THIS AGREEMENT IS SUBJECT TO ARBITRATION PURSUANT TO THE FEDERAL ARBITRATION ACT AND/OR APPLICABLE STATE LAW.
This Carolina eBusiness Services Agreement, along with the implementation forms, enrollment forms, applications, service descriptions, user guides, fee schedules, and other documents provided when you begin to use this service or request additional services (collectively, this “Agreement”), sets forth the terms which govern account access through our Carolina eBusiness online banking service for commercial customers (“Carolina eBusiness,” as it may be updated or amended from time-to- time). Any use of Carolina eBusiness by you or anyone you authorize is your acknowledgment that you accept all the terms and conditions of this Agreement and that you have read it carefully. The terms and conditions of your deposit account agreement and disclosures (“the “Terms and Conditions”) for each of your bank accounts, as well as your other agreements with the Bank such as those you entered into for loans and other services, continue to apply notwithstanding anything to the contrary in this Agreement. To the extent there is a conflict between the terms of this Agreement and one contained in the other agreements between you and us, this Agreement will control with respect to online banking and related services.
“Access ID” is the name assigned by the Bank to identify the Customer in the System. This identifying name or identification will be unique to the Customer and will be used exclusively by the Customer to access the System.
“Account” means any Carolina Alliance Bank account which you access using the System.
“Business day” means Monday through Friday, except bank holidays.
“Certificates” are digital security certificates issued to System Administrators and Users by the Bank to be used in conjunction with Passwords or PINs to enable the System Administrator and/or Users to access the System.
“Enrollment Form” is any application or form that may be used from time to time by Carolina Alliance Bank to obtain information from a Customer for the approval of the Customer’s use of the System and to gather information necessary to initiate the Customer’s access to the System and Services.
“Funds Transfer” is a transfer of funds through the Service from any of the Customer’s Accounts at the Bank to any other Account with the Bank or to an account at another financial institution.
“Password” or “PIN” is the code you create to establish your connection to the System.
“Security Tokens” are: (i) Smart cards or such other storage devices for Certificates issued by the Bank; or (ii) Security devices designated by the Bank for use by the System Administrator or User to generate security codes (one-time Passwords) to access the System.
“Service” or “Services” refer to Carolina eBusiness in general (i.e., the System) or particular features of, or services offered through, Carolina eBusiness.
“System” refers to Carolina eBusiness.
“System Administrator” is a person designated by the Customer who is given full System access and who sets User access authorities and security levels, to the extent such designation is offered by the System.
“Time of Day” references are to Eastern Standard Time or Eastern Daylight Time, as applicable.
“Users” refer to those who are authorized by the Customer or System Administrator from time to time to use the System.
“We,” “us,” “our,” and “Bank” refer to Carolina Alliance Bank.
“You,” “your,” and “Customer” refer to each Account holder.
Access Codes. The Access ID, Password, and any other security code used to access your Accounts are referred to collectively herein as the “Access Codes.” Once you have changed
your temporary Password we will not be able to tell you what it is. You accept responsibility for the confidentiality and security of your Password and other Access Codes and agree to change your Password regularly. For purposes of security, the System requires that you create a Password having minimum specifications as may be stipulated by the System from time-to-time. Your Password should not be associated with any commonly known personal identification, such as address, date of birth, names of children and should be memorized rather than written down. You agree not to give or make available your Access ID, Password, or other Access Code or means to access the System to anyone. You agree that we are authorized to act on instructions received under your Password or other Access Code. We undertake no obligation to monitor transactions through the System to determine that they are made on behalf of the accountholder. You are responsible for all transactions and payments you authorize using the System or otherwise executed under your Access Codes. If you permit other persons to use the System with your Access ID, Password or other means, you are responsible for any transactions they authorize or activity they perform and you assume all risks of potential losses or damages relating to such use.
