We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
NatWest: Denial of service
Comments
-
You are missing the point here. The banks actually do disclose procedures to their customers to enable them to transact on their accounts.I'm not sure any bank is going to to do anything but 'undisclosed procedures'.
I am saying that they should follow these procedures. If they don't want to follow them, because they feel they are inadequate, they should tighten them up.
It is fortuitous that in my case I have a current account as well as an internet savings account with NatWest. This gives me the option of visiting a branch to withdraw money from them, whereas if I had had only an internet account, I might end up in an "infinite loop" with NatWest, who would say: "This is an internet account. You must carry out transactions on the internet or by telephone banking."
I would say: "I just did that, but you decided to block my account". NatWest then say:"We are sending you a new activation code". I reactivate the account, and .... etc. etc.0 -
No.???
Is this a long winded way of saying you were trying to pay your mortgage?
Another poster, opinions4u, insinuated that the payee account might have been under suspicion of fraud. I was pointing out that this was unlikely, because the payee account, in the same name as the payer, and at the same address, was also an account over which the payee bank had a real asset as security, with an equity buffer. Therefore, in the event of payee fraud, it would be impossible for any loss to occur to either of the banks involved.If not, then a) what sort of account is 'an account with security over a residential property'? and b) what is the relevence of this comment to the problem encountered with transfering funds into this account?
It was about £10,000. The funds had been held in a NatWest savings account for about a year. The reason for the transfer is that the NatWest account is no longer paying a competitive rate of interest (expiry of bonus period), so I wish to transfer the funds to another institution.It would also be helpful if you could give an idea of the value of the transaction, the origin of the funds involved and the reason for making the transfer.
I know. That's why I commented on that thread to say the same thing had happened to me. It was as I was about to start this thread that I noticed the other thread, but I felt it more appropriate to start my own thread on the wider topic of frustrating security procedures.There is a certain similarity between this thread and https://forums.moneysavingexpert.com/discussion/38641370 -
I have had a dreadful experience dealing with NatWest.
I tried to carry out a telephone banking transaction, a faster payment to a pre-existing payee at an external bank. That payee was myself (same name). I was told the payment might take an hour or two to show up, worst case it would be made the next day.
The payment was not made. NatWest decided to flag the transaction as potentially fraudulent, and to put a block on my account. As a result, I cannot make any payments unless I visit a branch, or until I have re-activated my card reader.
I rang NatWest to complain, and was going round in circles trying to get them even to acknowledge that I had a valid complaint. Eventually, I managed to escalate things to a manager, who begrudgingly gave me a reference number.
My advice to anyone who actually wants to be able to access their own money is not to use NatWest.
In my opinion, their security process is seriously flawed.
If you ask your customers to follow certain security procedures, then I think you must accept all transactions that are carried out in accordance with those procedures. If the bank feels that the published procedures are inadequate, and that additional measures are necessary, they should publicly change the procedures.
What is unacceptable is to run "heuristics", and operate undisclosed procedures that can result in denial of service to your customers.
NatWest is trying to follow a "security through obscurity" model, and seems to think that fraudsters are going to be impeded by having unpublished criteria for transacting on accounts at NatWest.
In fact, it is only the bank's own customers that will end up being inconvenienced, and potentially exposed to significant financial loss, as a result of being unable to transact on their accounts.
I feel strongly that NatWest are misguided in their approach to security. However, I am aware that other banks also have flawed procedures.
Please share with me your banking security nightmares.
Regarding their "security through obscurity model" that you talk about, which bank is going to divulge their security procedures to a customer/potential fraudster whose account is currently flagged as potentially under attack? Even under different circumstances - no bank will reveal its internal security processes to customers, no matter how much the customer rages on, asks to speak to a manager or tell the adviser how much money that have in the bank. (the adviser can see how much money there is and couldn't really care - there are bigger fish than you).
You may have already made transfers to the same payee in the past but there are other suspicious factors which may trigger a warning on that day and will not allow you to do the transfer. They are trying to protect your money as hard as that is to understand at the time you are trying to transact.
Natwest is not the only bank that does this. They all do this. If you lost money due to fraudulent activity, you obviously would not be happy and probably be one of the first to complain. The procedures are there to avoid that happening and unfortunately genuine transactions are stopped sometimes.0 -
Regarding their "security through obscurity model" that you talk about, which bank is going to divulge their security procedures to a customer/potential fraudster whose account is currently flagged as potentially under attack?
