Procedures
Best Practice/Suzy Tips
Authentication
Account Takeover
100

This disclosure must be read to any party that comes on the line and would not have heard it during the initial IVR greeting.

What is: "This call is recorded for training purposes; to enhance customer service, security and to confirm our discussions with you."

100

This is recommended to be completed for any debit card calls.

What is: cancelling Neptune call.

100

This is the total number of times a customer can answer manual authentications question wrong.

What is: the 3 strike rule.

100

These are examples of electronic fraud.

What is: 

  • PayPal/PayPal-like transactions
  • Address Change
  • Phishing / Smishing
  • Account Takeover
  • EasyLine/EasyWeb/ Impersonation
  • Interac OAS (Certapay) Impersonation
  • Visa Money Transfer - (VMT/VPPO)
  • Canadian/US Bill Payment
  • Apple Pay/Samsung Pay/Google Pay Registration/Transactions
  • Biometrics Touch ID
200

This must be included in the body of a fraud claim appeal in Relationship Builder (other than pertinent information to support the appeal).

What is: the DPM or PEGA (FCM) Claim ID number.

200

This should be checked for when a customer is reporting a non-ATM cash advance as fraud.

What is: check all other accounts to see if the cash advance was accidentally transferred into another account (chequing, savings, LOC, etc.).

200

OTP authentication alone is considered _____.

What is: low risk authentication.
200

This step must be completed before the closure of a card or else fraud may occur/transfer over onto the new card.

What is: deleting tokens.

300

The HOST screen _____ must be utilized if a transaction is not displaying on PRM due to it being _____.

What is: CPA MENUH, APX.

300

This is recommended to do in order to avoid unintentionally changing the meaning of authentication questions.

What is: reading authentication questions verbatim.

300

This must be provided by a private banker's assistant if the private banker is not the one calling.

What is: the private banker's full name.

300

_____ is the total number of MCOMs to lodge when performing Access Card - Fraud for electronic fraud.

What is: 4 MCOMs (we will accept 3 if the customer opts out of using a verbal password).

400

This Entry Mode means a debit card transaction was done using tap with a mobile wallet.

What is: 920.

400

This is recommended to do right before submitting an LS report.

What is: clearly communicating to the customer that you are about to permanently close their credit card.

400

This HOST screen displays a customer's private banker.

What is: CIF EAMC.

400

This mark type is used on PRM when a customer is reporting a fraudulent Visa money transfer.

What is: referral to ID theft.

500

Lodge a _____ for customers who are making a single irregular/large purchase(s) over _____ for a maximum of _____ days.

What is: a CW03, $10k, 3 days.

500

This should be verified when there are GOOGLE TEMPORARY HOLD transactions.

What is: verifying what triggered the GOOGLE TEMPORARY HOLD and not the GOOGLE TEMPORARY HOLD transaction itself.

500

This is okay to do if there is a "CTI ONLY" MCOM but no A01/E01/A10 failed MCOMs and the debit card is in DEPO/FRAUD status.

What is: use standard authentication.

500

These other accounts must be closed (if applicable) if there is an intercepted EMT.

What is: credit card(s) and their respective additional cardholder(s).