No, not in this specific instance.
However, there’s more.
On 20 March 2019, the Independent.sg reported on a letter written to the Straits Times (ST) by a purported client of DBS Bank.
The substance of the article accurately captured the gist of the letter to ST, but this article attracted us because the title focused attention on an allegation of the original letter-writer that was unfounded.
In the original letter – there were 2 main complaints:-
(1) That a DBS banker had accessed the client’s information in the bank without permission;
(2) That the DBS banker had failed to verify the customer’s information at the meeting before showing account information.
Based on DBS Bank’s response, the second complaint was true – that there was a lapse in the protocol by the DBS Banker, assuming that it actually happened. However, the first complaint is NOT correct. In other words, there was no breach of privacy or data security by DBS in accessing the client’s account information.
We agree with DBS Bank’s response.
In respect of the letter writer’s first complaint, we note that the writer had agreed to meet with the banker in question and made arrangements for this meeting for the very purpose of discussing the products suitable for him. Implicit in this agreement must be that permission was granted for this banker to access the client’s information. After all, how could the banker recommend any products if he had no idea what this client had with the bank?
The writer had also suggested that there was undue risk for the banker to “print out these numbers on a sheet of paper to carry around”. But that strikes us as an exaggeration. The banker had carried the printed information for the purposes of the meeting that this letter writer himself had agreed to. Any risk involved was literally sanctioned by the writer himself. Any suggestion that there were loose security protocols in this regard seems speculative.
So the real issue was not whether there was wrongful access by an employee of the bank. There wasn’t. Certainly not on the writer’s words alone. Rather, the issue is whether this banker was over-enthusiastic and side-stepped a protocol that should have been observed.
In that, DBS has been upfront and acknowledged so.