I never asked NatWest to divulge any of their procedures to me. The point I am trying to make is that, if they publish security criteria that their customers can use to transact on their accounts, then they should follow them. Otherwise, customers can have no confidence of being able to access their funds when they need them.
Not sure how you are coming up with this nonsense without knowing any of the facts.Even under different circumstances - no bank will reveal its internal security processes to customers, no matter how much the customer rages on, asks to speak to a manager or tell the adviser how much money that have in the bank. (the adviser can see how much money there is and couldn't really care - there are bigger fish than you).
Again, I never asked NatWest to disclose to me any of their procedures.
I didn't "rage on". I simply called them to complain that they had not carried out my transaction, and to ask why they had blocked my online banking access. They said "we can resolve this for you by sending you a new activation code". I said "but it was only yesterday, on the day of the attempted transaction, that I reactivated my account, after you sent me a new activation code. Now you are saying you are going to send me another one. But how am I ever going to be able to transact on this account if, on the very day that I reactivate it, you may decide that you are going to block my account? They said: "sorry, but these are our procedures".
I then said I wanted to complain about the procedures, because I felt they needed to be changed. After a lot of time-wasting, which I won't bore you with, but which involved me in having to go through the whole story three times, I eventually got a manager to issue me with a reference for my complaint.
At no time did I ever discuss "how much money I had in the bank" and I fail to see the relevance of this.
Surely you can see a slight problem with a process that requires a postal activation code to allow transactions to occur but, on the very day of activation, imposes a block on the account requiring further activation.You may have already made transfers to the same payee in the past but there are other suspicious factors which may trigger a warning on that day and will not allow you to do the transfer. They are trying to protect your money as hard as that is to understand at the time you are trying to transact.
Natwest is not the only bank that does this. They all do this. If you lost money due to fraudulent activity, you obviously would not be happy and probably be one of the first to complain. The procedures are there to avoid that happening and unfortunately genuine transactions are stopped.0 -
Another poster, opinions4u, insinuated that the payee account might have been under suspicion of fraud. I was pointing out that this was unlikely, because the payee account, in the same name as the payer, and at the same address, was also an account over which the payee bank had a real asset as security, with an equity buffer. Therefore, in the event of payee fraud, it would be impossible for any loss to occur to either of the banks involved.
Blimey, you're complaining about Natwest's obscure rules, but this paragraph (and the 'secured on residential property bit above) is about as obscure as a paragraph can get.
I am intrigued to know what type of account is not a mortgage but is secured on residential property.
But this whole thing is largely irrelevant, since Natwest don't know the name on the payee account, the address, or the type of account when they block the payment.0 -
I'm implying absolutely nothing you over-sensitive plonker.What are you implying?
Fraud happens. It's a fact of life. Financial services providers are required to take steps to reduce the risk of fraud on accounts.
Fraud can take place in many ways and transferring from one account to another can often be the start of quite a complex sequence of transactions that culminate in the theft of significant sums.
Back in the days of BACS and cheques there was a 3 day window to intervene. In the days of Faster Payments damage can be done somewhat faster. The crime is committed and the funds long gone before anybody has a clue.
And good for you. But anybody can type anything in to a "payee" field within an online banking system. And if a sequence of transactions shows similarity to fraudulent transactions elsewhere, the bank has a duty to itself and the regulator to make sure everything is above board.This payee, which happens to be myself, is an account with security over a residential property, and, relative to the sums at issue, there is a substantial equity cushion. It is also an account that continues to operate perfectly normally.
While it may have irritated you, and I accept it's a pain, it's one of those things. It's rare that such an intervention is required, but it's right that they take action to minimise the impacts of fraud.
As I posted earlier, if you weren't the one who had initiated this transaction you'd be more peeed off if they honoured it without question.0 -
I don't think so. The original reply to opinions4u did not really spell out what I was getting at, but I think I explained that at the second attempt.Blimey, you're complaining about Natwest's obscure rules, but this paragraph (and the 'secured on residential property bit above) is about as obscure as a paragraph can get.
The bank's "obscurity" is preventing me from transacting on my account, a more serious issue than not fully spelling things out in an internet forum.
