Money not refunded by bank after I was mugged

TheBanker

DullGreyGuy said:

masonic said:

DullGreyGuy said:

masonic said:

DullGreyGuy said:

masonic said:

DullGreyGuy said:

masonic said:

It is very important to remember that the banks are the gatekeepers of banking facilities and no criminal can steal your money by bank transfer anonymously without a failure in the system.

That depends on if they were UK or international transfers

True, but if money is stolen by international bank transfer without challenge from the bank in question, for the vast majority of cases that would be a failure in the bank's security systems in identifying a suspicious transaction.

When was the last time you were challenged on making an international transfer from your bank? Given the poor rates involved and normally I need to pay $X rather than £Y and whatever that converts to in USD/CAD etc I tend to use Wise instead. 

The last few times I can remember it was arguable easier to do than transferring to a UK person where you now have the name verification process. 

The last time I made an international transfer it was challenged. It is the only one I've ever made from a bank account. Circa 2018.

Barclays never challenged mine, yet ironically challenged debit card payments to my RBS Credit card monthly for about 9 months despite making such a payment for 5 years previously unchallenged 

Then that would put them in a very weak position in the case of fraud, if your atypical high risk transaction wasn't flagged, but typical low risk ones were.

Not sure you can tie the two together... there could be good reason why they thought my international transfers were legit, and they were. What you really need is someone who's design the verification systems to say how they work but no one is going to do that as it leaves them open to abuse. 

Never had a fraudulant transaction stopped, had a few non-fraudulent transaction stoped and have 99.99% of transactions go through unchallenged across probably 12 different banks over time. 

I haven't designed fraud systems, but I know how they work. There are many different rules and triggers, which collectively determine whether a transaction can be paid, requires extra authentication (e.g. an SMS passcode or in-app authentication), paused until the bank has spoken to the customer, or blocked. The banks carefully monitor the performance of the rules to ensure they are catching enough fraud but not causing too many problems for legitimate transactions. 

The person who mentioned card payments being 'challenged' - if this 'challenge' was Strong Customer Authentication (usually SMS One Time Passcode or authentication through the bank's mobile app), it could have been applied as a result of the payee's fraud prevention systems, or it could have been applied in order to meet certain regulatory requirements rather than because it was flagged as suspicious. 

HillStreetBlues

GeoffTF said:

I have been reading Tesco Bank's terms and conditions. In effect, they say that they are not liable if you deliberately give away your PIN or are grossly negligent. If you give your PIN away with a knife to your throat, is that "deliberate"? I would say no, but you could argue the opposite. Nonetheless, I do not think the bank would make itself popular if it did that, and the Ombudsman may overrule them anyway. Either way, it is best to limit damage if you can.

You won't have given it away you would have it taken from you.
Just like legally you don't give a mugger your watch, it's stolen from you.

masonic

DullGreyGuy said:

masonic said:

DullGreyGuy said:

masonic said:

DullGreyGuy said:

masonic said:

DullGreyGuy said:

masonic said:

It is very important to remember that the banks are the gatekeepers of banking facilities and no criminal can steal your money by bank transfer anonymously without a failure in the system.

That depends on if they were UK or international transfers

True, but if money is stolen by international bank transfer without challenge from the bank in question, for the vast majority of cases that would be a failure in the bank's security systems in identifying a suspicious transaction.

When was the last time you were challenged on making an international transfer from your bank? Given the poor rates involved and normally I need to pay $X rather than £Y and whatever that converts to in USD/CAD etc I tend to use Wise instead. 

The last few times I can remember it was arguable easier to do than transferring to a UK person where you now have the name verification process. 

The last time I made an international transfer it was challenged. It is the only one I've ever made from a bank account. Circa 2018.

Barclays never challenged mine, yet ironically challenged debit card payments to my RBS Credit card monthly for about 9 months despite making such a payment for 5 years previously unchallenged 

Then that would put them in a very weak position in the case of fraud, if your atypical high risk transaction wasn't flagged, but typical low risk ones were.

Not sure you can tie the two together... there could be good reason why they thought my international transfers were legit, and they were. What you really need is someone who's design the verification systems to say how they work but no one is going to do that as it leaves them open to abuse. 

Never had a fraudulant transaction stopped, had a few non-fraudulent transaction stoped and have 99.99% of transactions go through unchallenged across probably 12 different banks over time. 

