Banks repeatedly warn their clients, on multiple platforms, never to divulge the so-called “keys to their safe” to anyone, and that if they do suffer losses after doing so, they will not be reimbursed. Even if you are forced to do so at gunpoint after being kidnapped, your bank can refuse to take responsibility for that “contact crime”.
I first put that question to then Ombudsman for Banking Services (OBS) Reana Steyn last year, on hearing from a few victims of this horrendous crime. (Steyn is now head ombud with the recently established National Financial Ombud (NFO) Scheme, comprising banking, credit and insurance divisions.) Steyn said the OBS’s starting point when dealing with such complaints is that a bank customer is liable for all transactions that take place with the use of their confidential access banking details.
“Unfortunately, though we truly sympathise with the victims of these incidents and understand they are not to be blamed for the crime, we also understand that banks cannot be blamed for the crime or losses as the kidnapping and robbery took place outside of the bank premises,” she said.
Fair enough. But, she said, liability shifts to the bank once the compromise of these details has been reported to the bank, “because only then will the bank be expected to take immediate steps to prevent the customer’s losses”.
But I’m sorry to report that that’s not always the case.
In late April, Boitumelo, 33, was dropping off two women a street away from her family home in Sebokeng at about 8pm when three armed men pounced, driving off in her car with her and one of the other women in the back seat. Having witnessed the drama, some of her neighbours ran to her family’s home and alerted them. Her brother called her bank, Investec, to ask that her accounts be blocked. He was told that that could only be done if a SAPS case number was provided.
Any measures being implemented by the bank, such as declining or delaying processing of transactions, could result in harm or even loss of life of the customer, which would invoke the question of whether any possible mitigation measures are worth the cost of a life of a bank customer.
— Nerosha Maseti, lead ombudsman in the NFO’s banking division
The family duly reported the crime and Boitumelo’s father called to provide the case number but the bank responded with shocking news — its policy is to keep such accounts open to preserve the lives of their clients.
Meanwhile, the criminals demanded that Boitumelo give them her bank card, PIN and Apple Pay access details in order to transact in her name. Her total loss was R24,000 — R9,000 was withdrawn in cash and the rest used to buy Webtickets.
“Investec will not refund any of the money, even though it was their unilateral decision to keep my account open, despite my family having requested that they put a temporary hold on it,” she said.
“This is unacceptable! If you are kidnapped, the bank, even when informed of that, will unilaterally choose to keep your accounts open, allowing the perpetrators to steal from them, and then take zero accountability for your losses. I only had R24,000 available in my account, what if it was R24m?”
Contacted for comment on the issue in general, lead ombudsman in the NFO’s banking division, Nerosha Maseti, said the stance of her office was unchanged. Only when the compromise of a client’s banking credentials is reported to the bank does the bank have a duty to mitigate any losses by placing a hold on the account, she said.
But she added that each case would have to be assessed on its own merits. “Any measures being implemented by the bank, such as declining or delaying processing of transactions, could result in harm or even loss of life of the customer, which would invoke the question of whether any possible mitigation measures are worth the cost of a life of a bank customer.”
And the problem with mitigation measures implemented by banks is that “the perpetrators of these crimes would become aware of these measures as they are also customers of the banks”, she said.
And if banks paid all the losses of clients who were made to reveal their banking access codes under duress, she said, that could encourage the fraudulent staging of such events. Ultimately, Maseti said, where the specific facts of a matter place liability on the part of a consumer, the bank still has the option to consider the personal circumstances and vulnerability of their customer and may in some instances tender an offer as a gesture of goodwill.
I raised the issue with Investec, asking how its stance was justified, and why call centre staff initially asked the family to report the crime and submit a case number, given that the bank had no intention of blocking the account to protect Boitumelo’s funds.
The bank declined to comment on Boitumelo’s case and its unilateral decision not to block accounts of kidnapped clients on instruction from their families.
“We do not comment publicly on individual cases of such crimes, both out of respect for client confidentiality and so as not to undermine our work with the authorities to combat crime.
“We appeal to our clients to take all possible steps to reduce their exposure and offer them detailed advice ... on how best to do this.”
Short of employing a permanent bodyguard, or never leaving your fully secured home, I can’t imagine what those steps could be.
Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.