BANKING FRAUD OP-ED
Banks must stop pulling a Pontius Pilate and washing their hands of their clients’ plights
Surely banks are under a strong moral obligation to adopt a more empathetic and honourable approach to defrauded clients? Failing this, they should stop misleading the public by claiming lofty ideals in their advertising and promotions.
Pontius Pilate was the Roman governor of Judaea at the time of the crucifixion of Jesus Christ. Knowing Jesus to be innocent of the crimes of which he was charged, he nevertheless handed Jesus over to the Jewish elders for trial and conviction, and then carried out the sentence that they imposed. With a view to exculpating himself, he publicly washed his hands to symbolise his cop out.
Recent experience suggests that our banks, or at least some of them, have set Pontius Pilate as a role model and are intent on emulating him. This in the context of banking fraud, which has become an all-too-pervasive modern plague. They simply wash their hands of their clients’ plights.
Two examples will be cited. They are reported by Good Samaritan, an experienced attorney, who will be called Sam for short. Sam, acting pro amico, has assisted two separate parties who have recently been the unfortunate victims of banking fraud.
The first case involves Ruth (perpetuating the biblical imagery), a pseudonym. Ruth is a senior lady, who is widowed, lives alone in her house, and is not well versed in money matters. She is a good, honest, dependable person, like her namesake.
Ruth had her house painted by a painting contractor, whom we shall call Judas. The house was painted in two stages. Upon the completion of the first stage she paid Judas’ invoice which she received by email. The payment was made by an EFT transaction directly by her moneylender (bank), which goes by the pseudonym Primum Nationalis (PN) , into an account at Capitis Technica (CT), the pseudonym for Judas’ moneylender (bank), which bore Judas’ name.
Upon completion of the second stage of the job, Ruth again received an email from Judas incorporating an invoice in PDF format. She repeated the payment process and paid the amount into the bank account stated on Judas’ invoice. It subsequently transpired that the account number as quoted in the invoice was different to the one into which the first payment was made, although the name of the account was the same.
When Judas advised Ruth that he had not received payment of the second invoice, enquiries showed that payment had been made into an account that was allegedly not held by Judas. Judas immediately claimed that his email submitting the second invoice had been hacked so as to insert a different bank account number in it. Since he had not received payment he demanded that Ruth make a further payment into his correct bank account.
Ruth took the matter up with her bank, PN. They said that they could offer no assistance and referred her to CT, at the same time advising her to report the matter to the police, which she did.
CT confirmed that the money had been received into a different account to Judas’ regular account but would not divulge any information as to the identity of the account holder of the spurious account. They also took no steps to retrieve the money paid into the “wrong” account or to offer Ruth any assistance to recover the money in question.
The police ultimately advised Ruth that they would not be pursuing the matter as “no crime had been committed”.
In the meantime, Judas was aggressively badgering Ruth to pay the money which she “owed” him and threatened to institute court proceedings against her. He adamantly disavowed any liability on his part for the abortive result of Ruth’s payment and held her entirely responsible for the amount due to him.
Ruth turned to attorney Sam for assistance. Sam opined that Ruth was not liable to make a second payment as she was not at fault in the matter. He sought the opinion of an eminent senior counsel, who had also served as a judge. We shall call her Deborah, after the biblical juristic figure of that name.
Deborah was adamant in her view that Ruth was not liable to Judas for a further payment. Her view was coincidently shared by the Johannesburg High Court in a case where in similar circumstances the attorneys, ENS, were the payee. The court held that a business payee in these circumstances must take steps to ensure that payers cannot be duped in this manner.
Deborah’s opinion and the ENS decision caused Judas to back off from his vendetta against Ruth. But, assuming that he has no connection with the spurious account, this leaves him out of pocket. The ill-gotten gains reside in a bank account at CT and under their control and jurisdiction, and operated by them for one of their clients.
They were instructed to credit Judas’ account by name. What is their responsibility to rectify the situation? Alas, they simply reached for the soap and the hand-washing bowl.
