Ombud catches bank enabling a fraudster to raid client's account
Let your judgement override your computerised authentication system, Ombud tells bank fraud staffers
For the fourth year in a row, internet banking topped the list of complaints fielded by the office of the Ombudsman for Banking Services in SA last year.
Credit card fraud and ATM complaints were in second and third place, with the former having had the biggest increase compared with the office’s 2018 statistics.
In the office’s annual report for 2019, released online on Wednesday, Ombudsman Reana Steyn said all three of the top categories involved an element of fraud and theft committed by cyber fraudsters
“We continued to receive new complaints on a daily basis from people who had been victims of fraud and it seems the end of this trend is nowhere in sight,” she said.
“Banks and other businesses continuously work to improve their security, but more importantly, they are also re-looking at the handling of these matters in line with the ‘treating customers fairly’ outcomes and the shift towards customer-centric behaviour.”
In one of the case studies included in the report, the ombud found that a bank had treated its customer anything but fairly - firstly by enabling a fraudster to gain access to and raid her bank account, and secondly by not accepting responsibility for that.
The fraud was detected by the bank, which placed a hold on the complainant’s current account. A good start, but it went horribly wrong after that.
The bank (not identified by the ombud) then received a call from a person claiming to be the complainant, requesting that the hold be lifted. The bank did this.
“Subsequently the bank once again placed a hold on the complainant’s card that was linked to the current account due to suspicious activity. The bank then received another call from the person purporting to be the customer, and once again the same chain of events took place.”
And that’s how the account-holder was defrauded.
“The bank rejected the complainant’s claim for a refund on the basis that her internet banking credentials and card details were compromised.
“The bank stated that it placed temporary holds on the complainant’s card linked to the current account and unsuccessfully attempted to contact the complainant.”
Here is the really interesting part: “The bank released the respective holds when it received the two calls from the person who purported to be the complainant, as the bank accepts a 75% pass rate for authentication of banking clients by means of telephone.”
But according to the ombud’s office: “It was evident from the recorded calls between the fraudster and the consultant that during the consultant’s engagement with the fraudster, she became suspicious as to the caller’s identity, prompting her to ask: ‘Who is telling you the answers?’ and ‘Whose account is this?’.
“It was our finding that the bank had a duty to display reasonable care when verifying the identity of the caller before unblocking the account to ensure that it was allowing access to the true account-holder, especially in light of the fraud hold that it had proactively placed on the account.
“It was the view of our office that it cannot be considered reasonable, especially in the current fraud climate, for a banker to unblock the account purely based on the pass rate of the scripted verification process when the banker’s engagement with the caller had clearly raised suspicions about the caller’s true identity.
“It was our finding that the bank was in a position to mitigate the loss that was suffered by the complainant and had failed to do so.
“The bank accepted our findings in this regard and reimbursed the customer.”
The ombud’s advice to banks is this: “In addition to being required to have a standard customer verification process in place, the current fraud climate demands that a bank’s process allows for a trained consultant to be able to assess a situation and make a judgement call.”
Consumer Live Are gyms legally entitled to keep debiting members' accounts during lockdown? 4 years ago |
The office formally opened 6,472 cases during 2019, and ruled in favour of complainants in just 28% of cases.
It was explained that while that percentage appeared to be low - and was in fact 2% lower than the previous year - many complaints were settled by the banks when referred by the OBSSA, reducing the number of formal cases which had to be opened. As a result, formal cases mostly pertaining to “more complex” cases.
FNB customers fielded the most complaints in 2019, followed by Absa and Standard Bank, the OBSSA pointing out that many factors contributed to those numbers, including the size of the banks in question.
Almost 65% of those who complained to the OBSSA last year were over the age of 40, and 12% were described as “elderly”.
GET IN TOUCH: You can contact Wendy Knowler for advice with your consumer issues via e-mail: consumer@knowler.co.za or on Twitter: @wendyknowler.
READ MORE:
Business Times Nedbank data breach may leave victims open to fraudulent attacks, say experts 4 years ago |