions section for guidance.
  • Refer to Non-Member Transactions, if applicable.

This level 7 alert is placed when a member is suspected of committing a financial crime against Navy Federal.

• There are different types of Suspected First Party alerts, depending on the account activity.
• Branch team members cannot add or modify this alert. 
  • Branch team members can only  delete this alert after all Fraud Operations instructions in member-level notes are completed.
  • CIP documents must be reviewed prior to deleting the alert. 
    • One form of ID is required unless otherwise stated in the Notes. 
    • Bank statements presented for Address verification must be from another NCUA/FDIC insured financial institution. 
      • Bank statements can not be Navy Federal issued. 

• Only the last four digits of the vehicle registration must be documented (e.g., 5678).