CONTACT US AT ONCE at (864) 208-BANK (2265) if you believe your Password or other Access Code has been lost, stolen, used without your authorization, or otherwise compromised or if someone has transferred or may transfer money from your Accounts without permission. An immediate telephone call to us is the best way to reduce any possible losses. You could lose all the money in your Accounts (plus your maximum overdraft line of credit, if any).
Security Procedures. The use of the Access Codes, in addition to other authentication methods described in this Agreement, is a security procedure established by us to authenticate the identity of the person attempting to gain access to the System. As part of the security procedure, we will also provide multi-factor authentication (MFA). Your Enrollment Form may provide optional security procedures selected by you such as third-person call-backs that may be used to supplement the Access ID and Password. You agree to comply with these “Security Procedures” and any other Security Procedures we direct you to use, and you acknowledge and agree that the Security Procedures, including (without limitation) any code, password, personal identification number, user identification technology, token, certificate, layered security, or other element, means, or method of authentication or identification used in connection with a Security Procedure (“Security Devices”), constitute commercially reasonable security procedures under applicable law for the initiation of the Services you utilize, including without limitation, transfers and access to confidential information. You authorize us to follow any and all instructions entered and transactions initiated using applicable Security Procedures unless and until you have notified us, according to notification procedures prescribed by us, that the Security Procedures or any Access Code or Security Device has been stolen, compromised, or otherwise become known to persons other than you or your representative(s) and until we have had a reasonable opportunity to act upon such notice. You agree that, if we comply with the Security Procedures, we will not be liable for the amount of any unauthorized transactions arising from the use of any Service to which the Security Procedures relate. You agree that the initiation of a transaction or instructions using applicable Security Procedures constitutes sufficient authorization for us to execute such transaction or instruction notwithstanding any particular designation by you of authorized persons or signature requirements identified on any signature card or other documents relating to your deposit Account maintained with Carolina Alliance Bank. You further agree and intend that the submission of transactions and instructions using the Security Procedures shall be considered the same as your authorized written signature in authorizing us to execute such transaction or instruction. You acknowledge and agree that you shall be bound by any and all transactions initiated through the use of such Security Procedures, whether authorized or unauthorized, and by any and all transactions and activity otherwise initiated by you, to the fullest extent allowed by law. You further acknowledge and agree that the Security Procedures are not designed to detect errors in the transmission or content of communications or transaction initiated by you and that you bear the sole responsibility for detecting and preventing such errors.
We reserve the right to modify, amend, supplement, or cancel any or all Security Procedures, and/or to cancel or replace any Security Device, at any time and from time to time in our discretion. We will endeavor to give you reasonable notice of any change in Security Procedures; provided that we may make any change in Security Procedures without advance notice to you if we, in our judgment and discretion, believe such change to be necessary or desirable to protect the security of our systems and assets. Your implementation and use of any changed Security Procedures after any change in Security Procedures shall constitute your agreement to the change and your agreement that the applicable Security Procedures, as changed, are commercially reasonable and adequate for the purposes intended.
Internal Security. You understand the importance of your role in preventing misuse of your Accounts through the System. You agree to establish, maintain and update commercially reasonable policies, procedures, equipment and software (“Internal Security Controls”) that will safeguard the security and integrity of your computer and Account information from unauthorized use, intrusion, takeover or theft, and prevent your Password or other Access Codes from unauthorized discovery or use. A list of recommended internal security practices is attached here to as Exhibit A. You assume all risks of not complying with the recommended internal security practices or other security procedures or steps recommended by us from time to time. You bear all risk of fraudulent transfers and other losses arising from your internal security breaches, external security breaches of your equipment, networks, systems, or other information, or from the interception of your communications prior to their receipt by us. You agree that we are authorized to execute, and it is commercially reasonable for us to execute, any instruction received by us with your Access Codes. You are encouraged to consider purchasing insurance to cover any internal security losses.
