Latest


UAE : Central Bank Starts Inquiry into ATM Fraud

  •   Mon, Oct 06 2008 09:21:59 AM


NEWS FROM THE UAE
SOURCE : THE NATIONAL

Central Bank starts inquiry into ATM fraud


ABU DHABI - OCT 06: The Central Bank of the UAE has begun an investigation into international fraud that may involve tens of millions of dirhams and continues to affect ATM and credit card users almost a month after the first reports of problems, financial sources said yesterday.

The Central Bank summoned officials from an unknown number of banks to a meeting on Sept 25 in Dubai, where they were informed of the investigation and told to give information to government investigators. They were not told when the investigation would be finished.

Officials at the Central Bank confirmed the meeting and the investigation, but would not elaborate.

Details of the fraud emerged in early September after several banks told customers in text messages to change the personal identification numbers for their ATM cards. An undisclosed number of people were defrauded, with some bank accounts being wiped out.

Mohammed Hammadi, 30, of Sharjah, recently opened an account at National Bank of Umm al Qaiwain (NBQ). Yesterday, before receiving his new debit card in the mail, he learnt that his money was gone. “I got a text on my phone yesterday telling me that my available balance was zero,” Mr Hammadi said. “I had Dh23,000 (US$6,262) in the account.”

An NBQ official said the bank would reimburse customers whose accounts were used fraudulently.

Several banks have indicated that they also will make refunds to customers who have lost money from their accounts.

Other banks are still dealing with the issue, taking precautionary measures such as reducing daily withdrawal limits and prohibiting foreign transactions made on UAE-issued cards. National Bank of Abu Dhabi, for example, has sent text messages to customers over the past two days saying it had lowered its withdrawal limit to Dh2,000 a day.

First Gulf Bank emailed customers yesterday, saying it had also taken additional protective measures.

“To protect our customers and to avoid any card misuse, we have requested customers to change their PIN immediately,” the email said. “For further protection, we have proactively replaced customers’ cards that have been used in the compromised networks.”

Some banks have conducted their own investigations, and gave the Central Bank their findings at the Sept 25 meeting. Bankers have expressed frustration at the Central Bank’s role, complaining that it has provided little guidance.

Officials at several banks have said they have identified a breach at a UAE-based bank as the source of the fraud, which allowed unauthorised people to obtain sensitive data such as PINs and information from magnetic strips on the back of the cards. The data were then used to produce counterfeit cards to make illegal transactions in dozens of countries.

Officials familiar with last month’s central bank meeting said several banks openly accused the bank that is suspected of being breached. Officials from the bank in question were said to have denied the accusation.

 

Fraud crisis bankrupts confidence


ABU DHABI - OCT 06: It was staff at the US Embassy in Abu Dhabi who first spotted that something might be amiss with the banking system.

On Aug 26, consular chiefs issued a “warden message” to all American citizens in the country, warning that “in recent days the embassy has received numerous reports of US citizens in the UAE who have been victims of credit and debit card fraud”.

Americans, said the embassy, should check the balances of their accounts frequently, verify the level of their personal liability and report any case of fraud immediately.

A few days later, the first of what was to become a flood of personal horror stories began trickling into The National.

Initial speculation was that “skimmers” might have rigged ATMs with secret “reader” devices, harvesting customers’ data and cloning their cards. But the manager of the anti-fraud division of a US-based credit union had an even more sinister explanation.

The credit card firm Visa, she claimed, had issued an industry warning that between February and August there had been a banking “network intrusion” in the UAE, “at the processor level”. This, she told The National, suggested that the records of the organisations that acted as the middlemen between merchants and credit card companies had been breached. “Visa,” she said, “is having a hard time figuring this problem out.”

It was several days before some of the main banks in Abu Dhabi reacted by sending text messages suggesting customers change their PINs. “For security reasons we ask you to please change your Visa Electron card in number immediately,” read one typical message, from the National Bank of Abu Dhabi.

As Ramadan got under way, mobile phones in homes and workplaces began receiving texts as banks including HSBC, Citibank and Emirates NBD requested that customers change their PINs. Long queues of irritable cardholders began to form at cash machines.