Deborah said the following:
“In my opinion banks should accept a high responsibility… Banks are not there, as they seem to believe, to look after their own interests. They are there to serve the public and they should act accordingly… Banks should enter into agreements of cooperation in order to cross reference account holders’ names and account numbers and take more responsibility. They should not be allowed to opt out of responsibility.”
Few outside banking circles would disagree with her.
This brings us to the second case. This pertains to PN and their client whose pseudonym is Kagiso. Here, outing the damp spot contaminating their hands definitely requires more intensive hand washing by PN. Kagiso approximates to the biblical Lazarus, and we shall call him thus.
Lazarus has a menial station in life. The meagre amounts of money that he has over after supporting and providing for his family are invested in a bank account. He is hoping in time to save up enough money to buy a motor car so that he can start a small business which will improve his lot.
He was persuaded by their advertising and media platform that PN is a caring bank which has the interests and wellbeing of their clients as their highest priority. PN was definitely the bank for him!
He opened an account with PN and deposited every bit of spare cash in that account. He was supplied with a credit card for withdrawing money from that account.
On a good day recently, Lazarus went to a PN branch at a shopping mall to withdraw some money from his account. He placed his card in the slot of the PN ATM. The machine was covered by a security camera, and no one was standing near him. He was following a process used many times before.
To his surprise the machine did not request his PIN number, but rather his telephone number. Lazarus at no time used or disclosed his PIN number. With that he immediately was notified by his cell phone that rapidly successive multiple withdrawals of money were being made from his account.
In a matter of minutes R38,000 was siphoned off his account before his very eyes. He frantically attempted to cancel the transaction, but the machine refused to discharge his card or to interrupt the hemorrhaging. No bystander intervened in the process at any stage. His card disappeared into oblivion.
At the first available opportunity he reported the episode to PN and cancelled his card. He subsequently visited the PN ATM in question and saw a notice stating that the machine was out of order.
Lazarus approached PN for assistance and relief. It transpired that all the rogue payments had been paid into bank accounts at another bank. PN made no attempt to get that bank to repay the amounts in question, or to take any steps in that regard. Lazarus was left to his own devices to seek his own salvation.
In desperation Lazarus approached Sam for assistance. Sam took the matter up formally with what was ironically called the CARE division of PN. He was referred to the Legal Division of PN. He pursued the matter with them on Lazarus’ behalf.
Sam argued that Lazarus’ loss was due to no fault on his part. He had gone to a PN ATM at PN’s own premises and had acted prudently in executing a standard withdrawal procedure. The ATM machine was the property of PN and was operated by them on their very own premises, and it had malfunctioned, thus causing the loss to Lazarus.
PN’s response was to deny all responsibility and liability, but to make an offer to pay R9,000 to Lazarus as an ex gratia payment. The offer was, however, made subject to the strict condition that Lazarus enter into a comprehensive, absolute confidentiality agreement with them regarding the payment, and in particular to undertake not to disclose the matter to the media.
Lazarus found this offer offensive (was his silence being bought?) and rejected it. Sam reaffirmed Lazarus’ claim.
PN justified their stance as follows:
“Our investigation reveal (sic!) that our mutual client was an unfortunate victim of a criminal activity named “Shoulder Surfing”… the Bank was not at fault as your client’s PIN was compromised by himself at the time… and the disputed transactions were concluded before the incident was reported to the Bank.”
This response bears little or no relation to the actual facts of the matter and smacks of standard jargon. It does PN no credit.
PN’s attitude is completely at variance with the standard of conduct expected of banks outlined by Deborah in the above quotation from her opinion, and is lacking in probity.
Apart from any legal obligations in this situation on the part of a bank, it is submitted that a responsible bank is under a strong moral obligation to adopt a more empathetic and honorable approach to its clients in their hours of need.
Failing this, they should temper their claims regarding the lofty ideals that they allegedly espouse in their advertising and promotion, and thereby avoid misleading the public.
If a bank is intent on playing the role of Pontius Pilate it should be transparent and open about it. The public are entitled to expect no less from them.