You are also encouraged to perform a risk assessment and evaluation of your Internal Security Controls and these security procedures periodically. You agree to consider the size, type, and frequency of Funds Transfer requests or other Services you intend. You will consider the risks presented by the possibility of unauthorized access to these Services and your obligation on Funds Transfer requests, including those that are unauthorized. After your review, you will notify us if your use of the System would necessitate or be better served by a level of security that exceeds that previously selected by you or offered by the System. If you fail to notify us, you acknowledge and agree that the security aspects of the System are appropriate for your needs and will provide you with a commercially reasonable degree of security against unauthorized use.
Confidentiality. You agree to protect the confidentiality of your Account and Account number, as well as Passwords, Access Codes, Security Devices, and any other related information. You understand that certain confidential identification information by itself or together with information related to your Accounts, may allow unauthorized access to your Account. You agree to indemnify, defend all claims, and hold us harmless from any loss, damages, or expenses, including but not limited to attorney’s fees, caused by you, your employees’, or agents’ failure to keep the Security Procedures or Security Device confidential and secure.
Internet Communications. Data transferred via the System is encrypted in an effort to provide transmission security and ensure the System transmissions can be appropriately identified by each other. Notwithstanding our efforts to insure that the System is secure, you acknowledge that the internet is inherently insecure and that all data and transfers, including electronic mail, occur openly on the internet and potentially can be monitored and read by others. We cannot and do not warrant that all data transfers utilizing the System, or e-mail transmitted to and from us, will not be monitored or read by others. It is your responsibility to protect yourself and to be vigilant against e- mail fraud and other internet frauds and schemes (including, without limitation, fraud commonly referred to as “phishing” and “pharming”). You agree to educate user(s), agents, and employees as
to the risks of such fraud and to train such persons to avoid such risks. You acknowledge that we will never contact you by e-mail in order to ask for or to verify Account numbers, Security Devices, or any sensitive or confidential information. In the event you receive an e-mail or other electronic communication that you believe, or have reason to believe, is fraudulent, you agree that neither you nor your user(s), agents, or employees shall respond to the e-mail, provide any information to the e- mail sender, click on any links in the e-mail, or otherwise comply with any instructions in the e-mail. You agree that we are not responsible for any losses, injuries, or harm incurred by you as a result of any electronic, e-mail, or internet fraud.
Virus Protection, Firewalls and Spy-ware. You are solely responsible for taking and maintaining security precautions to protect your computer, data and other systems in your possession or under your control. There are a number of means and mechanisms by which other persons may obtain information from your computer or otherwise gain control of your computer (or any computer by which you access Carolina eBusiness), such as viruses, “spy-ware,” “malware,” “keystroke loggers” and hacking. We are under no obligation to determine if your computer (or any computer by which you access Carolina eBusiness) is secure or if it is or may be compromised or unsecure. We encourage you to routinely scan your hardware and software using reliable and current virus, firewall and spy-ware protection products of your choice to protect from, detect and remove any viruses and spy-ware found. We are not responsible for any computer viruses (including without limitation any “malware,” “keystroke loggers,” and/or “spyware”), problems or malfunctions resulting from any computer viruses, or any related problems that may be associated with the use of an online system or service. Any material downloaded or otherwise obtained is obtained at your own discretion and risk, and we are not responsible for any damage to your computer or operating systems or for loss of data that results from the download of any such material, whether due to any computer virus or otherwise. You are solely responsible for maintaining and applying anti-virus software, security patches, firewalls, and other security measures with respect to your operating systems, and for protecting, securing and backing up any data and information stored in or on your operating systems. We are not responsible for any errors or failures resulting from defects in or malfunctions of any software installed on your operating systems or accessed through an internet connection.
Termination of Employee Access. In the event you wish to change any authorization (as a result of personnel changes, your business policy, or for any other reason), it is your sole responsibility to revoke access in order to protect against improper use of Carolina eBusiness. At any time that you choose to terminate access to the System of an employee or when an employee is terminated or ceases being employed by you, you are to notify us immediately by phone at (864) 208- BANK (2265) and must follow up your request in writing. Upon notification which is consistent with the requirements of this Agreement and reasonable opportunity to act, we will terminate the Access Codes used by that employee.
