Bank of the Philippine Islands (BPI) executives assured lawmakers on Thursday that no money was lost in the massive system glitch that led to erroneous electronic “mis-postings” on some BPI accounts earlier this month.
“We guarantee, your honor, that no moneys were lost,” said Ramon Jocson, executive vice president for enterprise services, in reply to a question on what assurances the bank could give to customers who might be concerned about having their money stolen.
Appearing at a hearing of the House committee on banks and financial intermediaries, Jocson said there was a “reconciliation process” for claims made by BPI depositors about any unauthorized transactions that occurred on June 7 and 8.
“In fact, we have had some clients saying ‘I did not withdraw or deposit,’ but we do have records because each of our ATMs produces a time stamp. If they withdraw from the ATM, we also have CCTVs. We go through a reconciliation process, we check the log, we go through the CCTV,” he said.
At the hearing, Cezar Consing, BPI president and chief executive officer, revealed that as much as P46 million was “accidentally” withdrawn by clients from BPI at the height of the glitch, which was later discovered to have been caused by human error.
He said the amount was still in the process of being recovered more than two weeks since the technical glitch caused unauthorized transactions to be reflected on some BPI accounts.
“There were mis-postings, and there was an amount, which in some cases, was withdrawn” by clients, he told the House panel.
“Weren’t those withdrawals illegal?” asked Eastern Samar Rep. Ben Evardone, chair of the House committee investigating the back-to-back malfunctions experienced by clients of BPI and Banco de Oro (BDO).
Consing replied: “It was accidental. The fact is most of this P46 million is getting paid back, most, if not all of it,” he said.
“There’s still P46 million that’s outstanding. Most of them are merchants, small businesses. We are making arrangements with them to settle. Almost all of them have expressed willingness to settle,” he added.
Joseph Gotuaco, chief financial officer and executive vice president at BPI, said the average mis-posting on both debit and credit was about P7,000.
All told, with an estimated 750,000 depositors multiplied by P7,000, “we’re talking of P5.2 billion either way,” he added.
“The highest amount that was debited was P1.6 million and the highest credit was around P2.5 million,” Gotuaco told the body.
Parañaque Rep. Gus Tambunting asked the BPI executives what kind of assurance they could give their customers that their money would not be stolen.
“We trust the bank, we trust BPI, but we do not keep a file of all those pieces of paper that come out of the machine. But when it comes to internal data processing errors like this, what assurance can you give a customer like me that internal data processing errors will not steal their money?” he said.
At the same hearing, BDO president and chief executive officer Nestor Tan told lawmakers how sophisticated criminals had become in “skimming” ATM cards, following the incident that involved several BDO clients whose accounts were compromised.
Some 95 accounts were affected in the recent incident, and BDO took the precautionary measure of blocking and replacing 75,000 ATM cards believed to have been compromised, he said.
“This happens on a regular basis,” said Tan. “What happened to us I cannot guarantee that it won’t happen again.”
“What happened to us happens in the entire industry… The compromise could have happened anywhere. You may have used the ATM of bank X, but your card was BDO,” he added.
In the first quarter of 2017, the Bangko Sentral ng Pilipinas (BSP) received some 50 complaints for unauthorized withdrawals, said BSP director Pia Roman-Tayag.
“What we encourage the customers is go to the bank so they will be restituted. The 50 are those who went to us,” she said.
Citing BDO data, Tan said fewer than 100 ATMs were hit by skimmers out of 15,000. “Only we don’t know for how long or how many cards were affected,” he said.