“Together with other UAE-based banks, we have been experiencing an attack on our local accounts from counterfeit ATM card usage abroad,” Jonathan Campbell-James, head of security and fraud risk at HSBC Middle East, said in a statement on Sept 9.

Customers were being urged to change their PINs “as a precaution” and the bank had “implemented various containment strategies to minimise the threat posed”.

HSBC’s customer service operators had advice for worried customers, but what they said worried clients even more: if they had not changed their PIN by 6pm the following evening, Sept 10, their account would be deactivated.

The advice was at odds with what the bank was telling The National – that accounts would not be blocked or frozen, but if PINs had not been changed the refund process following any fraud would be more difficult – but the effect was inevitable. Customers were taking no chances and queues began to form at ATMs as the supposed deadline drew near.

The customers had plenty of questions. But despite the growing crisis of confidence, bank staff were conspicuous in their absence – and banks failed to extend their Ramadan opening hours to cope with customer queries.

One British employee of Nakheel, queuing outside his bank in Abu Dhabi, said: “I’m not surprised there’s nobody ... here to reassure me. I’m not sure they could reassure me.”

On Sept 6 and 7, 39 illegal transactions had been made in the Philippines on a Citibank Visa card belonging to Akram Mirza, a German working in the oil industry.

Even though his account had a personal daily limit of Dh10,000 (US$2,700), the thieves had managed to siphon off Dh30,000.

Miriam al Hilali, an Iraqi working for a subsidiary of the Mubadala Development Company, spotted two transactions on her Visa card issued by the National Bank of Abu Dhabi: Dh8,200 had been charged against her account in Kuala Lumpur. But the worst thing about it, she said, was that the thieves appeared to know all her personal banking details: both sums taken had been just below her daily limit of Dh5,000.

“How can they know this sort of information?” she asked. “I feel used. I’m really upset.”
On Sept 10, as HSBC’s 6pm deadline approached and its telephone operators continued to insist that cards would be blocked if their PINs had not been changed, long queues formed at the bank’s terminals.

Wael Jundi, a financial adviser for SinoGulf who found himself in a 30-person queue at Al Wahda Mall in Abu Dhabi, said he had been given the advice on the HSBC telephone hotline at only 4.45pm that day. “This is a disaster,” he said. “They have to give me a reasonable time to change my card. What if I was on vacation or something?”

Because of dauntingly long queues, many were simply unable to change their PINs before the deadline, even though for many the deadline appeared to be meaningless.

Despite the threats of mass terminations, in the event very few people had their cards deactivated.

The following day, however, some banks did act. An undisclosed number of cards were cancelled without warning, leaving customers facing waits of several days before they could be replaced and, in the middle of Ramadan, with banks and other organisations operating short hours, this was a process that for many would prove far from smooth.

Other banks, including Abu Dhabi Islamic Bank, Citibank and the National Bank of Abu Dhabi, began sending out text messages warning their customers to change their PINs. By now, it was becoming clear that, whatever the nature of the security breach, it was affecting financial institutions throughout the UAE.

Yet despite the confusion and rumours rife among their customers, on Sept 11 not one of 10 banks visited by The National had posted any signs warning customers of the fraud or telling them what to do.

Some proved more willing than others to communicate with their customers, especially HSBC, which issued numerous press releases during the crisis. Others said nothing, while some even denied being affected, even though it now appears highly unlikely that any bank could have escaped the far-reaching effects of the security breach.

Details of the true extent of the fraud were difficult to come by. On Sept 11, Dubai Bank announced it had reimbursed 42 customers whose accounts had been raided and the National Bank of Abu Dhabi said it would issue full refunds. But the banking industry was circling the wagons; no one would say just how much money was involved.

Information, meanwhile, was confused – and in short supply. Eva Brunczvikova, an Etihad Airways employee, found out about the crisis by chance, and only after she had finished opening a new account. “I wasn’t told by anyone about this inside the bank,” she said. “I’m shocked.”

By Sept 14, almost a week after news of the widespread fraud broke, it was clear that the banks had yet to develop a common strategy.

The Central Bank had remained silent on the issue, issuing no statements and not responding to media requests for comment.

And a new bank strategy emerged, which appeared designed to frustrate customers even more. Without warning anyone, banks began reducing the daily limits on cards, leaving consumers with the impression that, unable to tackle head-on the security issue, the banks had resorted to limiting potential losses.