System Administrator; Authority Levels. To the extent the System allows a System Administrator to make changes to your access to the System, the System Administrator may be able to designate which Accounts to open to Users, who will be added or deleted as a User, to assign access to Services to each User, place or remove any limitations on User transaction authority, and issue Passwords that will allow Users to access the System. Once activated, the Bank does not control or oversee the System Administrator function. You agree that all action taken by the System Administrator or any User designated or authorized by the System Administrator is authorized by you, and all such persons are your agent for purposes of use of the System and Services. The person or persons who execute the Enrollment Form are authorized to act as System Administrators, along with any person named as the System Administrator on that form. These persons also may assign to one or more other persons the role of System Administrator, and you acknowledge that the Bank will not control (and may not even be aware of) changes in the System Administrator.
The System allows you to set specific levels of authority for Users. Unless you configure access restrictions otherwise, all persons with access to the System will have full transaction capability in the System, which may include Funds Transfers. It is your responsibility to understand the security capabilities built into the System and to decide which of your Accounts to link to each Access ID and what level of authority is appropriate for each Account linked to the Access ID, keeping in mind the importance of separation of duties as an important way of protecting your company. Error, negligence, or misfeasance by the System Administrator or by any User of the System can cause significant losses for which you agree that the Customer and not the Bank will be responsible.
You also acknowledge and agree that if a Request describes the beneficiary or beneficiary’s bank inconsistently by name and Account number, execution of the Funds Transfer may occur on the basis of the number, even if it identifies a person different from the named beneficiary or bank, and that your obligation to pay to us the amount of the Funds Transfer is not excused in such circumstances.
security reasons, we may impose additional limits on the frequency, number, and dollar amounts of transactions you can perform using Carolina eBusiness. In addition, we reserve the right to refuse to pay any person or entity to which you may direct a payment through Carolina eBusiness. We will notify you promptly if we decide to refuse to pay a person or entity designated by you; however, this notification is not required if you direct us to make any payment which is otherwise prohibited under your agreements with us.
Hours of Access; Processing Transfers. Carolina eBusiness is available 24 hours a day, seven days a week, except during regularly scheduled or special maintenance periods. We will make every effort to advise you when the service may be down for an extended period. If the system is unavailable, you may use the automated telephone voice response system at 800-373-0391 to conduct your transactions. For transaction processing purposes, all requests received after 4:30 p.m. on business days will be processed on the next Business Day, unless otherwise stated in the service agreement for the particular Service or Account, or otherwise communicated by the Bank. Transfers between Carolina Alliance Accounts process immediately once the transaction is confirmed.
You are fully obligated to us to provide sufficient funds for any payments or transfers you make or authorize to be made. If there are insufficient funds in your Account to make a transfer, we may refuse to make the transfer or we may make the transfer and overdraw your Account. In either event, you are responsible for any non-sufficient funds (“NSF”) charges that may apply. These NSF charges or the overdraft created thereby may be set-off against any other amounts in accordance with the Terms and Conditions of your Accounts.
IN NO EVENT WILL THE BANK OR ANY OF ITS OFFICERS, DIRECTORS, SHAREHOLDERS, PARENTS, SUBSIDIARIES, AFFILIATES, AGENTS, LICENSORS, OR THIRD PARTY SERVICE PROVIDERS BE LIABLE FOR ANY CONSEQUENTIAL (INCLUDING WITHOUT LIMITATION, LOSS OF DATA, FILES, PROFIT OR GOODWILL OR THE COSTS OF PROCUREMENT OF SUBSTITUTE GOODS OR SERVICE), INDIRECT, INCIDENTAL, SPECIAL OR PUNITIVE DAMAGES, WHETHER IN AN ACTION UNDER CONTRACT, NEGLIGENCE OR ANY OTHER THEORY, ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT, THE CAROLINA eBANKING SYSTEM, THE INABILITY TO USE SYSTEM, ANY GOODS OR SERVICES PURCHASED OR OBTAINED USING THE SYSTEM, OR ANY MESSAGES RECEIVED VIA THE SYSTEM OR ANY TRANSACTIONS THEREUNDER, EVEN IF THE BANK HAS BEEN SPECIFICALLY ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE AGGREGATE LIABILITY OF
THE BANK AND OUR THIRD PARTY SERVICE PROVIDERS UNDER THIS AGREEMENT SHALL NOT EXCEED ONE THOUSAND DOLLARS.
