Red Flag Warning Message Overview

To comply with Red Flag requirements to monitor things like address changes, we have added Red Flag monitoring feature to CU*BASE. This tool provides alerts to both the credit union and the member when changes are made to a member’s personal information to provide an extra layer of security against fraudulent activity.

When changes are made to a member’s name, email address, any phone number (not including just a change to the extension), or mailing address (Address 1, Address 2, City, State, or any number in the ZIP Code), CU*BASE records these changes for a rolling 30 days. If configured, alerts are presented to both the member and the credit union employee. Before credit union employees enter selected screens (such as Teller, Inquiry and Phone Operator), they will receive a warning message noting how many changes have been made to these items in the last 30 days. (Credit unions can configure the number of days this message appears.) Each time a change is made to the member personal information, a Tracker entry is made on the Audit Tracker that records the old and new values. The Tracker also notes if the Employee ID of the person who made the change in CU*BASE, or 96 if the change was made in home banking.

  • NOTE: Members receive notification of a change to their personal information in the form of a secure online banking message in It’s Me247. They also receive an email (with the account masked except the last two digits) to their email address.  If the email address was changed, the member will receive an email notification to both the new and old email address, unless the old address was marked as a wrong address. (Then the notification is only sent to the new email address.  SEE ALSO: Communication with Members. (NOTE:  If you click on this link, a PDF booklet will open.)

  • NOTE: CASS Certification does not trigger this red flag feature.

  • NOTE: For phone number updates, the warning will not warn on additions, deletions, or resequencing of other contact numbers. Also, it will only warn on changes to the actual phone number field - not extension, label, or changes to flags.

All these Red Flag configuration settings are activated via Tool #750: Red Flag Controls. This configuration allows the credit union to select which CU*BASE options will display the message. Additionally, the configuration allows the credit union to configure the number of days that the warning message will appear in CU*BASE.

  • NOTE: When instituting this feature, be sure to provide your staff with training on what to do if they see the Red Flag message. Should they ask for photo identification to confirm the address?

Security Email When Online Banking Password is Sent

The system automatically generates an email any time an employee resets or changes a member's password using the tools in CU*BASE (such as Member Personal Banker).  The email is sent automatically to the email address already on file for the member. This is a security feature that is intended to warn members if someone else initiates a password change on their accounts without their knowledge. The content of the email changes slightly depending on whether the change was initiated via CU*BASE or via It’s Me 247

Second Email and When Email is Changed

The member receives an email to the original and new email address when an email address is changed in CU*BASE (as well as an online banking message).