The Banking Ombudsman has found a bank liable to refund a customer $5,000 stolen from her account after a friend obtained her password and rang the bank to the change the access details.  The Ombudsman held that the bank’s checking by way of security questions and other details should have alerted them to the fact that the person calling was not the account holder.

The person calling was much younger than the customer and the bank’s employee had thought that the person sounded much younger than the recorded age of their customer, but despite that agreed to reset the internet banking password.  The Ombudsman held that the bank should not have allowed the caller to change the password.

The bank had originally refused the customer’s request to reimburse her for the stolen money, as they claimed that she had caused the loss by failing to keep her password safe.  If a customer is not satisfied with a bank’s response to an initial complaint then the Ombudsman is a good option for taking matters further.

Alan Knowsley