No Liability for Certain Failures. The Bank will not be responsible for failure to provide access to the Carolina eBusiness System due to a system failure or due to other unforeseen acts or circumstances. We will not be responsible for any error or failures from a malfunction of your computer or any computer virus or other problems related to your computer equipment used with the System. The Bank is not responsible for any error, damages or other losses you may suffer due to the malfunction or misapplication of any system you use, including your browser (Microsoft Internet Explorer®, Netscape Navigator®, or otherwise), your internet service provider, your personal financial management or other software (such as Quicken®, or Microsoft Money®), or any equipment you may use (including your telecommunications facilities, computer hardware and modem) to access or communicate with Carolina Alliance Bank. In addition, we will not be liable to you for failure to make a transfer in the following instances:
If through no fault of the Bank, you do not have enough money in your Account to make the transfer.
If circumstances beyond our control (such as fire, flood, power outage, equipment or technical failure or breakdown) prevents the transfer despite reasonable precautions that we have taken.
If there is a hold or freeze on your Account, or if access to your Account is blocked, in accordance with banking policy.
If your funds are subject to a legal proceeding or other encumbrance is restricting the transfer.
If your transfer authorization terminates by operation of law.
If you believe someone has accessed your Accounts without your permission and you fail to notify the Bank immediately.
If you have not properly followed the instructions on how to make a transfer included in this Agreement.
If we have received incomplete or inaccurate information from you or a third party involving the account or transfer.
If we have a reasonable basis for believing that unauthorized use of your Password or Account has occurred or may be occurring or if you default under this Agreement, the Terms and Conditions, a credit agreement or any other agreement with us, or if we or you terminate this Agreement.
You may also use Carolina eBusiness to stop payment of a check you have written on your deposit Account. Your initial sign-in using your User ID and Password will serve as authorization in regard to an online check stop payment order. Any stop payment request must precisely specify the Account number, the check number, and the amount, date and payee of the check. You acknowledge that if you provide us with incorrect information, even if the information is a close approximation of the actual information, we will not be liable for payment of the check. The check stop payment order must be given in the manner required by law and must be received by us in such a time and manner as to afford the bank a reasonable opportunity to act on it. Without limiting the foregoing, we will not be liable for cashing a check within one business day of receiving a stop-payment order for the check. A check stop payment order will automatically expire six (6) months after receipt unless you renew it by completing a new check stop payment order. If you seek to cancel a stop payment request, we may require the person who initiated the check stop payment order to cancel it by coming into the branch and signing a release form.
Bill payments you schedule with the Bill Payment Service will be debited to your deposit Account in accordance with the instructions to the Bill Payment Service. The fees and charges imposed by the Bill Payment Service, as well as other expenses you may incur, will be charged against your deposit Account. You hereby authorize the Bill Payment Service to cause these fees and charges to be debited to your deposit Account when you sign up for the services. In addition, any Bank fees associated with your Accounts will continue to apply, and you also authorize the Bank to debit your deposit Account for any ancillary charges that the Bank incurs on your behalf, including any fees charged by the Bill Payment Service to the Bank with respect to any of your transactions.