Barclays was among those that reduced withdrawal limits on accounts without notifying customers, a mystifying failure of service given the widespread PIN-change texting in which many banks had earlier indulged. “We inform them when they call us,” said a Barclays employee, “because this situation is not going to be for long.”

Most, of course, found out only when they tried to withdraw money from their accounts.
“This was a total surprise and very inconvenient,” said one man who had tried to withdraw Dh8,000 and found himself limited to half that amount.

“This is bad communication from the bank; it’s like they don’t really care about the customer.”

Experts in affiliated financial industries were beginning by now to worry about the credibility gap that was opening up between banks in the UAE and the rest of the world, where fraud occurs but is handled with minimum inconvenience to customers.

Although it is standing advice to all bank customers throughout the western world that PINs should be changed frequently, demanding a wholesale change by all customers would be unheard of, let alone with a day’s notice. Further, follow-up after the cancellation of cards was poor.

Customers in some cases were told a new card would be with them in two working days but had to wait in excess of a week or 10 days for the cards to be delivered. Some were told, just prior to the Eid al Fitr holiday, that accompanying PINs would be sent by post within a further four working days.

“If the UAE is to take itself seriously as a world-class financial hub, the ATM security breaches this week should serve as a wake-up call to both the banking community in the region as well as regulatory bodies,” Paul Sherry, the Middle East director of F5 Networks, which specialises in bank security systems, said in a statement on Sept 13.

“People seriously doubted the trust they had placed in their banks.”But the problem was not yet over. Accounts continued to be hit and, in a further apparent gesture of helplessness, some banks began to close accounts they believed to be vulnerable without explaining how they had reached that conclusion.

Others stopped customers using their cards abroad. Again, no statistics were made available, but this decision was certain to have come as an unpleasant surprise to many who were travelling overseas.

The lack of centralised information meant it was impossible for customers to make informed judgements about what to do with their money. Which banks were being hit? Which — if any — were safe?

Incomplete details continued to emerge, but on Sept 14 executives at three banks confirmed that illegal attempts to withdraw money overseas from UAE accounts were continuing, with one bank confirming it had had 58 such cases.

“It’s a well-co-ordinated, well-organised fraud network,” said Arup Mukhopadhyay, the executive vice president of retail banking at Abu Dhabi Commercial Bank.

Michael Miebach, the managing director of Barclays in the Middle East, revealed that banks were working closely with Visa and MasterCard, the companies behind the world’s two largest card networks, to discover how and where the breach had happened and who was behind it.

The Central Bank, meanwhile, maintained its silence, and one insider said no advice or instructions had come down the line.

“Clearly, if there had been leadership from the Central Bank right from the beginning, it would have stopped all the different approaches adopted by individual banks,” said one senior banker.

The first concrete news about the nature of the fraud emerged on Sept 16. Sources close to investigations being carried out by financial institutions told The National it was thought that the complexity of the fraud ruled out the usual suspects – such as hackers and skimmers – and that whoever was behind the crime had breached the network that banks use to share ATM data.

It was, in short, beginning to look like either an inside job or a breach perpetrated by someone who had detailed knowledge of, and access to, the banking system.

Officially, the banking community was saying nothing, but word began to leak out that one bank may have been responsible for the haemorrhage of sensitive information, and that the others would be demanding compensation. One banker, speaking on condition of anonymity, said: “We’re quite close to having completed the case for the prosecution and we have a fairly clear idea of how this occurred.”

Almost three weeks later, no arrests have been made and the police have yet to become involved.

The bank suspected of being breached meanwhile has denied it was the source of the problem.

It was also not until Sept 16, four weeks after the crisis broke, that the Central Bank e-mailed a statement to The National: “The said subject is related to banks’ security systems, not the Central Bank.”

 
Milk products being checked for contaminants


ABU DHABI - OCT 06: Tests are being conducted on milk products in the emirate and at its borders to ensure no products containing contaminated Chinese milk have made it on to shop shelves.

Officials at Abu Dhabi Food Control Authority (ADFCA) say they are “100 per cent” sure that the emirate is free of milk contaminated with the toxic chemical, melamine.

However, they are carrying out rigorous checks on imports and visiting markets to make sure none of the contaminated products are on sale.