It is shameful that these two prominent banks should have chosen Pontius Pilate as their role model. Perhaps someday they will share his undoubted fate on judgment day. DM
Owen Dean is retired Professor of Intellectual Property Law at the Faculty of Law, Stellenbosch University and was the first incumbent of the Anton Mostert Chair of Intellectual Property Law until 2015. Prof Dean is currently a Research Fellow at the Chair. He has practised as a specialist Copyright Attorney for 48 years and is the author of the standard text book, Handbook of South African Copyright Law.
The devil is in the small print,Banks serve Mammon,clients are like Lazarus the beggar to them.
Remind me what we have FICA for?
When it comes to banks, you are on your own. Name, shame and point out that their execs are paid, what was it? Over R50M in a single year? For doing what precisely? Oh yes, they have ‘talent’. Seems we all know where that ‘talent’ lies. Exploitation.
Name and shame is the name of the game. This is a great article but not much real use. we all need this to be public information, not story that cannot be verified. If this happened in real life, surely the public have a right to that information in order to protect themselves from both the criminal AND the Banks. How do we get it??
Fully support this comment.
My wife was also scammed in the same way, she paid a percentage of the job being done as requested by the provider, when the job was done she received the final invoice as per the first one which she duly did an EFT to the provider. After almost a month the provider informed my wife that they hadn’t received the payment. It transpired that the providers email had been hacked and a different bank and account number had been inserted. It transpired that the bank was the same bank my wife uses. we contacted the bank and explained what had happened, and could they provide us with the name of the person who opened that account so we could investigate the matter. The bank refused our request saying that it was client bank privileged relation and that we should open a case with the police, as they would only give out the details to the police.
My wife is now in the process of changing banks. The case with the poloice was opened some months ago, but no feed back as yet.
I find it farcical that banks never seem to per-sue the owners of bank accounts where funds are deposited always citing confidentiality.
Why is there no class action lawsuit against South Africa’s big banks for contravening POPIA, FICA and RICA through 1. No secure single digital profile, instead your profile is shared across products and requires identity verification across each product despite them holding various data set’s including biometrics posing increased cybersecurity risks. 2. They depend on Transunion which was exposed to a cybersecurity attack which exposed consumer data. They have integrations into this database. 3. They integrate with Home Affairs whose data quality is questionable due to their high risk of fraud which brings data integrity into question. 4. They share data with SARS which contravenes privacy, security and confidentiality data regulations. 4. Digital banking requires connection over a network connection which due to sim swops, phishing etc , once again compromises data security protocols. 5. This inhumane sector has not complied with limits sets by the NCR and embarked on reckless lending despite regulated limits. They’ve not proactively restructured debt and instituted credit life policies despite all this data in their control and their focus on digitalisation which includes artificial intelligence and machine learning algorithms. Clearly the banks are crucifying the consumer with their financial practices and cybersecurity risks! Shows how risky their behaviour really is and the ratings agencies they pay only grey listed them🫠😡
This problem is well known and much bigger. In the days of clearing cheques, the bank clearing house verified both the beneficiary name and the account number. How are the banks allowed to get away with this now?The biggest issue is not theft but money laundering. I can pay a company but set up the payment so it shows SARS on my statement and SPAR on their statement. I can set up ghost employees, different names with duplicate account numbers and pay Guptas and ANC politicians – the payments are untraceable. The banks are the money launderers. The find any money trace, you need a court order to force the bank to disclose the transaction details. This takes more than 3 months and by that time the money moved again.
This is true on so many fronts. In our case a statement appears to have been stolen from within the bank and used to open accounts at multiple other banks and debt of R500k run up. Every single bank (3 of the big 4 are involved) now refuse to provide any information whatsoever , claiming popia act and that they will only release information via a subpoena.
Yet Popia clearly states that if personal information is compromised one can ask the institution with the compromised information to provide copies of all information they have.
How do we clear a name and catch the perpetrator as the banks have stated they do not investigate but merely close offending fraudulent accounts?