Electronic Mail; Notices. You agree that Carolina Alliance Bank may respond to you by electronic mail (e-mail) with regard to any matter related to Carolina eBusiness, including responding to any claim of unauthorized electronic Funds Transfer that you make. Any notice we give you concerning Carolina eBusiness and/or your Accounts is effective when we send you an electronic message or when we mail or deliver the notice to you at the address we have for you in our Account records. Any notice we send you will be deemed to have been received by you three (3) calendar days of the date it was sent, regardless of whether or not you sign on to the Service within that time frame. It is your responsibility to inform Carolina Alliance Bank of a change in your e-mail address, and the Bank will have no liability for the non-receipt of an e-mail notification that is returned due to an invalid address. You acknowledge that e-mail may not be a secure method of communication and agree that you will not send us confidential, personal or financial information by e-mail. You agree that the Bank will have a reasonable amount of time to act on any e-mail message from you. You also should not rely on e-mail if you need to communicate with the Bank immediately (for example, to report an unauthorized transaction from one of your Accounts or to stop a payment that is scheduled to occur). In these cases, please call us at (864) 208-BANK (2265).
Modifications to this Agreement. Carolina Alliance Bank may modify this Agreement or any Carolina eBusiness services at any time. We will notify you of any changes by mail to the address
shown on our Account records or by sending you an electronic mail message. The revised terms and conditions will be effective at the earliest date allowed by applicable law. Your use of Carolina eBusiness after a change in terms constitutes your agreement to the change. We are not required to give you prior notice where an immediate change is necessary to maintain or restore the security of our system.
Termination. Carolina Alliance Bank reserves the right to terminate this Agreement and your access to Carolina eBusiness at any time without notice and with or without cause. If we terminate your access due to insufficient funds in one or more of your Accounts, service may be reinstated at the discretion of the Bank provided that funds are available to cover the cost of any fees and/or pending transfers. Further, if you do not access your Accounts via Carolina eBusiness for any three-month period, we may terminate your access to Carolina eBusiness. To request reinstatement of your service, contact us at (864) 208-BANK (2265) or via e-mail at firstname.lastname@example.org.
If you wish to terminate Carolina eBusiness, please contact Carolina Alliance Bank at (864) 208- BANK (2265), e-mail us at email@example.com or send us cancellation instructions in writing to Carolina Alliance Bank, PO Box 932, Spartanburg, SC 29304 Attn: Operations. Your access to the Carolina eBusiness will be suspended after we have received your instructions to cancel the service and had a reasonable opportunity to act, which shall be no less than 3 business days. Once we have acted upon your termination notice, we will make no further transfers from your Accounts, including any transfers you have previously authorized. You will remain responsible for all payments, transfers and other transactions in process, and outstanding fees and charges incurred prior to the date of termination.
(a) the performance of the Carolina eBusiness Service; (b) a third party claim, action, or allegation of infringement, misuse, or misappropriation based on information, data, files, or other materials submitted by you to us; (c) any fraud, manipulation, or breach of this Agreement by you; (d) any third party claim, action, or allegation brought against us arising out of or relating to a dispute with you over an Account or Carolina eBusiness; (e) your violation of any law or any rights of a third party; or
(f) your use of the System, or the provision of Carolina eBusiness or use of your Account by any third party. We reserve the right, at our own expense, to assume the exclusive defense and control of any matter otherwise subject to indemnification by you, in which event you will cooperate with us in asserting any available defenses. You will not settle any action or claims on our behalf without our prior written consent.
Applicable Law. This Agreement shall be governed by and construed in accordance with the law of the state in which we open your Account, without regard to its conflicts of laws provisions, and applicable federal law, except to the extent this Agreement can and does vary such laws.
Attorneys’ Fees and Costs. You agree to pay all attorneys’ fees, costs and expenses that we may incur in collecting any sums you owe us for overdrafts, service charges, or otherwise or in enforcing any rights we may have under this Agreement or applicable law.
Entire Agreement. This Agreement, the Terms and Conditions, and all other disclosures and agreements referenced herein, constitute the entire agreement between you and us with respect to the subject matter hereof and supersede any prior agreements between you and us with respect to the subject matter hereof.
Assignment; Binding Effect; No Third Party Beneficiaries. You may not assign this Agreement to any other person or entity. We may assign this Agreement to any company with which we are directly or indirectly affiliated. We may also assign or delegate certain of our rights or responsibilities under this Agreement to independent contractors or other third parties. This Agreement shall be binding upon and inure to the benefit of the parties hereto and their respective legal representatives, successors, and assigns. This Agreement is not for the benefit of any other person, and no other person shall have any right against the Bank or the Customer hereunder.