If you have, say, a current account at the bank where you have a mortgage, the bank's security covers that account as well. [Edit: At least, this is true if you have an offset mortgage.]I am intrigued to know what type of account is not a mortgage but is secured on residential property.
Well, it was opinions4u who brought up the question of suspicion over the payee account. If you say NatWest would not consider that, then I certainly can't dispute that.But this whole thing is largely irrelevant, since Natwest don't know the name on the payee account, the address, or the type of account when they block the payment.0 -
That's not very nice, is it?opinions4u wrote: »I'm implying absolutely nothing you over-sensitive plonker.
I don't think your post was particularly clear.opinions4u wrote: »***
Quote:
Originally Posted by Somerset
A mysterious third party would be a new payee which would need to get through NW's security checks.
The OP's transfer was to an existing payee which had already passed those security checks.
***
And if that payee has had suspicious activity on their account?
Fraud happens. It's a fact of life. Financial services providers are required to take steps to reduce the risk of fraud on accounts.
When I said "What are you implying?", it was a genuine question. I think you were implying that suspicion over the payee account might have influenced NatWest's decision to block the account. I tried to point to out that I didn't think there would be any suspicion on that account. rb10 is now saying this is all irrelevant, because NatWest would not have considered that issue. Perhaps you two should argue the point.
Yes, I acknowledge that this is a challenge for banks to manage.opinions4u wrote: »Fraud can take place in many ways and transferring from one account to another can often be the start of quite a complex sequence of transactions that culminate in the theft of significant sums.
Back in the days of BACS and cheques there was a 3 day window to intervene. In the days of Faster Payments damage can be done somewhat faster. The crime is committed and the funds long gone before anybody has a clue.
My point is quite simple, which is that banks, especially NatWest, should be managing it better than they are, by having procedures that their customers can actually follow in order to transact on their accounts.
I won't keep money with banks that don't allow me to access it when I need it, especially if they have a system as hopeless as NatWest's.
As I said earlier, this was a pre-existing payee that I had set up on the account.opinions4u wrote: »Quote:Originally Posted by samizdat
***
This payee, which happens to be myself, is an account with security over a residential property, and, relative to the sums at issue, there is a substantial equity cushion. It is also an account that continues to operate perfectly normally.
***
And good for you. But anybody can type anything in to a "payee" field within an online banking system. And if a sequence of transactions shows similarity to fraudulent transactions elsewhere, the bank has a duty to itself and the regulator to make sure everything is above board.
While it may have irritated you, and I accept it's a pain, it's one of those things. It's rare that such an intervention is required, but it's right that they take action to minimise the impacts of fraud.
As I posted earlier, if you weren't the one who had initiated this transaction you'd be more peeed off if they honoured it without question.
There was no "sequence of transactions". I had put money on deposit with NatWest, and after the end of the bonus period in that savings account, it should be no surprise to NatWest that their customer wants to transfer that business elsewhere.
What's more, I have now established, looking back on it, that the payee account was the **original source of the funds that I paid in to NatWest**.
How suspicious is that?!! Funds come in from a source account. A payee is set up, following procedures, to allow money to be sent back to that same account. Months later, an attempt is made to pay money to that original source account.
I'm sorry, but NatWest's systems are truly pathetic if they flag that as potentially fraudulent.0 -
I rang NatWest to complain, and was going round in circles trying to get them even to acknowledge that I had a valid complaint. Eventually, I managed to escalate things to a manager, who begrudgingly gave me a reference number.
Any customer concern is a "complaint" and can be raised in any of the ways mentioned in the complaints procedure. You can complain about any complaint handling not fully in accordance with that procedure, particularly the manager's demeanour.
Regarding the transaction issue, why the rant ahead of the complaint final response? That's why there is a complaint's procedure.0 -
I won't keep money with banks that don't allow me to access it when I need it, especially if they have a system as hopeless as NatWest's.
If that's really your view then I think you'll need to keep your money under the bed, because every financial institution operating in the UK will be required to monitor transactions for money laundering and other fraudulent activity, and I would be astonished if you can find one that will spell out in precise detail what their criteria are.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351.7K Banking & Borrowing
- 253.4K Reduce Debt & Boost Income
- 454K Spending & Discounts
- 244.7K Work, Benefits & Business
- 600.1K Mortgages, Homes & Bills
- 177.3K Life & Family
- 258.4K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.2K Discuss & Feedback
- 37.6K Read-Only Boards