Comment by adrianmsmith
4 months ago
There was a comment on Hacker News, which alas I can no longer locate, where a guy said he'd been called by his bank and the bank wanted him to answer various security questions. He said he was happy to do so, but firstly needed the bank to verify who they were, or to call the bank back on a telephone number on their website. The bank refused, so he refused to give them any details. The bank then blocked his bank account, meaning he couldn't pay his university tuition on time, meaning his student visa was no longer valid as he was no longer "studying", meaning he had to leave the country.
That doesn't add up; you're free to call the bank at the telephone number on their website whether the representative who just called you wants you to do that or not.
A bank blocked an account because they called someone and that person didn't provide them with personal data? That sounds unlikely.
I've definitely experienced the first half of the story: banks really will do dumb things like this and then be surprised when someone is upset by it (anti-fraud protection tends to be the worst: a text-message from a random unaffiliated number with another unaffiliated number to call, where you must then provide account details in order to get your card unblocked, and trying to call the official number and go through the phone tree does in fact, eventually, tell you that it was legitimate, but only after hours of being batted between departments).
That's not the half I have trouble believing.
Banks do have obligations under AML and KYC laws to get information from their customers. I mean I know a single phone call sounds extreme, but I could believe it.
My bank (in the EU) wrote to me a while back (post, no copy to email, no sms, no phone call, etc.) saying if I didn't provide info on certain recent transactions (my salary) they'd block my account in two weeks. Thankfully I wasn't on vacation and saw the letter and answered and it was all OK.
Having information about you (that you provide when opening the account) is entirely different from calling you out of the blue after you already have an active account for long enough that you trust and depend on it for your migration status. Refusing then is in no way breaching AML/KYC requirements. They would ask them to validate the identity on the call, not to gather regulatory data on their client. If they didn't have any info and were to "call as ask" how would they know it's the right person and data anyway?
How is a bank not validating one phone call grounds for freezing funds?
I am not surprised. I know of a bank that disabled a credit card following a single missed payment for the crime of failing to answer a phone call.
This is one of the reasons I use a local credit union with a handful of branches only in my region. I can always re-establish trust by just walking into a branch to do business, and likewise they can always just ask me to walk in with my driver's license if they need to verify that I'm really me.
2 replies →
I understand the desire to be skeptical, but maybe you should give individuals the benefit of the doubt and the giant multinational corporation the skepticism.
I'm being skeptical about something someone wrote online about something the read online. Don't make this about ethics.