Traces of melamine were detected in powdered milk produced in China a month ago. The chemical was used to increase protein levels in the milk. Thousands of Chinese children have fallen ill, with four deaths, prompting worldwide recalls of the milk or products containing traces of the milk.

“We are 100 per cent sure that there is no way that the Chinese milk has affected products in Abu Dhabi,” said Mohammad al Reyaysa, a spokesman for ADFCA.

“We are checking at the borders as well as going to markets and making people aware and giving them the facts.

“We are using all of the controls in our authority to make sure that there is no contamination here.

“We also ordered the border control to be vigilant when scanning any items, but so far we have not found anything. Our inspectors have gone to the markets and made sure that nothing came in from outside [containing the milk].

“Anyone who wants to sell any food here, we tell them to first bring a sample and we take it to the laboratory to check and see it is up to standard,” he said.

“If we then allow them to bring it in, at the border we carry out random sampling and then after it is in the market, we conduct more testing to make sure at the end of the day it is all right and hasn’t been affected by travelling or other factors.”

Dubai Municipality is expected to outline its policy on the situation today.

Countries around the world, from Asia to Europe, have moved to ban or recall products containing Chinese dairy products contaminated with melamine.

Late last month, Cadbury, the British confectioner, announced it had found traces of the chemical in chocolates made in a Chinese factory, triggering a recall in Australia, Hong Kong and Taiwan.

Similarly, Indonesia’s food control authority announced that it had detected, and would destroy, 16 dairy products from China containing melamine.

Melamine is an industrial chemical normally used in the manufacture of plastics. Consumption of it can result in kidney stones and kidney infections.

A total of 22 Chinese dairy companies have been linked to the scandal and police in the north of the country have arrested 27 people.

 

Thousands celebrate with their feet


Dubai - OCT 06: Thousands of Indians living in Dubai are dancing their way through the colourful nine-day Navratri festival.

Navratri, meaning “nine days”, is a Hindu festival marking the goddess Durga’s victory in a nine-day battle with a demon.

Worshippers in colourful costumes perform the Dandiya Raas dance throughout the night to celebrate the victory.

In Dubai, the modern version of the routine, “Disco Dandiya” was organised at several locations in Dubai.

 

Chamber urges rent caps due to shortage


ABU DHABI - OCT 06: Landlords should not be allowed to raise rents on flats and villas in the capital as long as supply outstrips demand, the Abu Dhabi Chamber of Commerce and Industry urged last night, as a new survey confirmed that the shortage is causing accommodation costs to soar.

The chamber estimated that there were 28,000 too few homes in the city – a figure expected to rise to 70,000 by 2010.

The average cost of renting a place to live in the capital rose 64 per cent in the past 12 months, a real estate consultancy reported.

A mid-range flat rents from about Dh130,000 (US$35,400) a year for one bedroom to Dh210,000 for three bedrooms. High-end flats range from about Dh135,000 to almost Dh255,000 a year, Colliers International said in its Middle East and North Africa overview, also released today.

Colliers said less than one per cent of the city’s flats are vacant, a critically “unhealthy” number matched only by Doha and, in recent years, by Dubai.
With so little housing available, landlords have been able to hold the market to ransom, despite the Government’s attempts to cap rent increases at five per cent.

The chamber said even tighter measures should be imposed with the cap reduced to a zero increase “to bring prices to a rational level and contain inflation”.

In a statement released by the state news agency, WAM, the chamber said continuing rent rises would lead to social and economic problems. It also called on the Government to define rent values within different city zones and build housing compounds for people on limited incomes.

There was a tendency to build luxurious apartments and villas which only met the needs of a tiny portion of the public, the chamber said.

Ian Albert, regional director of Colliers International, said the housing crunch might actually be worse than the numbers suggested.

“When our guys count the number of tenants in a building and say two out of every 50 apartments are empty, in actual fact they aren’t really available as they’ve already been leased to someone else,” he said. “There’s just no gap between units getting turned over.”

Any city with rental occupancy of more than 90 per cent has a serious supply problem, while 75 per cent to 90 per cent is considered healthy, analysts say.

Dubai’s occupancy rate has fallen in the past two years to 93 per cent, resulting in a more moderate 22 per cent average rental increase over the past 12 months.

