Legal

Identity Theft Prevention Program

How PayServices Bank identifies, detects, prevents, and mitigates identity theft, in accordance with the Fair and Accurate Credit Transactions Act of 2003 (FACT Act) § 114 and its implementing 'Red Flags Rule.'

Last updated: May 5, 2026
This document is provided in English. Translations of other parts of the site are for convenience only; the English version governs.

1. Overview

This Notice describes PayServices Bank's Identity Theft Prevention Program, established and maintained in accordance with the Fair and Accurate Credit Transactions Act of 2003 ("FACT Act") § 114 and its implementing regulations — commonly known as the "Red Flags Rule" (16 CFR Part 681 for institutions subject to the Federal Trade Commission, and 12 CFR Part 41 / 12 CFR Part 222.90 for banks). PayServices Bank treats this Program as part of its safety-and-soundness compliance framework, supervised by the Idaho Department of Finance.

2. Purpose

The purpose of the Program is to identify, detect, prevent, and mitigate identity theft in connection with the opening of new accounts and the operation of existing accounts at PayServices Bank. Identity theft poses a risk to customers, to PayServices Bank, and to the integrity of the broader payments system; the Program is the principal mechanism by which PayServices Bank addresses that risk.

3. Scope of the Program

The Program applies to all "covered accounts" maintained by PayServices Bank, which includes:

  • Personal accounts intended for personal, family, or household purposes;
  • Business accounts where the level of risk identified by PayServices Bank warrants application of the Program;
  • Family/teen accounts (subject to the additional protections in the Children's Privacy Notice);
  • Any other account for which a reasonably foreseeable risk of identity theft has been identified.

4. Red Flags identified

PayServices Bank has identified categories of "Red Flags" — patterns, practices, or specific activities that indicate the possible existence of identity theft. The categories include:

  • Alerts and notifications — alerts, notifications, or warnings from a consumer reporting agency, identity-verification service, or sanctions-screening provider;
  • Suspicious documents — documents provided for identification that appear to have been altered, forged, or where the photograph or physical description does not match the applicant;
  • Suspicious personal information — personal information that is inconsistent with information on file, with the source from which it was obtained, or with information independently verified;
  • Unusual use of accounts — activity that is materially inconsistent with established patterns, including unusually high volume, unusually rapid movement of funds, transactions inconsistent with stated business purpose, or transactions involving sanctioned or high-risk geographies (subject to the granular sanctions-screening logic described in the Terms of Service);
  • Notice from customers, victims, or law enforcement — reports from any of these sources that an account has been or may be the subject of identity theft.

5. How we respond

When a Red Flag is detected, PayServices Bank takes one or more of the following responses, calibrated to the level of risk presented:

  • Decline to open the account, or freeze, restrict, or close an existing account;
  • Require additional verification, including out-of-band authentication, additional documentation, or a live identity-verification session;
  • Notify the customer of the suspected activity through verified contact channels;
  • File a Suspicious Activity Report with FinCEN, where required (see Section 8);
  • Notify law enforcement;
  • Take any other action consistent with the level of risk and applicable law.

6. Address-discrepancy procedures

Where PayServices Bank receives a notice of address discrepancy from a consumer reporting agency, we apply the procedures required by 15 U.S.C. § 1681c(h) and the applicable Red Flags rule, which include independently verifying the consumer's address, providing the verified address to the consumer reporting agency in appropriate cases, and applying enhanced scrutiny to the account.

7. Verification of address change requests

PayServices Bank maintains procedures to assess the validity of an address-change request followed promptly by a request for a new, replacement, or additional Card. Where these criteria are met, we apply additional verification before issuing the Card, in accordance with the applicable Red Flags rule.

8. What you should do if you suspect identity theft

If you suspect that you have been the victim of identity theft, or that your ITAM account or credentials have been compromised:

  • Contact us immediately at info@payservices.com or through the support channels in the ITAM application;
  • Place a fraud alert with one of the three nationwide consumer reporting agencies (Equifax, Experian, or TransUnion);
  • Report the theft to your local law enforcement authority;
  • File a police report with your local law-enforcement agency;
  • Consider placing a credit freeze with each of the three consumer reporting agencies.

Your liability for unauthorized electronic transfers is governed by the Electronic Fund Transfer Disclosure and the federal Regulation E. The faster you notify us, the lower your maximum liability under that regulation.

9. Oversight and program updates

The Program is overseen by the senior management of PayServices Bank, with reporting to the Board of Directors as required by the applicable Red Flags rule. The Program is reviewed and updated as appropriate to reflect changes in the methods of identity theft, changes in our service offerings, and changes in the regulatory environment.

The Program is subject to examination by the Idaho Department of Finance and to applicable federal authorities.

10. Contact us

PayServices Bank — Fraud and Identity Theft
950 W Bannock Street, Suite 1100
Boise, Idaho 83702-6140
United States

info@payservices.com