NOTICE: The Finance Policies and Procedures Manual, along with the previous manual, is undergoing changes. These sites are continually updated to reflect changes in business processes. If you cannot find the information you are seeking in these policies, email financecomm@unc.edu for more information.
Policies and Procedures

Procedure 308.3 – Deactivating a Credit Card Merchant Account

Effective
July 1, 2006
Last Updated
July 15, 2011
Responsible University Officer
Executive Director and Information Security Officer
Information Technology Services
University Controller
Responsible Unit
Accounting Services

Procedure Statement

This procedure explains how to request deactivation of a credit card merchant account.

Forms and Instructions

To deactivate a credit card merchant account, contact the Cash Manager in Accounting Services to discuss the reasons for deactivation. A written request for deactivation should be sent by the business contact responsible for the merchant account to the Cash Manager in Accounting Services at CB# 1210 or via email. The written request should include the merchant name, merchant number, and reason for deactivation. The deactivation request should be confirmed, also in writing, by the Dean, Director or Department Head for the merchant account.

Once the Cash Manager has received the request for deactivation and the confirmation, a request will be submitted to the NC Office of the State Controller to have the merchant account deactivated with SunTrust Merchant Services.

Once the merchant account has been deactivated with STMS, an email will be sent to Trustwave to have the account disabled in TrustKeeper.

If the merchant account uses the TouchNet payment gateway, a remedy ticket will also be submitted to have the account deactivated.

Once the credit card merchant account has been deactivated, any point of sale terminal equipment should be securely stored until it can be disposed. Please see Procedure 308.4 - Disposal of Point-of-Sale Terminals, for more information.

Payment Card Industry (PCI) Compliance should continue for any credit card-related data held by the department until the data can be securely destroyed. Even though the merchant account has been deactivated, the merchant account can have a breach with historical data. Please contact the Cash Manager or ITS Information Security for further information about how to prevent such a breach.

Related Data

None

History

Revised:
July 15, 2011