Occupancy rates in Abu Dhabi, Doha, Muscat and Cairo are all above 95 per cent.

It will be three to five years before Abu Dhabi’s occupancy falls below 90 per cent and the pressure on the rental market eases, Mr Albert said, noting that 140,000 units are expected to be completed from 2011 to 2013.

“If you live there or you’re trying to live there, that’s a long time” he said. “The problem with Abu Dhabi is that the supply just is not getting there quick enough.”

With housing in such short supply, house hunters have to move quickly, he said.  “If you see something at 10 o’clock in the morning, by five past 10 that same morning you’d better make a decision about whether you want that apartment or not. There’s no time to wait and see.”

The shortage of apartments has been blamed on the length of time required to construct new buildings and an unexpected surge in demand for housing.  A ban on construction from 1999 to 2001, when the city was oversupplied, also was cited.

There is hope for middle-income earners. While Abu Dhabi is building substantial amounts of high-end housing, such as Al Raha Beach and Reem Island, it has also set aside land between Mussafah and Khalifa City for developers to build affordable housing. The land is free on the condition that rents are strictly controlled.

That sector of the market has been largely ignored in Dubai, where 40 per cent of the 140,000 units expected to be finished by 2010 are intended for high-income earners, in addition to the thousands of luxury homes already built, Colliers said.


Gulf stocks plunge as credit fears hit region


UAE - OCT 06: The Dubai Financial Market suffered its worst one-day fall in more than two years today, following the US and Asian markets lower on signs the credit crunch is  beginning to bite in the Gulf as the global economy heads for recession.

The Abu Dhabi Securities Exchange fell by 4.72 per cent, while the rest of the GCC followed suit with Kuwait down 3.59 per cent and Doha down seven per cent; the Saudi market was closed yesterday. The Dubai market fell 6.86 per cent.

“Retail investors are panicking because of what is happening in global markets,” said Adel Nasr, a broker at United Securities, adding that the beneficial effects of America’s US$700 billion (Dh2.6 trillion) bank rescue would take months to be noticed.

Mohamed Yasin, managing director of Shuaa Securities, said the shortage of liquidity in global financial markets remained a huge obstacle to growth.

“The $700bn move has resolved the issue only for the short term and for the US; it has done nothing for the rest of the world,” he said. “The problem we’re facing today is not an equity problem but a liquidity problem across the banking system around the world and the Gulf Arab region is part of that... the money pumped into the system is not enough.”

The disclosure of merger talks between Amlak Finance and Tamweel, which together would become the country’s largest home finance lender, did nothing to help the stock values.

Amlak shares ended the day at Dh3.17, down 3.9 per cent. Tamweel shares fell 7.37 per cent, finishing at Dh3.52.

After the close of trade, Amlak revised upwards its 2008 profit outlook, posting record results in the third quarter driven by home financing and property investments. It more than doubled third-quarter profit to Dh174.33m from Dh67m in the same period last year.

Still, worry over the outlook for the sector persisted.

“How will a merger solve the conditions for them?” said Mohammed Salih al Hashemi, executive director of asset management at the Abu Dhabi Investment Company. “It makes them stronger together, but doesn’t solve the problem that you will have one big lender with the problems that the two smaller ones had.”

Mr Hashemi said insolvencies were a real danger over the coming months because many companies depended heavily on short-term lending from the international money markets, and this supply of cheap capital had vanished.

The Central Bank has opened a Dh50bn credit facility to improve liquidity in the money markets, but take-up has been patchy and interest rates have jumped.

Some analysts called on the Government to make large deposits in local banks.  “The best solution would be to place long-term deposits in the banking system especially with the banks that have the capital shortages,” said Nabil Farhat, senior partner at Al Fajr securities in Abu Dhabi.

Crunch time could come in the next month or two, when companies have to refinance loans, he added.

Other stocks pulling the Dubai Financial Market lower included Emaar, Emirates NBD and Dubai Islamic Bank, leaving the general index at its lowest level since May last year.

Mr Farhat said foreign investors continued to withdraw money from the country to settle losses racked up on other markets.

  

Top Stories


Leave a Comment

Title: UAE : Central Bank Starts Inquiry into ATM Fraud



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.

You might also like