Hi kids
Today we're going to learn to spell GDPR.
TSB meltdown latest: Facepalming reaches critical mass as Brits get strangers' bank letters
TSB customers have reported receiving letters from the British bank containing other people's details in the embattled firm's latest cock-up. The bank went into meltdown at the end of April when a long-planned migration off its former parent Lloyds Banking Group's infrastructure went badly wrong. Customers were unable to …
-
-
-
Friday 1st June 2018 18:05 GMT Anonymous Coward
Re: Hi kids
Tomorrows lesson is percentages and we're going to start at 4%
I wish, you wish. But the limpwrists at the ICO have already said that they're going to go softly softly on enforcement this year, preferring education and improvement. Because those poor, poor businesses have only had two years to prepare themselves. Oh, and another four years since the original GDPR proposal was released.
This is only fair for the destitute and beleaguered financial services sector. Lets face it, if you only had six years to prepare for something (eg a new speed limit), you'd be deserving of special leniency for a year or more after it came into force?
-
Sunday 3rd June 2018 20:56 GMT TheVogon
Re: Hi kids
" But the limpwrists at the ICO have already said that they're going to go softly softly on enforcement this year, preferring education and improvement."
I think you will find that blatant incompetence with widespread impact will still result in a large fine. The softly softly is for stuff that's new under GDPR and that might not have been clearly understood or implemented in time.
-
Friday 1st June 2018 20:32 GMT Anonymous Coward
Re: Hi kids
Interestingly difficult to find up-to-date turnover ("revenue") figures for TSB. Wikipedia's latest numbers are dated 2014. The 2017 annual report rewports "income" of £1,096.1
( https://www.tsb.co.uk/investors/results-reports/ ) ... so a £40m fine, which will lose a few people their bonuses but shouldn't be that big of a deal for any properly capitalised bank. The ICO fine isn't where they're going to feel the pain; it's the FCA and PRA. I've been a tangential witness to the consequences of the FCA's more, er, focused officers getting very interested in an organisation after a spot of operational bother. It was serious brown-trousers (and skirts) time in the C-suite. Folk knowledge and urban myth notwithstanding, people DO lose their jobs, they DO get disbarred from practice, and in some cases they do get personally prosecuted. Not, perhaps, as often as should be - and they could certainly do with a honking great budget and headcount increase, as could other UK regulators - but in screwups this public, where every MP has affected consitituents, and sees an easy, popular target in front of them; and for every ambitious young FCA / PRA whiplasher, this is going to be fish in a barrel time.
I am open to the possibility of having my head up my naive old arse, but let's see how it goes.
-
Tuesday 5th June 2018 14:30 GMT LucreLout
Re: Hi kids
Tomorrows lesson is percentages and we're going to start at 4%
I've been wondering about that. I mean, lets assume the ICO actually grow a pair and start using their powers.... Surely this is an incentive to restructure every pan-European company into seperate entities? TSB is UK only, so fines would be capped at 4%. Someone like, say Farcebook, is pan-European, so could be fined 4% in each legal jurisdiction, which adds up to rather a lot more.
Obviously, that'd only be relevant, as I said, if the ICO actually started to do their jobs instead of simply existing to protect corporate law breakers from robust legal action.
-
-
-
-
Friday 1st June 2018 16:45 GMT anthonyhegedus
Not fit for (any) purpose
The buck stops with the CEO and other directors. They should be made personally liable for this mess, and reimbursing every customer. This is now becoming an absurd comedy of errors. The directors need to be punished. They're not running a cinema, or a supermarket, or an email service. This is a bank, and certain standards need to be adhered to. It is absolutely clear that the management of this organisation don't give a shit about their service.
-
Friday 1st June 2018 17:06 GMT Chronos
Re: Not fit for (any) purpose
Oh, they have standards. They're not very high, but they've got them.
They weren't all that clueful back before Lloyds gobbled them up, when they started calling themselves the TSB Bank. So that'll be the Trustee Savings Bank Bank, then?
Resurrected, it seems it's [monkey] business as usual for TSB.
-
Friday 1st June 2018 20:38 GMT Tom Paine
Re: Not fit for (any) purpose
The buck stops with the CEO and other directors. They should be made personally liable for this mess, [..]
What, like this?
https://www.bankofengland.co.uk/prudential-regulation/key-initiatives/strengthening-accountability
and reimbursing every customer.
If you had the slightest idea what you were talking about, you wouldn't say something so silly. :)
-
-
Friday 1st June 2018 17:58 GMT Dan 55
Why do they still have customers?
There's data clusterfuck that's still not over, not even a month and a half later.