No Waiver. We will not be deemed to have waived any of our rights or remedies under this Agreement unless we deliver to you a written waiver signed by us. No delay or omission on our part in exercising any of our rights or remedies shall operate as a waiver of such rights or remedies or any other rights or remedies we may have.
A waiver on one occasion will not be construed as a bar or waiver of any rights or remedies on future occasions.
Severability. If any provision of this Agreement is held to be invalid or otherwise unenforceable, the remainder of the provisions shall continue in full force and effect and shall in no way be invalidated or otherwise affected.
Captions. The captions of sections hereof are for convenience only and shall not control or affect the meaning or construction of any of the provisions for this Agreement.
Ownership of Materials. The content and information on our Website is copyrighted by Carolina Alliance Bank and the unauthorized reproduction or distribution of any portions is prohibited.
Survival. The provisions of this Agreement, which by their nature survive expiration or termination of this Agreement, shall survive, including without limitation, Sections 2, 5, 7, 8, 10, 13, 14, 15, 21, 23, 24, 25 and 26.
Address and Business Hours. The address of our main office and our hours of operation are listed below.
CAROLINA ALLIANCE BANK 200 SOUTH CHURCH STREET SPARTANBURG, SC 29306
BUSINESS DAYS: Monday through Friday, excluding holidays Lobby and Drive-Thru Hours
Monday – Thursday 8:30 am – 5:00 pm Friday 8:30 am – 5:30 pm
You are responsible for strictly establishing and maintaining procedures to safeguard against unauthorized transaction and account fraud. The following are recommended security practices to be employed by all of Carolina Alliance Bank’s commercial online banking clients.
Review all banking transactions on at least a daily basis.
ACH and wire transfer payments should be maintained under dual control, with a transaction originator and a separate transaction authorizer.
If possible, and in particular for businesses which a do high value or large numbers of online transactions, carry out all online banking activities from a stand-alone, hardened and completely locked down computer system from which e-mail and Web browsing are not possible. To the extent workstations are used for online banking, they should not be used for non-business functions such as social networking or peer-to-peer file sharing applications.
Install online fraud protection software such as Trusteer Rapport on each workstation that will access online banking.
Maintain insurance coverage for all cyber-crime related losses.
Be suspicious of e-mails purporting to be from a financial institution, government department or other agency requesting account information, account verification or banking access credentials such as usernames, passwords, PIN codes and similar information. Opening file attachments or clicking on web links in suspicious e-mails could expose the system to malicious code that could hijack your computer.
Create a strong Password with at least 10 characters that include a combination of mixed case letters, numbers and special characters.
Do not allow employees to share Access IDs, Passwords, or tokens.
Use a different password for each website that is accessed.
Change the Password frequently.
Never share Access ID and Password information for Carolina eBusiness with third-party providers.
Ensure all critical operating system updates are installed.
Install virus protection, security software, and spyware detection programs and ensure they are updated regularly.
Have a firewall installed and configured to prevent access during non-working hours and to only allow access to certain websites.
Clear your browser cache before starting an Carolina eBusiness session in order to eliminate copies of web pages that have been stored on the hard drive. How the cache is
cleared will depend on the browser and version. This function is generally found in the browser's preferences menu.
Verify use of a secure session ("https" not "http") in the browser for all online banking.
Avoid using an automatic login features that save usernames and passwords for online banking.
Never leave a computer unattended while using any online banking or investing service.
Never access bank, brokerage or other financial services information at internet cafes, public libraries, and other public or unsecured wireless networks. Unauthorized software may have been installed to trap account number and sign on information leaving you vulnerable to possible fraud.
Establish a secure backup procedure to retain data in the event of corruption, hardware failure, or firewall failure.
Immediately report any suspicious transactions to the Bank, particularly, ACH or wire transfers. There is a limited recovery window for these transactions and immediate escalation may prevent further loss by you.