Comments on: Financial Ombudsman on Chip & PIN infallibility

By: IAS

IAS — Wed, 26 Mar 2008 11:28:58 +0000

In my own experience, the UK Financial Ombudsman Service failed to be THOROUGH in our case, the Company, being failed by a Bank, the Firm.

Once I made my case about the delays/Maladministration of the Firm’s commercial loan procedure that took, not five-weeks, but five-months, thus proving financially detrimental to begin trading, we expected the FOS to establish the period in which the bank agreed to lend and when it finalised the loan. Instead, the approach by the FOS to be thorough in their investigation to our original complaint was dismissed… ignored! A conflict of interest I say. The FOS would tll you that they are ‘Independent’ of the banks. But they are funded by the banks! Are we to believe that the Powerful and Arrogant bank did not have any say in the way the FOS is run? We are still seeking redress in our case.

By: tovarisch

tovarisch — Mon, 19 Feb 2007 00:31:26 +0000

Financial services employees are beaten about the head on a daily basis about their personal obligatiions to prevent their employers being fined by the FSA.

About £1.5m is the going rate when the FSA summarily rules.

Nobody legal ever went to work for a bank to steal. But plenty of villains do. It’s easy. “Yes, Boss, I can sell until the sales are coming out of my ears* (*possibly an anagram of the orifice the applicant talks out of.)”

I read today that “the Banks” are set to declare £38bn in profits last year.

£1.5m is small change.

By: Keith Tayler

Keith Tayler — Thu, 15 Feb 2007 12:57:57 +0000

The letter from the Financial Ombudsman is pretty much a standard response from a UK Ombudsman. I have studied hundreds of decisions from various Ombudsmen bodies and have with few exceptions found them to be an affront to reason and justice. A notable exception was the NHS Ombudsmen 2002 report that attempted to correct the bizarre decision of the House of Lords, (1998) Re L (By his Next Friend GE).
In 2004 I was informed by the Financial Ombudsman office that they had as a rule to accept that the data and information from banks was always correct. In 1993, Sir Peter Yardley, Local Government Ombudsman, explained in a letter to me that the rule was that he had to accept a local authority’s interpretation of the law not the complainant. He also used his powers of Ombudsman (that of a Judge) to instruct the police to withhold information from a complainant. I could site endless other examples.
The Ombudsman system exists to exhaust complainants; a process that produces much heat but very little light.

By: Surreptitious Evil

Surreptitious Evil — Wed, 14 Feb 2007 10:12:00 +0000

I don’t wish to dispute any of Steven’s or Nicholas’s points and also do not have any details of the case, but would suggest the a couple of further, non-technical attack methodologies:

1. Have a duplicate card issued on the account. I don’t have access to Halifax ones but both sets of (credit) cards my wife and I use have the same number and the same CVV2 values. I doubt that these are differentiated in the audit trail. Certainly, when we had to get one cancelled, they had to cancel both.

2. In a “friends and family” or bank staff fraud scenario, write in and get your PIN re-advised. Pre Chip & Pin, they would amend the mainframe account record and send you out a new and different pin. This cannot be done under C&P as you need access to the card to change the pin on that, so they can only send you the current pin. Nick the re-advice letter (which the victim was not expecting anyway) and borrow the card from time to time.

It is worth pointing out that the bank’s customer complaints teams do not include security experts and very rarely will they pass details of an issue to the security function. I doubt that the Financial Ombudsman has any either.

Also, very unlikely that it was a DDA card - I don’t believe that any of the UK banks are rolling these out as yet. Wouldn’t mind being wrong on that, though

S-E

By: Nicholas Bohm

Nicholas Bohm — Sat, 10 Feb 2007 11:09:11 +0000

What this suggests is the need for measures of self-defence:

1 Use credit cards, not debit cards, so as to take advantage of the £50 limit on liability under sections 84 and 171 of the Consumer Credit Act 1974.

2 Get signature cards, not PIN cards. Issuers vary in their readiness to provide them. Weaknesses of eyesight, motor control or mental capacity are likely to induce more sympathy than a dislike of the risk allocation régime.

3 Do without access to ATM machines. If this is inconvenient, carry the necessary PIN card only when needed for cash withdrawal, and take stringent precautions against theft or loss.