AYALA-led Bank of the Philippine Islands (BPI) was hit by a technical glitch on Wednesday, with clients complaining of their balances being wiped out or going negative.
The country’s third largest lender blamed an error in internal data processing for unauthorized transactions in its clients’ accounts, and assured the public that its systems were not hacked.
“Due to an internal data processing error, some clients may have seen their accounts debited twice or credited twice for a past transaction,” BPI said in an advisory released Wednesday.
BPI clients reported over social media unauthorized withdrawals and deposits on their accounts. Withdrawals, money transfers and balance inquiries were affected.
The bank’s online and phone banking facilities were also inaccessible, depositors said. Banking hours were extended to 7:30 p.m., however.
BPI said: “We are currently correcting the mispostings. We apologize for the inconvenience that this may have caused.”
In a news conference, Catherine Santamaria, BPI senior vice president for retail banking, said the internal system error caused some transactions that occurred between April 27 and May 2 to be double-posted on June 6.
“We would like to apologize for all the clients who were affected by the current situation that we have,” she said.
Santamaria assured the public the glitch would be resolved within the day. “We have put down all our electronic channels so that we can immediately address the situation that we are facing,” Santamaria said.
Santamaria insisted the error was an internal systems issue, not because of hacking or a scam.
“There is a lot of rumor about it being about hacking or a scam. It has nothing to do with that, we at BPI have the highest security standards,” she said.
The BPI executive also said that the bank was in close coordination with the Bangko Sentral ng Pilipinas (BSP).
“One of the things we’re really looking at is before the end of the day, all your balances will be the same. No one will lose money. And those with double crediting, please don’t touch the money because we will automatically take it out,” she said.
Asked how many account holders were affected, Santamaria did not disclose figures, saying: “We’re are still putting the data together, but it is highly confidential. That is an information we cannot share at this point.”
BPI, founded in 1851, is the first bank in the Philippines and Southeast Asia. It held P1.2 trillion in deposits at the end of 2016. The universal bank has more than 800 branches and 3,000 automated teller machines nationwide.
No hacking – BSP
The central bank said it would investigate unauthorized transactions on BPI accounts reported by clients on Wednesday.
“We’ll investigate,” incoming BSP governor Nestor Espenilla Jr. told reporters in a text message.
“For now BPI assures us this is not a hack and the problem will be fixed today and no one will lose money,” he added.
Espenilla is the current deputy governor for the Supervision and Examination Sector of the BSP, which oversees BSP-supervised financial institutions like BPI.
The head of the Senate committee on banks financial institutions and currencies called for a thorough investigation.
Sen. Francis “Chiz” Escudero said BPI and the BSP should take a serious look into the incident, and tap the expertise of the cybercrime division of the National Bureau of Investigation.
“I don’t want to make any conclusions until it has been thoroughly investigated by competent authorities,” Escudero said.
Sen. Grace Poe said BPI must come out with a report on what caused the problem and not keep its clients in the dark.
“They (BPI) should be able to uphold the trust given to the banking institutions,” the lawmaker said.