One only need argue that the bank should operate its fraud detection systems with reasonable skill and care. If a bank is busy blocking your regular payments, but waves through the transaction where you were held at knifepoint and had your entire balance drained to some offshore account when you never normally make such payments, then I don't think they'd have a leg to stand on if they maintained the transaction should not have been flagged on their systems.

TheBanker

GeoffTF said:

I have been reading Tesco Bank's terms and conditions. In effect, they say that they are not liable if you deliberately give away your PIN or are grossly negligent. If you give your PIN away with a knife to your throat, is that "deliberate"? I would say no, but you could argue the opposite. Nonetheless, I do not think the bank would make itself popular if it did that, and the Ombudsman may overrule them anyway. Either way, it is best to limit damage if you can.

I believe if you give away your PIN or other codes under duress e.g. threatened by a knife, this would not be considered deliberate or gross negligance. That clause is to stop me giving my card and PIN to a colleague so they can get me a coffee, then blaming the bank when they take £200 from the ATM. Even if the bank tried to apply that clause, I doubt the FOS would agree with them.

Nasqueron

DullGreyGuy said:

masonic said:

DullGreyGuy said:

masonic said:

DullGreyGuy said:

masonic said:

DullGreyGuy said:

masonic said:

It is very important to remember that the banks are the gatekeepers of banking facilities and no criminal can steal your money by bank transfer anonymously without a failure in the system.

That depends on if they were UK or international transfers

True, but if money is stolen by international bank transfer without challenge from the bank in question, for the vast majority of cases that would be a failure in the bank's security systems in identifying a suspicious transaction.

When was the last time you were challenged on making an international transfer from your bank? Given the poor rates involved and normally I need to pay $X rather than £Y and whatever that converts to in USD/CAD etc I tend to use Wise instead. 

The last few times I can remember it was arguable easier to do than transferring to a UK person where you now have the name verification process. 

The last time I made an international transfer it was challenged. It is the only one I've ever made from a bank account. Circa 2018.

Barclays never challenged mine, yet ironically challenged debit card payments to my RBS Credit card monthly for about 9 months despite making such a payment for 5 years previously unchallenged 

Then that would put them in a very weak position in the case of fraud, if your atypical high risk transaction wasn't flagged, but typical low risk ones were.

Not sure you can tie the two together... there could be good reason why they thought my international transfers were legit, and they were. What you really need is someone who's design the verification systems to say how they work but no one is going to do that as it leaves them open to abuse. 

Never had a fraudulant transaction stopped, had a few non-fraudulent transaction stoped and have 99.99% of transactions go through unchallenged across probably 12 different banks over time. 

I've had a couple, both with Halifax/Lloyds group, Halifax one was many years ago, they actively notified me by text about a suspicious transaction, I remember that one as we were going to the cinema and I had to ask the Halifax security staff to not block my card for 15 minutes so I could collect the tickets! More recently with Lloyds I somehow missed someone doing a dodgy purchase in the south of the UK (I'm Midlands) but they tried a second and Lloyds messaged me and I went through the automated service to confirm transactions and got them reversed and card blocked. I recall a third one more recently that I saw first and got blocked. It seems weird that it it's been 3x on credit cards, I only normally buy from the same sort of places like Amazon or eBay (i.e. with secure payment processing) and rarely have the card out as I pay via Google pay so no real opportunity for a thief to get the card details, especially the 3 digit code

born_again

masonic said:

It is very important to remember that the banks are the gatekeepers of banking facilities and no criminal can steal your money by bank transfer anonymously without a failure in the system.

This is not aimed at OP. Just a reply to the quote above

Such as this case. Due to violence & threats someone's phone is stolen, & they are forced to open the bank app. So the fraudster can transfer funds.
That is not a failure of the banking system. Unless you want the bank to question every transfer you make out of your app.
Given the nature of app's funds can be moved at any time. Some people will often move funds late at night to pay friends etc.

Banks advise in these situations is never to put your life on the line. 

Police report will be what bank is looking for. But it may take time to confirm the details with the police. Police work shifts or are often not available to speak to bank to confirm the details.

booneruk

born_again said:

That is not a failure of the banking system. Unless you want the bank to question every transfer you make out of your app.

I'd dispute that somewhat. If the transfer is completely outside the norm of the customer's trends (an account being completely emptied at some late hour), then the bank's systems should put an automatic block on. Or at least a delay giving the poor victim time to phone and block.

masonic

born_again said:

masonic said:

It is very important to remember that the banks are the gatekeepers of banking facilities and no criminal can steal your money by bank transfer anonymously without a failure in the system.

