Oh, HSBC, I can’t untangle my personal finances from you fast enough. After my last post about firing The World’s Most Incompetent Bank, I unfortunately still have a couple of credit cards with them because changing my credit cards might impact my credit rating, and Suw and I are hoping to buy a house in the next six months. Once that happens, I’m closing these cards. I have lost all confidence in HSBC’s security, and they need a root-and-branch review of their customer service and communication processes.
Coming up on two weeks ago, my HSBC UK credit card was declined on a routine purchase on Amazon, and then a couple of days later, it was again declined again when I tried to pay for my British citizenship ceremony. (Yay!) This was the first indication that there was a problem. I logged into my account, and there was no indication that anything was awry. No big warning that my card had been compromised or messages asking me to call the fraud department on the internal messaging system. Business as usual for HSBC, which means some level of inconvenience and incompetence.
I sent a message asking for clarification about the status of the card on the internal messaging system. They informed me that there was a block on the card and that I was to call the fraud department but otherwise, they couldn’t actually do anything for me.
The call was enlightening and infuriating in equal measure. On the 23 April, HSBC detected that the details of my card were “copied by a known fraudster”. This is at least the second time that this has happened with HSBC. Wah? I hadn’t used the card since the 15 April. Was it part of a massive credit card theft online? Dunno. They have special software that lets them know about such things but provides them with no other details.
After finding out that my card had been compromised and that yet another new card would be sent to me, I asked to speak to a manager. (I think I’m up to four of five compromised debit or credit cards with them in the seven years I’ve done business with them.) He said that they tried to call me on the 23 April when the software flagged up the issue. I was in the US at the time, and my phone registered no call or voice mail.
I suggested to the HSBC manager that they had an internal security problem, and the manager assured me that they abide by the Data Protection Act. Fine, but what are their internal security procedures? I’m sceptical about the tightness of those procedures due to the high level of fraud that I’ve experienced as their customer. I told the manager that if I have serial fraud on cards with them that they might want to review their internal security protocols as well as investing in shiny anti-fraud software.
However, I also said that they needed to improve their customer communications. Put bluntly, I found out that they broke their own procedures. The manager said they should have tried to call me 10 days later, and if they couldn’t reach me, they were supposed to send me a letter. The call wasn’t made. The letter was never sent. There was no communication on the internal messaging system, which HSBC has but seems loathe to use. Instead, I found out my card had been compromised because it started to be declined. They assured me that a call was on their to do list today. Uh-huh, that’s nice to know. I have a lot on my to-do list today too.
As with so many of the issues that I’ve had with HSBC over the years, they didn’t solve my problem. I did. That’s what you can expect from HSBC, the world’s most incompetent bank. Customer service? Yes, absolutely, you the customer will have to provide your own service.
PS: This will hopefully be the last time I rant about HSBC. After heavy travel in May, we will return to our regularly scheduled media blogging immediately.