Someone is opening CISA using mine/my child's details

anklyosaurus

I'm really not sure where to post this so thought I'd start here. My child has a JISA already. I am the only parent. My ex died during lockdown.
On Monday I received a text from a major bank thanking me for opening a JISA. I have now received a letter asking for documents to confirm my child's identity as someone has opened a JISA 'as a gift'. My first thought was phishing.
I managed to speak to an advisor (the letter is genuine) this morning who initially insisted that my ex must have opened it, but agreed that only a parent should have been able to. I've also been told the account was opened online and my details were entered. If I don't do anything the account will close automatically. Because of GDPR they can't tell me anything else. 
My concern is that someone has used my name, address, mobile phone number and child's details to do this. My friends and family would just give me or my child the money. 
I'm now concerned that someone is trying to open accounts in my / my child's name. Should I be? One of the acceptable forms of ID was a birth certificate - not difficult to source. 
If I should post this elsewhere can someone suggest where? 

TheMightySwordfish

Have a word with Friends and Family to actually find out if they did or didn't. Maybe their heart was in the right place. If none did then your right to question it.

P.S Sorry for your loss. 

surreysaver

Organisations use GDPR as an excuse not to share data. I believe in this case there could be a perfectly legitimate reason to share the data. 

jimbo6977

What a lot of bother at an unfortunate time!

If you are the data subject, you are entitled to a copy of the data that is about you (you can submit a Subject Access Request to get this).

Unfortunately to get to the bottom of the mystery, you will need data regarding whoever it is that opened the account (eg phone records, IP address, CCTV footage) and only the police would be able to access that, if they have the time/inclination.

xylophone

Is it possible that a relation of your ex, thinking that a JISA was the right kind of account to use, decided to make a gift from  the deceased's  estate to your child?

pjread

xylophone said:

Is it possible that a relation of your ex, thinking that a JISA was the right kind of account to use, decided to make a gift from  the deceased's  estate to your child?

That sounds most likely; if it was a case of identity theft then there are a few oddities;

1/ JISA I don't think can be accessed under age 16 or 18, so unless your child is 15+ they'd have a while to wait to pull off a con

2/ Identity thief would be unlikely to provided your real phone number and would want to hide the activity

Assuming the ISA provider is a "major" one that's trustworthy/legitimate, I think xylophone's suggestion sounds most plausible. 

colsten

How old is the child? Is it possible that the child filled in the application form?

Vortigern

All the bank wants is evidence of your child's ID. If you are sure that you are dealing with the bank, there is no harm in providing such ID. You then assert your right as sole surviving parent to administer that account and your child has a gift.

You then have the minor problem of "child has 2 ISAs". If both are cash ISAs, you could possibly switch the new one to S&S before the year end report to HMRC.

born_again

surreysaver said:

Organisations use GDPR as an excuse not to share data. I believe in this case there could be a perfectly legitimate reason to share the data. 

Except that they can not verify the OP's identity.
So if the OP said it was not them to the adviser, then telling them anything would be a breech.

Would be far better for OP to double check with family to check 1st.

Again Sorry for OP's loss.

[Deleted User]

born_again said:

surreysaver said:

Organisations use GDPR as an excuse not to share data. I believe in this case there could be a perfectly legitimate reason to share the data. 

Except that they can not verify the OP's identity.
So if the OP said it was not them to the adviser, then telling them anything would be a breech.

Would be far better for OP to double check with family to check 1st.

Again Sorry for OP's loss.

You post doesn't make much sense.

They have are saying that she applied for the account - therefore the personal data is hers until proven otherwise.
The OP only has to do a GDPR request and get the data and then dispute it.

born_again

dahj said:

born_again said:

surreysaver said:

Organisations use GDPR as an excuse not to share data. I believe in this case there could be a perfectly legitimate reason to share the data. 

Except that they can not verify the OP's identity.
So if the OP said it was not them to the adviser, then telling them anything would be a breech.

Would be far better for OP to double check with family to check 1st.

Again Sorry for OP's loss.

You post doesn't make much sense.

They have are saying that she applied for the account - therefore the personal data is hers until proven otherwise.
The OP only has to do a GDPR request and get the data and then dispute it.

OP said they already had a JISA ( Have to take it that it is not with the same bank)

From OP >>My concern is that someone has used my name, address, mobile phone number and child's details to do this. <<

So clearly the OP has not opened this account with the Major Bank. As this bank can not take them through security. Then as far as GDPR goes they can not supply any information to someone who, has admitted they did not apply for the account. So if they did supply the info. They would be breeching GDPR.