GDPR/Money Laundering
Discussion
Can someone who actually knows the regs well tell me if I'm being unreasonable.
Youngest son's credit card was due, a smidgen under £200 owing. He had some cash spare so asked me to pop into town and pay it off, and gave me his card.
Turned up at the bank (same as card issuer), the usual 25 machines and 2 humans, one serving and the other one apologising for the lack of actual people. Can't pay off a credit card at the machine so waited 15 mins to see the lady.
I put the card into the reader, tap in his PIN, and she asks if it's my card (clearly his DOB flashed up on her screen). I explain it's my son's, but he's asked me to pay it off with cash. She refuses, GDPR breach. How come I ask, I don't want any data. I'm not asking you for a single bit of data or info. But she explains when I input his card, his info comes up on the screen, and she's not authorised to look at it without the cardholder's permission. This is the breach!
So I say I don't believe you. I don't believe an employee of the card issuer is not allowed to look at a customers details without the customers permission. I say she must look at 100 accounts a day to do stuff without any permission.
Then she changes tack, it's money laundering. So I ask, what money laundering rules prevent a card being paid off with a measly £200? She then says she'll do it this time, but she won't do it again.
So, was she breaking the rules to please me, or was she talking utter crap and not expecting anyone to actually question it?
Youngest son's credit card was due, a smidgen under £200 owing. He had some cash spare so asked me to pop into town and pay it off, and gave me his card.
Turned up at the bank (same as card issuer), the usual 25 machines and 2 humans, one serving and the other one apologising for the lack of actual people. Can't pay off a credit card at the machine so waited 15 mins to see the lady.
I put the card into the reader, tap in his PIN, and she asks if it's my card (clearly his DOB flashed up on her screen). I explain it's my son's, but he's asked me to pay it off with cash. She refuses, GDPR breach. How come I ask, I don't want any data. I'm not asking you for a single bit of data or info. But she explains when I input his card, his info comes up on the screen, and she's not authorised to look at it without the cardholder's permission. This is the breach!
So I say I don't believe you. I don't believe an employee of the card issuer is not allowed to look at a customers details without the customers permission. I say she must look at 100 accounts a day to do stuff without any permission.
Then she changes tack, it's money laundering. So I ask, what money laundering rules prevent a card being paid off with a measly £200? She then says she'll do it this time, but she won't do it again.
So, was she breaking the rules to please me, or was she talking utter crap and not expecting anyone to actually question it?
TwigtheWonderkid said:
Can someone who actually knows the regs well tell me if I'm being unreasonable.
Youngest son's credit card was due, a smidgen under £200 owing. He had some cash spare so asked me to pop into town and pay it off, and gave me his card.
Turned up at the bank (same as card issuer), the usual 25 machines and 2 humans, one serving and the other one apologising for the lack of actual people. Can't pay off a credit card at the machine so waited 15 mins to see the lady.
I put the card into the reader, tap in his PIN, and she asks if it's my card (clearly his DOB flashed up on her screen). I explain it's my son's, but he's asked me to pay it off with cash. She refuses, GDPR breach. How come I ask, I don't want any data. I'm not asking you for a single bit of data or info. But she explains when I input his card, his info comes up on the screen, and she's not authorised to look at it without the cardholder's permission. This is the breach!
So I say I don't believe you. I don't believe an employee of the card issuer is not allowed to look at a customers details without the customers permission. I say she must look at 100 accounts a day to do stuff without any permission.
Then she changes tack, it's money laundering. So I ask, what money laundering rules prevent a card being paid off with a measly £200? She then says she'll do it this time, but she won't do it again.
So, was she breaking the rules to please me, or was she talking utter crap and not expecting anyone to actually question it?
You want my honest uninformed opinion? Youngest son's credit card was due, a smidgen under £200 owing. He had some cash spare so asked me to pop into town and pay it off, and gave me his card.
Turned up at the bank (same as card issuer), the usual 25 machines and 2 humans, one serving and the other one apologising for the lack of actual people. Can't pay off a credit card at the machine so waited 15 mins to see the lady.
I put the card into the reader, tap in his PIN, and she asks if it's my card (clearly his DOB flashed up on her screen). I explain it's my son's, but he's asked me to pay it off with cash. She refuses, GDPR breach. How come I ask, I don't want any data. I'm not asking you for a single bit of data or info. But she explains when I input his card, his info comes up on the screen, and she's not authorised to look at it without the cardholder's permission. This is the breach!