Scamming still carrying on, possibly due to crappy website security.
Seems like the bank hasn't rolled out extra customer support channels.
The only thing that's going to happen if this is allowed to continue is other banks won't bother either.
-
Saturday 2nd June 2018 06:40 GMT Richard 12
Re: Why do they still have customers?
Because TSB are in such a meltdown that leaving takes weeks.
And in some cases kills the customer - several suppliers with Direct Debits with people who've closed their TSB accounts have been sent letters saying the account holder had died.
That mess is also quite hard to resolve.
-
-
Friday 1st June 2018 19:06 GMT adnim
sql
I was going to say perhaps a schema has changed and the joins don't reference the right columns any more.
Then I thought, Nah I don't have a clue. A professional team could not make that kind of mistake.
Then I thought have they employed a professional team?
I don't know what my colleagues think of my work practices when I spend most of my time looking out of the window. I call it planning.
-
Friday 1st June 2018 20:12 GMT Anonymous Coward
... and Crapita
Just received a letter from Crapita to somebody who has never, ever, lived here.
Better half used to work for Crapita.
Crapita (Hartshead subsidiary) were anxious to explain how GDPR might affect this person and how they used personal data in relation to the pension fund.
Perhaps they out-sourced the out-source to the same people?
-
Friday 1st June 2018 20:44 GMT Tom Paine
Re: ... and Crapita
In a way, I'm almost disappointed TSB made such a thorough job of spraying themselves in ketchup and BBQ sauce and jumping up and down in front of the metaphorical ICO dragon shouting "Me! Me! I taste delicious!! Come on, then you tosser, come and have a go if you think you're flamey enough!!" Not to worry.... there's a long tail of other fun test cases and precedents to litigate, no doubt it'll still be getting fought out well in to the 2020s. If anyone can afford lawyers after Brexit.
-
Monday 4th June 2018 05:28 GMT David Knapman
Re: ... and Crapita
Sorry, are you admitting to opening post not addressed to you? You know you're not meant to do that, right?
Blot out the address (not technically required but sometimes the helpful posties will attempt to redeliver if the address is still visible), scrawl "not know at this address" on the envelope, stick it back in a post box.
-
Monday 4th June 2018 09:00 GMT david bates
Re: ... and Crapita
Nat West tried this line with me when I opened letters for the last owners of my house. I opened the letters because I did not want the bailifs turning up on my doorstep trying to recover their debts.
As I'd already informed NatWest that the people they wanted did not live at my house I managed to wring an admin fee out of them.
-
Monday 4th June 2018 12:35 GMT Steven 1
Re: ... and Crapita
If I'm getting letters delivered to my address but to people I've never heard of your damn right I'm opening them.
When the oh so charming bailiffs turn up trying to enforce a writ I want some advance warning.
Been there done that.
In my experience they’re not that bothered about mistaken identity either, my girlfriend (now wife) had two goons turn up to try and collect on a debt for a woman with a different first name, birthday and address to her (woman at one stage lived about 20 doors away) from an organisation she had no links with whatsoever.
I would add these two were at the more budget end of the debt collection spectrum rather than the more pucker one’s you might’ve seen on TV.
-
-
-
Saturday 2nd June 2018 04:41 GMT Anonymous Coward
Ha, admittedly it is fun until someone looses an eye
Do not think for one second that any of the other banks are more competent, they just have more experience at hiding their cockups.
Given that Banking is the last major industry in the UK and with the sale of the last of the country's gold by G Brown resulting in GBP being is based soley upon GDP then you would imagine that something would be done about having a GDP once banking falls over for good.
Perhaps if we all leave the UK, become EU citizens after BREXIT and then come back as immigrants then we can finally have an intelligent say in how the country is run.
-
Saturday 2nd June 2018 11:05 GMT solv
SMS is not a secure method of delivery for 2 Factor authentication....most people in IT have known this for at least 3 years now - SIM swapping is just too easy.
How in holy hell a bank is allowed to continue to use this method is beyond me...
It's really not that hard to implement either Google authenticator or something like symantec VIP
-
Sunday 3rd June 2018 01:19 GMT sanmigueelbeer
I'm going back tomorrow to get compensation sorted.
I think "the best offer" you'll get is a free lifetime coffee/tea or £100 (whichever is lower).
But the limpwrists at the ICO have already said that they're going to go softly softly on enforcement this year, preferring education and improvement.
