OAK NORTH BANK REQUIRES DETAILS OF ISA TRANSFER-IN TO BE PROVIDED BY PHONE OR EMAIL

Carlh93

Oak North Bank (ONB)'s Easy Access Cash ISA ticks all the obvious boxes, and offers a very good, though not market-leading, interest rate. The account is a CISA  - an ordinary Cash ISA, not a FISA (Flexible cash ISA).

The IR (interest rate) is 4.75% AER. If you are not familiar with this acronym, it means "Annual Equivalent Rate". This treats interest differently from the more common IR (my acronym for Annual Interest Rate) where interest is accrued daily and paid into the account annually  With an AER, interest is also accrued daily but It is paid into the account over a series of periods during the year. The most common period is one month, which is the case for this ONB account. So the OIR (my acronym for the Operative Interest Rate used to calculate interest at intervals shorter than a year) is a lower rate: 4.65%, not 4.75%. To achieve exactly the AER on the initial balance of the account this sum must be unchanged throughout the year, and the interest paid into the account at each month's end must be left to compound.

The AER is variable. This is not a fixed-term account, so the rate may change at any time, with due advance notice.

The account  offers the attractive, smart, and still-too-rare, facility of funding by transfer-in of part or all of up to six existing ISAs  "electronically" - by completing a virtual form within the online account application process. That maximum number of transfers-in, I was assured, can be made within the 30-day funding window. Both these limits are well above average - another "plus" point.

Once the funding window has closed, the business of requesting further ISA transfers-in becomes bizarre, and, in my opinion, unsatisfactory

The customer must "contact" ONB to make a request (no limit mentioned for how many, which is good). There are two ways of making a request:-.

1. Either you PHONE the bank's CS (customer service) and give the "advisor" all the necessary details. These include at least the name of the bank from which the money is to be transferred into your account, its sort code, the number of your account there, and the amount to be transferred, etc. You may also have to declare the equivalent details for your account at ONB.

This demands an act of faith by the account holder. Unless the call is handled by AI (and provided this is the bank's own AI), you do not know the credentials of the person to whom you are giving confidential personal information. Even if you know that you are talking to a machine, there must still be the risk of a scam phone connection. If the advisor is a person, poor voice/call quality may make it more likely that mistakes are made.

The advisor,  human or otherwise, will fill in the same type of online form that you used if you funded your ISA initially by ISA transfer-in. You no longer have access to a facility where you are in charge of what is entered, and can check, and edit if necessary, the data before submitting the request.

I see no logical reason to block customer direct access to the online virtual form after the initial funding window has expired.

2. Or ONB will EMAIL you an ISA transfer form. But you don't print this, and post it back completed, like the old and outdated, but pretty secure, manual paper form (a format which ONB does not support, which I agree with in principle). You fill in the form and EMAIL it back to them. You can't upload it into a secure messaging system in your ONB account, because they have no such facility! They thanked me for suggesting that they should remedy that. If it's a good thing, why isn't it already in place?

Email has a well-publicized reputation for being leaky/insecure (hence the huge size of my Junk box). Wherever I see advice on using it to send sensitive data, I am advised NOT to do so, and, above all, not to give someone else, however OK they may appear to be, my bank details by this method.

The big banks use email only to pester us with publicity about their services, and so on. However, they repeatedly, and rightly, advise their customers to use only secure email for sensitive data, which I assume means a secure online messaging service accessed within your account via login and an OTP (One-Time Passcode sent to your registered mobile phone). A small bank should surely follow suit.

The ONB Business Team, contacted by email, seemed unaware of such risks, and unfazed about inviting customers to do take them. The speed with which my messages were answered, and the formulaic style and content, and unimaginative nature, of these replies, which did not discuss or consider the merits of my comments, plus the sender's signature being "The Business Team", made me wonder if I had been writing to, and receiving responses from, an unacknowledged AI device.

Whatever the facts, the, questionable confidentiality of the two possible methods for requesting ISA transfers-in after the account's funding window has expired forced me to abandon my application. A pity when, initially, this account ticked all the obvious boxes.

What do other members of this Forum who may have discussed with this bank its ISA transfer-in procedures think of these procedures, and of the ways in which questions about them are handled?

retiredbanker1

Their bank their rules.
If you don't like it move your funds away.

AmityNeon

Raise an official complaint and then escalate to the FOS. You have a record of all the communications which can be submitted as evidence of their dismissive attitude towards the inherently insecure nature of email. It shouldn’t matter that the method is only used when the funding window has closed; they should simply disallow further transfers in, instead of relying on unencrypted email/attachments containing sensitive personal data.