So I say I don't believe you. I don't believe an employee of the card issuer is not allowed to look at a customers details without the customers permission. I say she must look at 100 accounts a day to do stuff without any permission.
Then she changes tack, it's money laundering. So I ask, what money laundering rules prevent a card being paid off with a measly £200? She then says she'll do it this time, but she won't do it again.
So, was she breaking the rules to please me, or was she talking utter crap and not expecting anyone to actually question it?
The bit in bold.
Give someone a tool and they will use it. This lady's only tool was to deny you service, which she tried to do. Well done on standing your ground.
I’m surprised she did the transaction at all but I’m not saying she was in the right either.
It seems to me that quoting GDPR has become the default thing to say when something doesn’t fit with the orderly computer says regime.
Case in point - I wanted to find out last week when my oil delivery was coming. The account is for some reason in my wife’s name so despite me having the details ( including the account number ) I was immediately told it contravened GDPR and it was more than her job was worth to even access the account details. As with you , I then pointed out I only wanted to know whether the oil was coming today or not but to no avail.
I happen to know someone in their HQ so emailed them and said this is ridiculous.
2 minutes later he phones me and says it is coming on Tuesday and so sorry she treated you like that.
It seems to me that quoting GDPR has become the default thing to say when something doesn’t fit with the orderly computer says regime.
Case in point - I wanted to find out last week when my oil delivery was coming. The account is for some reason in my wife’s name so despite me having the details ( including the account number ) I was immediately told it contravened GDPR and it was more than her job was worth to even access the account details. As with you , I then pointed out I only wanted to know whether the oil was coming today or not but to no avail.
I happen to know someone in their HQ so emailed them and said this is ridiculous.
2 minutes later he phones me and says it is coming on Tuesday and so sorry she treated you like that.
KingGary said:
Technically she’s right, your son’s data belongs to him and I guess she was worried about disclosing something without his permission. Really he shouldn’t have given you his card and PIN. In future, I’d just use on-line banking.
Paying in cash, so on line isn't possible. Also, I wasn't asking her to disclose anything. I wanted no info at all.My wife worked ( past tense ) for a major high sreet bank , the cashier was correct in the 1st place
Also, the disclosure of the PIn to an other party ( you for example) is almost certainly a breach of the terms of the card issuer without a POA or 3rd party mandate in place .
I am suprised she backed off , without direct intervention of the branch manager to authorise.
My wife mentioned to me once they were absolutely forbidden to look at someones account without holder present, or phone after security etc unless directed by manager for some authorised reason .
Also, the disclosure of the PIn to an other party ( you for example) is almost certainly a breach of the terms of the card issuer without a POA or 3rd party mandate in place .
I am suprised she backed off , without direct intervention of the branch manager to authorise.
My wife mentioned to me once they were absolutely forbidden to look at someones account without holder present, or phone after security etc unless directed by manager for some authorised reason .
The alarm bell with the cahier is because the PIN is personal0 it helped identify who the person is.
The checks on the screen would have helped her know you are not the card holder. There is a chance of fraud here.
There was no evidence that you were related to the card holder, nor that you had their permission (how could they know??)
If you attempted to take cash out this would have been seen as fraud and stopped, likely with the card confiscated.
What threw her was you paying money in- and unlikely scenario for fraud. But, I guess it does prove what the PIN is and could have been used to withdraw much larger sums/ defraud businesses once you know the PIN is genuine if you were a fraudster.
They may have said the wrong thing, but in my opinion they were right to pause and check. It shows they were paying attention. If it was fraud against your credit card, you'd hope and expect them to do checks before accessing your bank account.
In the end, I guess they let it go as its unusual and very unlikely to be fraud. But they did confirm your sons PIN number which is art of his personal data (yes you typed it in- but their action confirmed it).
I wouldn't be surprised if they said no the next time.
The checks on the screen would have helped her know you are not the card holder. There is a chance of fraud here.
There was no evidence that you were related to the card holder, nor that you had their permission (how could they know??)
If you attempted to take cash out this would have been seen as fraud and stopped, likely with the card confiscated.
