Banking Error

eskbanker

soulsaver said:

For the greater good, submit to the FOS. Maybe they'll audit the bank to understand why their systems/processes allow this to happen.

The FOS has no such powers, and can only review how the bank has dealt with the individual customer's complaint, not assess the root cause of the issues leading up to it.

soulsaver

eskbanker said:

soulsaver said:

For the greater good, submit to the FOS. Maybe they'll audit the bank to understand why their systems/processes allow this to happen.

The FOS has no such powers, and can only review how the bank has dealt with the individual customer's complaint, not assess the root cause of the issues leading up to it.

Well maybe they can refer it to the auditors who can.

eskbanker

soulsaver said:

eskbanker said:

soulsaver said:

For the greater good, submit to the FOS. Maybe they'll audit the bank to understand why their systems/processes allow this to happen.

The FOS has no such powers, and can only review how the bank has dealt with the individual customer's complaint, not assess the root cause of the issues leading up to it.

Well maybe they can refer it to the auditors who can.

No, no such FOS referral process exists, so probably best to stop digging on that front.

It's plausible that if there was a pattern of such events happening repeatedly and it came to the attention of the FCA, they might choose to investigate, but realistically they have much bigger fish to fry than chasing around after occasional human errors with minor consequences....

Marchitiello

RogerBareford said:

soulsaver said:

Ordinary CS people say they can't access my account without me getting all the security questions right, so how did they in this instance?

I can see why you can make a payment to the wrong person but I cant see how you make a payment from the wrong customers account - surely the CS level bank operative can't access the account without the customers security protocol? 

Call me cynical - this is fraud. And it's internal to to the bank. 

Which bank is it?

For the greater good, submit to the FOS. Maybe they'll audit the bank to understand why their systems/processes allow this to happen.

I don't think the banks system works as you imagine. I very much doubt there is anything to block access to certain systems unless they go through verfiying security.

They will have a procedure that states that they must go through security before acessing a customers account but nothing will physically stop them. When i have seen a banks screen years ago; to transfer money just consisted of putting in the account number and sort code of each account and pressing a button.

There has been a level of security even in branch for some time, they had to swipe your card and ask you to sign a paper receipt. Later some banks asked you to enter a PIN number after swipe before your full account details could come up on the screen. This is the scenario now when a phone agent ask you to get through security, they cannot fully access your account info, just some redacted summary until you pass security. It is even more restricted if you are a “Private” account customer within the larger retail banks. regular CS can only access “view only” your account, transactions needs to be authorised via the Private team.. 

born_again

soulsaver said:

Ordinary CS people say they can't access my account without me getting all the security questions right, so how did they in this instance?

I can see why you can make a payment to the wrong person but I cant see how you make a payment from the wrong customers account - surely the CS level bank operative can't access the account without the customers security protocol? 

Call me cynical - this is fraud. And it's internal to to the bank. 

Which bank is it?

For the greater good, submit to the FOS. Maybe they'll audit the bank to understand why their systems/processes allow this to happen.

A bit of a internal insight for you.

If you think about it. How would anyone from the bank ever contact you if they can not access your account? 

Anyone working in C/S at your bank can access your account at any time. They can only do this with good reason, such as you calling in Or they are needing to do internal work. This is all audited & people do get sacked for accessing accounts they should not be in.

Part of my role is to move money to or from internal suspense accounts to or from customers accounts. When payments are taken on stopped cards or other issues. Most of this is done without ever contacting customers. If we had to contact a customer before doing this the vast majority would never get their credits 😢as only a very small % ever respond.

We are all human & miskeying a 14 digit number is very easy, when you are talking about hundred's of payments a day. 

End of the day FOS would do nothing. They would see the bank has realised the error, corrected the error & compensated the customer.

Eco_Miser

born_again said:

If you think about it. How would anyone from the bank ever contact you if they can not access your account? 

If they can access the customer details, like phone and address, but not the account details like balance and transactions.

born_again

Eco_Miser said:

born_again said:

If you think about it. How would anyone from the bank ever contact you if they can not access your account? 

If they can access the customer details, like phone and address, but not the account details like balance and transactions.

Customer details are part of the customers bank account. It is all tied together. Not two separate systems. 👍

Daliah

Eco_Miser said:

born_again said:

If you think about it. How would anyone from the bank ever contact you if they can not access your account? 

If they can access the customer details, like phone and address, but not the account details like balance and transactions.

What would they do with just your name and address? The only reason they would have to contact you is because they need to talk to you about one or more transactions on your account(s).

nyermen

born_again said:

A bit of a internal insight for you... <Trimmed>

This exactly. 

To add, I work in financial software (banks are my customers), and have had a range of roles working with our customers, across all most lines of business (retail / SME / Corporate / Treasury / Capital markets / etc).

No bank that I know has one piece of software (or even software from one vendor) to cover everything (and we have over 5000 standard bank customers that I deal with plus another 5000 or so community banks in the US I'm not involved with).  Everything is audited, logged, there's plenty of MFA etc, but the various systems are often too disparate.  They have to be, as you need specialist systems for some things (take complicated areas such as syndicated lending for example - you can count the number of systems available to banks on one hand that can properly handle the agency / multi-investor / etc etc parts of that...)

Bank staff will have limitations in each system (read only, can only see their customer groupings, etc etc), but there's just no easy provision to limit bank staff to only seeing a specific customer at that point in time, the systems can just be too complex and risky to over-interface, and there's a risk of limiting staff too much.  This doesn't change checks and controls (only certain users can access HNWI's, warning to the fraud team if a bank user tries to access customers that they wouldn't normally so they can check, MFA and "verification" (re-entry) on payments over certain amounts, a bank user who just deals with retail customers can't access corporate systems such as trade finance, and so on).

I appreciate that for a standard consumer, the above is mostly irrelevant, and a nice retail bank shouldn't have those issues, but its still a point that their retail systems (core banking, accounting/GL, fraud/AML/other compliance, payments, risk (compliance, reg reporting), channels (mobile, internet, etc), and so on, will be interfaced, but not in every way possible (too much risk of problems when upgrading software).