This is not aimed at OP. Just a reply to the quote above

Such as this case. Due to violence & threats someone's phone is stolen, & they are forced to open the bank app. So the fraudster can transfer funds.
That is not a failure of the banking system. Unless you want the bank to question every transfer you make out of your app.
Given the nature of app's funds can be moved at any time. Some people will often move funds late at night to pay friends etc.

I think you've missed the point. I am not criticising the sending bank who knew their customer. I'm criticising the bank that allowed the money to flow into an account being used by someone who they cannot identify, or into a service that hides the identity of their customers. Somewhere along the line the criminals have gained access to other banking facilities fraudulently which are essential to them getting the cash out of the banking system without revealing who they are. A system without this failing would prevent such events taking place, because the criminals would have nowhere to move the money that wouldn't lead the police to them. Part of the solution has to come from government, as part of the problem is people being recruited as money mules.

GeoffTF

masonic said:

born_again said:

masonic said:

It is very important to remember that the banks are the gatekeepers of banking facilities and no criminal can steal your money by bank transfer anonymously without a failure in the system.

This is not aimed at OP. Just a reply to the quote above

Such as this case. Due to violence & threats someone's phone is stolen, & they are forced to open the bank app. So the fraudster can transfer funds.
That is not a failure of the banking system. Unless you want the bank to question every transfer you make out of your app.
Given the nature of app's funds can be moved at any time. Some people will often move funds late at night to pay friends etc.

I think you've missed the point. I am not criticising the sending bank who knew their customer. I'm criticising the bank that allowed the money to flow into an account being used by someone who they cannot identify, or into a service that hides the identity of their customers. Somewhere along the line the criminals have gained access to other banking facilities fraudulently which are essential to them getting the cash out of the banking system without revealing who they are. A system without this failing would prevent such events taking place, because the criminals would have nowhere to move the money that wouldn't lead the police to them. Part of the solution has to come from government, as part of the problem is people being recruited as money mules.

You are asking for the impossible. The money could have been transferred overseas, out of UK jurisdiction. Alternatively, a scammer could have persuaded someone to legitimately open a UK bank account in their own name granting the scammer access (either directly or by allowing software to be installed on their device). That account can then be sold to the highest bidder.

masonic

GeoffTF said:

masonic said:

born_again said:

masonic said:

It is very important to remember that the banks are the gatekeepers of banking facilities and no criminal can steal your money by bank transfer anonymously without a failure in the system.

This is not aimed at OP. Just a reply to the quote above

Such as this case. Due to violence & threats someone's phone is stolen, & they are forced to open the bank app. So the fraudster can transfer funds.
That is not a failure of the banking system. Unless you want the bank to question every transfer you make out of your app.
Given the nature of app's funds can be moved at any time. Some people will often move funds late at night to pay friends etc.

I think you've missed the point. I am not criticising the sending bank who knew their customer. I'm criticising the bank that allowed the money to flow into an account being used by someone who they cannot identify, or into a service that hides the identity of their customers. Somewhere along the line the criminals have gained access to other banking facilities fraudulently which are essential to them getting the cash out of the banking system without revealing who they are. A system without this failing would prevent such events taking place, because the criminals would have nowhere to move the money that wouldn't lead the police to them. Part of the solution has to come from government, as part of the problem is people being recruited as money mules.

You are asking for the impossible. The money could have been transferred overseas, out of UK jurisdiction. Alternatively, a scammer could have persuaded someone to legitimately open a UK bank account in their own name granting the scammer access (either directly or by allowing software to be installed on their device). That account can then be sold to the highest bidder.

At some point the money must pass from the safety of highly regulated accounts where it could be recovered, to unregulated accounts and services where it disappears without a trace. More could be done at that boundary to check the source of funds. 

Additionally, the problem of money mules I mentioned needs to be addressed by government. These people are accessories to these hideous acts, so public awareness needs to be raised, and those cooperating in such acts should be charged with converting the proceeds of crime. These people already find themselves unbanked, but in the few media articles on the subject, there is clearly a lack of awareness amongst those susceptible to being targeted.

Regarding malicious software installed on the device, it should not be possible for any software installed on a device to complete a transaction without the device owner's cooperation (such a transaction would by definition be unauthorised and the bank liable for it). A mobile device should not be used as a second factor if the transaction was initiated from the same device. Someone else mentioned having a pause between new payee being set up and being available to transact.

So I think we are a long way from the point where we throw up our hands and say we've done everything we can to address this issue.