What threw her was you paying money in- and unlikely scenario for fraud. But, I guess it does prove what the PIN is and could have been used to withdraw much larger sums/ defraud businesses once you know the PIN is genuine if you were a fraudster.
They may have said the wrong thing, but in my opinion they were right to pause and check. It shows they were paying attention. If it was fraud against your credit card, you'd hope and expect them to do checks before accessing your bank account.
In the end, I guess they let it go as its unusual and very unlikely to be fraud. But they did confirm your sons PIN number which is art of his personal data (yes you typed it in- but their action confirmed it).
I wouldn't be surprised if they said no the next time.
This bit is correct;But she explains when I input his card, his info comes up on the screen, and she's not authorised to look at it without the cardholder's permission. Once she knew you were not the cardholder I am surprised she did not try and retain the card.
In the event of any fraud on a credit card you are obliged to disclose if you have given your card and pin to anyone else. If you have then it is a reason not to refund the fraud.
All that being said common sense dictates that if a family member is trying to help then they should be allowed to do so but common sense is not in policies and procedures which are clearly designed to protect the customer and employee
. Doing what is right seems to have disappeared from institutions and we are all poorer for it.
In the event of any fraud on a credit card you are obliged to disclose if you have given your card and pin to anyone else. If you have then it is a reason not to refund the fraud.
All that being said common sense dictates that if a family member is trying to help then they should be allowed to do so but common sense is not in policies and procedures which are clearly designed to protect the customer and employee
. Doing what is right seems to have disappeared from institutions and we are all poorer for it.TwigtheWonderkid said:
KingGary said:
Technically she’s right, your son’s data belongs to him and I guess she was worried about disclosing something without his permission. Really he shouldn’t have given you his card and PIN. In future, I’d just use on-line banking.
Paying in cash, so on line isn't possible. Also, I wasn't asking her to disclose anything. I wanted no info at all.williamp said:
What threw her was you paying money in- and unlikely scenario for fraud. But, I guess it does prove what the PIN is and could have been used to withdraw much larger sums/ defraud businesses once you know the PIN is genuine if you were a fraudster.
True, but I suspect a fraudster using that method wouldn't be paying in £200. Paying in £20 would have done the job. I'm all for security and fighting fraud, but sometimes it seems the baby is being thrown out with the bath water.
My Mum had a bad experience in her bank last week. She was trying to transfer £200 from her savings account to her current account and apparently the cashier started giving her the third degree about money laundering which completely freaked her out and made her all confused as it was nothing to do with anyone else or any other bank or branch.
Clearly she's had tough12 months as I have mentioned before on here and I did think if her bank or its staff have had all the "vulnerable customers" training that my industry has had to go through this year?
Clearly she's had tough12 months as I have mentioned before on here and I did think if her bank or its staff have had all the "vulnerable customers" training that my industry has had to go through this year?
Another way of looking at this, is suppose he has some fraudulent transactions on his card, speaks to the bank, and truthfully says that he's given at least one other person his PIN.
What would you expect the bank to do then, still cover the loss when he's broken his agreement with them ?
What would you expect the bank to do then, still cover the loss when he's broken his agreement with them ?
I'll be amazed if they don't cancel the card knowing that the PIN has been compromised.
They may also refuse to issue a new card and PIN.
As someone else said - just transfer the money to his current account online, so that he can then pay off the credit card.
Who actually still goes into a bank?
Seldom a good idea to engage with any bank directly.
They're vicious b
ds at the best of times.
They may also refuse to issue a new card and PIN.
As someone else said - just transfer the money to his current account online, so that he can then pay off the credit card.
Who actually still goes into a bank?
Seldom a good idea to engage with any bank directly.
They're vicious b
ds at the best of times.
Most banks wont allow 3rd party credits
https://www.which.co.uk/news/article/has-your-bank...
You’re lucky they even gave you the card back, if I knew you had a card & PIN that doesnt belong to you there’s no way you’d be getting that back
https://www.which.co.uk/news/article/has-your-bank...
You’re lucky they even gave you the card back, if I knew you had a card & PIN that doesnt belong to you there’s no way you’d be getting that back
Sheepshanks said:
OIC said:
I'll be amazed if they don't cancel the card knowing that the PIN has been compromised.
I am too, and the son will be on a sticky wicket if the card gets compromised in the future.Gassing Station | Finance | Top of Page | What's New | My Stuff