We may have come a long way from the days of the old American ‘west’ when bank robberies were committed by bands of brigands ‘toting’ guns and barking orders to terrified tellers to ‘open the safe’ and making off with bags of money. These days, the banking sector has drifted deep into the world of security-related technology. So too have the bank robbers.
Republic Bank Ltd’s recent Visa Debit Card fraud, the attendant public response and the subsequent intervention of the Bank of Guyana on the issue of the bank’s refunds to the victims of the fraud provided a sobering reminder that while gun-toting bandits may no longer be able to ‘trump’ technology, the bank robbers have been able to get around that problem by simply joining the technology bandwagon.
Accordingly, these days one of the problems with addressing the contemporary bank robbery, of course, is the time, intellectual energy and technological know-how it takes to figure out how the crime was actually effected. It is easier, after all, to work out the modus operandi of masked, gun-toting bandits barking orders at ready-to-comply tellers. After the banks come to understand that their technological defences have been breached, they then, arch-conservative institutions that they are, begin to count their losses and afterwards consider how those losses can be cut.
That, indeed, appeared to be at the heart of the proverbial ‘riot act’ read by Central Bank Governor, Dr Gobin Ganga, after it had been reported that Republic Bank had placed a three-month retroactivity period around refunding victims of the scam. In other words, according to media reports, if your visa debit defences had been breached any more than three months earlier, you would not be refunded. Guyanese, of course, are not the kind of people who are known to take those circumstances ‘lying down’.
Fast forward to just over a week ago when it was reported in the Barbados media that Scotiabank was moving to repay its customers who were robbed by ATM hackers and was, simultaneously, ‘installing’ a new online banking feature to warn customers. The banking response appeared to work significantly more quickly in Barbados since it had been a matter of just days earlier that several people had fallen victim to another ‘bank robbery’ ruse known as ATM “skimming.” This is a type of fraud which occurs when an ATM is compromised by a skimming device, a card reader which can be disguised to look like a part of the machine. The card reader saves the users’ card number and pin code, which is then replicated into a counterfeit copy to steal from the unsuspecting users’ account.
By last Wednesday, Scotiabank in Barbados had reportedly already begun the process of reimbursing customers and for good measure made the announcement that it would, henceforth, use technology to alert customers about suspicious activity on their accounts.
“While investigations are continuing and the matter is in the hands of the authorities, the bank has been in contact with impacted customers and is working with them to have their reimbursements fast tracked,” is what Scotiabank Barbados was quoted in a section of the media as saying. Simultaneously, the bank said that it would introduce “Alerts” that would allow customers to receive real-time notifications about activity on their accounts.
Perhaps out of an abundance of ‘discretion’ and quiet with which the local commercial banking sector has customarily been known to operate, not a great deal more has been heard about the Visa Debit Fraud since the occurrences. Not so in the instance of Scotiabank in Barbados. There, the bank appears to have embarked on what would seem to be nothing short of an image-retrieval blitz, encouraging customers “to sign up for online banking” so that they can benefit from the promised (free) ‘Alerts” and declaring that it was “committed to keeping customers’ accounts and financial information safe and secure.”
Not so Republic Bank here in Guyana which managed to upset quite a few victims of the local scam by declaring that it was prepared to apply retroactivity of up to no more than three months as a basis for making restitution to the victims. It was, of course, at this point that the Governor of the Central Bank read his own Riot Act, curtly declaring that it was the expectation that every victim would be reimbursed to the extent of his or her loss. Case closed…or at least so it would seem.