The Australian Competition and Consumer Commission is mandated to be champion for consumer law. The recent Australian Royal Commission on the banks have lifted a lid about how the ACCC works. One of the things mentioned is that the ACCC is (mostly) staffed by bank employees in secondment to the ACCC. These people help the Australian banks getting away with some of the dodgiest banking practice we've ever seen. This is also one of the biggest reasons why the ACCC is reluctant to go after the big four banks in Australia and instead, it goes after the small banks & business (like a bully).
Since Australian systems are basically a copy of the British system, maybe they have the same sort of practice (hence the "softly, softly" approach)?
-
Monday 4th June 2018 07:11 GMT RobinCM
Perhaps
If TSB hadn't been forcibly split off from Lloyds then this wouldn't be an issue.
Any large scale data migration is going to have problems. These problems are exacerbated due to money being involved. Hands up if you've done a data migration of this scale and had zero issues?
I feel rather sorry for TSB in some respects. Forced into existence, they hire a supposedly expert firm to manage their systems and data migration only to have it blow up in their face. So they're paying through the nose for IBM, and now they're having to deal with frauds, fines and legal nonsense too. And try and provide some kind of valuable service to customers.
-
Monday 4th June 2018 10:56 GMT Androgynous Cupboard
Re: Perhaps
If Lloyds is going to borrow 20bn of the taxpayer, the fact this loan came with conditions like "trim your bloated ass by selling off TSB" shouldn't be a major surprise. The fact they then attempted to hit a migration deadline that was clearly unattainable is no-ones fault but their own.
FWIW I've been using Bank Of Scotland for my business banking for quite a few years now - they too were gobbled by Lloyds, and while it hasn't quite gone to shit as much as it has for TSB, they've since dropped the ball enough times for me to put "move banks" on my to-do list. Whole group is rotten to the core.
-
-
-
Monday 4th June 2018 11:37 GMT Hans 1
Your third-party supplier whose actions you are responsible for?
Worse, still, TSB, I do hope you got approval from your customers for the sharing of personal data with those third parties, obviously inline with GDPR, right ?
I seriously cannot see how they can get out of this mess, I know they have to somehow (they are a bank), but Feynman ...
Icon: feel sorry for customers
-
Monday 4th June 2018 13:47 GMT Dan 55
I expect they need to be able to share data with their printers to be able to send the statements.
And their printers are only printing what TSB tell them to, which brings them back to messed-up back office data or a process which gets confused as it doesn't scale to a bank like TSB's size.
-
Tuesday 5th June 2018 14:41 GMT LucreLout
I seriously cannot see how they can get out of this mess, I know they have to somehow (they are a bank)
Ok, up front, I work for a bank - I've never made any secret of that.
I question the whole idea of TSB surviving. Surely it has reached the point where they are going to be overwhelmed with compensation cases, fines, and customers fleeing just as soon as allowable, and with such reputational damage, that survival becomes uneconomic?
Would it not be simpler to shutter the lot, and novate customer credit balances to other providers? I realise that means they have to figure out how to associate an account with a person correctly, but if you scrape away their web tiers etc and only looked at the core mainframe (it will be) data, you could do this quite quickly.
Banks should have been allowed to fail. Quite why labour ever bailed them out is a mystery to most of the industry - yes contagion had to be stopped, but crippling lloyds with the rotting remnants of RBS didn't really achieve that.
Let TSB go - its already dead it just hasn't realised yet.
-
-
-
Monday 4th June 2018 12:43 GMT Steven 1
Voting with your feet
Already had enough, it's been one cock up after another so I've pulled the plug on them and moved.
Historically I was a Lloyds customer who never asked to be bumped over to TSB, they just decided my branch was going and that was that.
Did it old school as I assumed any migration process was as likely to cock up as anything else they've done recently.
If enough people whip their money out from them I can see that causing them a few problems as well, not sure what their liquidity ratio is but might be interesting to keep an eye on it.
-
Monday 4th June 2018 13:46 GMT Anonymous Coward
I think TSB are in serious s**t.
I recently provided a written statement along with evidence(screenshots) to another customer's lawyer about having access to their account statements through my wife's TSB online account during the problems. Their lawyer thinks this is a spectacular failure from TSB and is quite rightly excited by the pending litigation. I on the other hand only see one winner in this and it won't be the victim, TSB or any TSB customer for that matter.
-
Monday 4th June 2018 14:02 GMT Ralph76
Don't mention the war..
It is just a good job the entire world and his dog have not been spamming all 7 Billion humans on the planet with email, adverts, videos, wall posters, billboards and the rest, with news of impending GDPR guidelines.
I mean, if THAT had been the case, TSB would have no excuse whatsoever for such a shocking data leakage.
Luckily, it was only mentioned the once and I think they got away with it...
Biting the hand that feeds IT
