There have been many reports of incidences in the media where customers' personal data has been leaked and/or sold by employees working in call centres abroad. There are concerns about how well security in foreign call centres protects data, however the onus is still on the company outsourcing work as UK companies are not allowed to transfer customer's details to another country unless they can be sure that it will be subject to the same levels of security.
As part of our internal investigations into levels of security in foreign call centres, we contacted a call centre in India with details of some work to place with them. After a few brief email exchanges discussing the nature of the business and how many agents were needed, a manager emailed a 25-page proposal to us, which included details of their security rules and procedures. Although there were gaps identified in their procedures making it possible to compromise the security of data, their document stated several rules in place to protect data, including disabled external storage media and print facility at individual workstations.
There was no mention of whether employees keep mobile telephones (which could be used discreetly to take photographs of data) or handbags/other belongings and the manager responded to my question about this saying that lockers can be arranged for staff to store these.
In 2015, American telecommunications company AT&T, paid a fine of 25 million dollars as a result of insufficient security measures at a foreign call centre. The company was fined by US regulators as corrupt employees at the call centres were selling customer information, potentially exposing 280,000 customers to identity fraud.
Criminals have also used foreign call centres to distance themselves from the crime, to make it harder for authorities to catch up with them. In 2015, an American was sentenced to 14 and a half years after it was proved that he co-ordinated a fraud at an Indian call centre where callers pretended to be US government agents.
In 2006, a HSBC spokesman said that they had reimbursed loses totalling £233,000 to 20 of their UK account holders, after a employee at a call centre in Bangalore, India, passed their details to fraudsters.
The Daily Mail have previously reported that Indian Authorities have said that their efforts to combat corruption inside call centres has been hampered by companies' unwillingness to co-operate as they do not want to admit when there is a problem. Bad publicity regarding any loss of customer data must be avoided. The Newspaper has also reported in May last year that the, 'crimewave over the past few years left banks facing a sharp rise in payouts, costs ballooning 72% a year.' Authorities investigating fraud are also struggling with the number of reported incidences.
Banks and building societies were supposed to refund the loss incurred by victims unless they could prove they had been 'grossly negligent.' The new rules, possibly implemented due to the increasing costs currently being absorbed by banks and building societies, make it harder for victims claiming refunds.
New rules say that banks are not obliged to issue refunds if you have disclosed any of your security details, even if you were tricked by a fraudster into doing so. More of the responsibility of keeping your money safe from fraud is being placed on customers.
Advice to consumers who find themselves in this situation is to take their complaint to the Financial Ombudsman Service for their consideration. If on reviewing your case they find evidence to suggest they were negligent, they can order the bank to issue you a refund.
Find it useful? Please share!
Find it useful? Please share!
Last updated: 23 January 2020 | © KIS Bridging Loans 2024 | Terms & Conditions