to wonder if bank staff can access your accounts?

[lhastingsmua]

Of their own accord (not assisting you in any capacity)?

My ex now works at my main bank, as far as I know at a customer call centre and not in branch. He’s quite obsessive and knows I bank with this company. I’m concerned that he could search for my account and bring up my details, including my new contact information/address alongside my financial information (which would also show him where I now work and my salary.)

Please tell me I’m being silly and he cannot simply access my account without my authorisation?

Agree with those people who are saying switch and find a sweet deal for doing so, so that you are quids in. Then spend the switch money on something lovely for you.

We got someone sacked from santander who did this to my husbands account. She passed on some information about how much my engagement ring was to her friend, they tell out and the friend contacted me to tell me what had been happening. I called the bank, they investigated and confirmed but tried very hard to play it down as much as possible. If you have any concerns just call the bank complaints number. Definitely change banks too! So frustrating that people think they can abuse their positions.

*fell out

evilharpy, I feel like you’re purposely missing the point. They need unfiltered access to sensitive information to carry out their duties, of course. However as you can see from the many responses from here, staff can essentially access anyone’s account without authorisation from a customer OR without a reason to with very little detection from their employer. As others have mentioned, this sort of ‘snooping’ would be a sackable offense. So I am not referencing bank staff carrying out their duties, but the ones who take it upon themselves to search up people they know (eg ex partners) and snoop through their accounts.

You can of course complain but they will probably just come back and say it's not allowed etc. Which is true but that doesn't stop it from happening and it would be unlikely they would know that he's done it without investigating.

I would moved banks 100%

So I am not referencing bank staff carrying out their duties, but the ones who take it upon themselves to search up people they know (eg ex partners) and snoop through their accounts

The problem is I think it would be impossible to differentiate. They need access to accounts to carry out their roles. This doesn’t just include when a customer is sat in front of them, or is on the phone, but also for a lot of behind the scenes work. I don’t know how the system could differentiate between accounts they’re looking at as part of their job and accounts they’re looking at out of nosiness? Banks have millions of accounts on their systems.

It would be the same violation of privacy and data protection if it was the other way around and I (NHS employee) took it upon myself to go through my ex’s medical records - it is not okay.

Fair enough, which is why I have filed a complaint and just asked the adviser to check if my account has been accessed and take it from there.

Accessed by him*

Yes it would be the same and no it’s not ok, but the NHS systems can’t differentiate either unfortunately. I worked for a GP surgery in the summer holidays when I was at uni and could access the account of anyone registered there. I wouldn’t access it without reason as a) it’s unethical and b) a sackable offence but I had the ability to.

SoyDora Sorry but you are wrong. NHS systems can differentiate. They have to, by law! That and I used to work alongside a PM who ran data audits. He once asked me to explain why I had accessed 20+ patients in one day. My reasons were legitimate, he just needed to show that he was aware and had confirmed them as such.

Of course SoyDora. But my ex is creepy and obsessive, he is an ex for a reason so I do think he would browse through my account unfortunately. He changes jobs every few months and has never been in a job longer than 6 months (he’s 30) so although it is gross misconduct I don’t think he’ll care much

SoyDora Sorry but you are wrong. NHS systems can differentiate

That’s fine, happy to be wrong! When I worked for the NHS I could access any patients information if they were registered at the surgery. Yes obviously it was audited and you would have to prove you had reason to access it if picked up, but at the point of actually accessing it there were no checks as to the reason I was doing so.

Wrt the NHS, I was told in training that when Richard Hammond was in a crash during filming of Top Gear, his records were accessed 80,000 times by NHS staff who had no involvement in his care

Ah! I see what you mean. I misread your post, sorry!

Yes, at the point of access nobody physically checks... though if an account is flagged someone could

lhastingsmua yes I can completely understand why you don’t want him viewing your account and I think checking if he has/hasn’t already done so is a good idea.

There is no doubt in my mind that you should move your account.

I used to work for a bank, and it wasn't even a branch - but retailer credit card services. We had access to all the bank accounts - not easily - but there were certain systems to access for credit checks - and people used to look up the accounts of people they were dating etc. There were also a number of generic passwords that people shared - so an employee could do this and be completely untraceable. It is shocking - but banking is considered a "position of trust" - employees are trusted not to misuse their position.

This was 20 years ago now - perhaps they've tightened things up now.

I understand why you don't want him to access your account but it is unreasonable to expect bank employees not to be able to access customer accounts easily. It's the same in many industries; I used to work in HR in a major corporate company where I had access to thousands of employee and customer files, with personal details such as medical records, salary info etc. It was an offence to access them unless needed for business purposes.

You can't expect the bank to ringfence access for each employee. Where would it end? Lists of neighbours, friends, family....for each individual employee? People have to be trusted to be professional and do their jobs.

If you are unhappy you can easily change banks - that's what I would do in your situation.

@ToeToToe they certainly have tightened things up in the last 20 years, I believe under the new GDPR it will be a prosecutable offence to share passwords and access information that you have no business reason to access.

In your position i would change banks for peace of mind. Yes you shouldn't have to but it's the only way you can stop him having access to your account.

I used to work for an energy company. Yep we could (on occasion I had legitimate reason to access some rather high profile accounts as well)... but every access to an account and action taken, even opening just the account info screen, was logged with your employee ID and you were expected to put a reason in you were accessing it. If you had friends or family whose accounts you needed to access you were expected to get your boss to access it and do whatever actions were required on the account themselves - rather than you even touching it.

DH still works there and quite often he's doing database analysis to catch out people doing anything remotely iffy going into accounts they have no reason to be going into or whatever else and it IS taken really really seriously.

Definitely. My DH used to be a banker and you can look at anyone's accounts, nobody would be any of the wiser either!

ToeToToe things had definitely been tightened up 6 years ago when I worked for a bank.

ihastingsmua I'm not purposly missing the point. Just saying that there are reasons why staff need to be able to access all accounts/client details. I don't know what your ex's actual role is but if he worked for example in a compliance role he would most lilely have access to all client records and have good reason to access a lot of them. You couldn't monitor everyone who had ever monitored any account because it would be disproportionate to the amount of risk - although I imagine most systems would retain some sort of audit trail.

I personally would move banks.

I'm not sure why you have filed a complaint though. Are you complaining that your ex has access to your account? As far as I can see there is no actual complaint here.

I've worked in a bank for years op. It takes me ten seconds to pull up someone's accounts - I can search using name, address, or partial info. I can then see all accounts, balances, transactions, as well as the full audit history stretching back 6 years for letters, applications, phone calls, basically anything to do with your account.

It never gets flagged unless an individuals account is specifically searched for access audit history.

Change banks - because even if he's sacked, he only needs to have made one good mate there who's willing to keep tabs on you in future for him.

It happens all the time - and the bank are not obligated at all to tell you specifically what action is taken against the individual...and I've seen numerous cases where it's just swept under the carpet and they've had a slap on the wrist.