Questions for Bank (Santander?

) at CRM hearing

These transactions clearly show the potential for fraud. The movement of such large sums of money
through CK’s accounts (in which they only stayed for a few hours/days) is entirely out of keeping
with normal patterns of spending (point which can be made to all 3 banks).

Greater level of care for the vulnerable/did they identify all vulnerabilities?

Check – why did ‘Confirmation of Payee’ not established at the bank?

COURT OF APPEAL UPHELD QUINCECARE

Transactions took place only a short time since account was credited.

Was CK asked to confirm these instructions via a different method? (letter/phone, email/visit etc).

Was the Bank aware that CK was vulnerable to fraud at the time of these transactions? (age, health
issues, low technical knowledge). What additional safeguards did CK have available to her due to her
vulnerable status? Having noted the potential for fraud, what additional questions did the bank ask a
customer with vulnerable status?

Did anyone at Bank explicitly advise that this was a scammer?

How strong were the warnings given to CK? Was she asked why she was outside of Dublin? Was she
asked anything about undue influence? Were any warnings tailored to APP scam risk indicators?

Warnings must be specific – tailored to customer type and APP scam risk identified by analytics

WAS BANK ON INQUIRY (ABOUT FRAUD) on these occasions: (see DQST) see it die a little too
viicious? LOL NO DON’T WRITE THIS

Refuse to reimburse negligence or fraud.

No fraud here. Financial Ombudsman ruled in favour of consumer in 73% of cases. Banks ruled
against in up to 90% of cases. Repeated decisions over multiple days.

See case studies: https://www.lendingstandardsboard.org.uk/wp-content/uploads/2020/04/CRM-

Summary-Report-Reasonable-basis-for-belief-.pdf

Emphasise COMPLEXITY of case (multiple days, computer virus and phone used, spoke to more than
one person, sounds of busy office, complicated story spun about rogue elements within Ulsterbank
as well as ‘hackers’ being part of a fraud attempt. Increased evidence of vulnerability.

Lack of emotional resilience of CK - heart issue.. Did Bank ask for in person meeting?

Presumption customer is to be reimbursed.

What is Bank alleging CK should have checked?

If she is vulnerable she gets reimbursed. Current circumstances: away from home (in N Ireland).
Level of specificity of warning?

Was questioning closed? Were questions asked to establish customer’s vulnerabilities?

SF11 (a) “Firms should establish transactional data and customer behaviour analytics incorporating,
where appropriate, the use of fraud data and typologies to identify fraud payments” Did they?

Tools for the vulnerable – examples found in the Annex to the Practitioner guide.

Did tney mention APP scam in the warnings? Risk indicators and where available scam types.
*Should* delay?

Must repatriate funds if they have not left the country.

Fail if : Customers have no basis for reasonably believing the story/scam is real. Or the Customer has
been grossly negligent.

May have impeded customer’s ability to meet standards BUT did Customer act dishonestly or
obstructively in a material aspect. IN PROCESS OF ASSESSING Did firms impede consumer’s ability to
avoid scam?

Personal circumstances

Timing and Nature

Capacity for production

Impact on customer

Knowledge, skills and capability in engaging with financial firms.

Disproportionally effected.

Allocation on basis of each payment journey

50% to 100%

Did original firm warn receiving firm in conformance with best practice conduct? If so receiving firm
should have blocked the transfer.

Given a pin?

Lying? Must take vulnerability into account.

We take the view that “gross negligence” is a suitably high bar that goes well beyond ordinary
carelessness.

“social engineering”

NADIA FIS https://www.financial-ombudsman.org.uk/decisions-case-studies/case-studies/customer-

asked-transfer-money-account-threat

SCAM COULD HAVE BEEN PREVENTED BY ASKING MORE QUESTIONS OR CALLING THE POLICE:
Banking Protocol’

Email impersonation scams, advice to find out who is really speaking?