(Avoid making up your own initialisms when describing interest rates because there are industry-standard definitions already in place. Interest is calculated using the gross rate— which is the contractual rate — and usually paid either annually or monthly. The AER is a figure published for comparative purposes, so accounts with different terms and payment frequencies can all be compared under the same metric, which is if interest is paid and compounded once a year.)

born_again

1. Either you PHONE the bank's CS (customer service) and give the "advisor" all the necessary details. These include at least the name of the bank from which the money is to be transferred into your account, its sort code, the number of your account there, and the amount to be transferred, etc. You may also have to declare the equivalent details for your account at ONB.

This demands an act of faith by the account holder. Unless the call is handled by AI (and provided this is the bank's own AI), you do not know the credentials of the person to whom you are giving confidential personal information. Even if you know that you are talking to a machine, there must still be the risk of a scam phone connection. If the advisor is a person, poor voice/call quality may make it more likely that mistakes are made.

I which case I suggest you do not do any banking..

Every bank employee is fully vetted. For both financial issues & any criminal convictions. Either of which will lead to no job. Should any financial issue occur while employed, there is the strong chance of being out of a job.
 EG one ex colleague lost their job as his wife declared herself bankrupt due to business failure.

You are constantly monitored data wise.

I would be more worried with a AI system, as you never know what back doors are there.

pochisoldi

Looks to me as if this bank has inherently flaky data protection policies.

One of the basic requirements is that data is: 
"handled in a way that ensures appropriate security, including protection against unlawful or unauthorised processing, access, loss, destruction or damage"

My vector would be to raise a complaint with the bank's data protection officer, and if a satisfactory response is not received then escalate to the Information Commissioners office.

I've had a few issues over the years with "uneducated" people at financial institutions asking me to send personal data over insecure channels. Most of the time it gets fixed with "I can't send the data via <route> as that is insecure, and is not compliant with data protection regulations. You need to find a better way". The peon then talks to a supervisor, gets educated and comes back with a more sensible solution.
On about two occasions, the person involved doubled down, an email (sans anything more except my name and contact details, and where known the name person at the other end) gets sent to the data protection officer, describing how the chosen channel (usually email) is insecure, with a request that some training is arranged and  an alternative channel sorted out.

In the meantime, I would treat p--- poor data protection arrangements for a routine transaction to be a clear indicator of incompetence, and would either curtail or stop dealings with them.
The next thing you know there will be an OTT "know your customer" trawl, and you'll be asked to raise the dead in order to prove where the money originally came from, and in the meantime your savings will be earning 0.1% AER in  a frozen "maturity" account...

Carlh93

Raising this problem with the FOS might help doing others looking to fund an ONB CISA by ISA transfer-in after the initial funding period.

ONB's block on the electronic/customer account based transfer arrangement apparently occurs after the first funding by one or more such transfers all done at the same time and within the 30-day funding window. After that, only the two unsatisfactory/risky arrangements are available.

On the strength of considering those follow-on arrangements, and knowing that I would certainly have to make further transfers-in after the funding window had closed, I decided not to open an account with OAB.

I don't know if these issues are within the remit of the FOS - especially as I am not an OAB account holder. I just wanted to point out to interested members of this forum the shortcomings of what I had encountered, and to know if other members had had similar experiences when trying to open an OAB account and fund it by an ISA transfer-in.

None of the the replies above are from members with this background, though I do appreciate the thinking behind the ones that elaborate on the poor data management which I encountered.

My intention now is to find a different home for the ISA funds in question. What follows reports on the first of these attempts. I don't know if I will continue trying after abandoning the one which follows, in addition to having abandoned OAB.

METRO BANK

Very attractive interest rate.

To open an ISA (FISA) you have to visit a branch.  That is clumsy and inconvenient, especially when our nearest branch is over 30 miles distant.

So I decided to phone the bank to book appointments for my wife and myself to open accounts. Connecting to the "nearest" branch was not straightforward, but I was eventually able to do this. I then asked about ISA transfers-in, which this bank allows. Their arrangements are no better than those at ONB:-

Either complete a manual form, to be posted/delivered to the branch - not to their central ISA transfer unit.

Or complete a similar form sent out by email and RETURN IT BY EMAIL (ordinary email) to an email address which the guy I spoke to provided. I then used that same email address to ask if I could upload the completed form as a secure message from within my account to the bank's central ISA unit

No reply, so I shall walk away also from that troubled bank, which should not be putting off potential customers whose funds it badly needs.

It's particularly worrying that I received no reply at all from the branch's email address, which I had been told must be used to submit an emailed transfer-in request form!

That email address is:-

(name of city).store@metrobank.plc

I "registered" my email. It did not bounce back, but I did not receive the usual automated message confirming that it had been opened.

.