TMCnet News
When you thought it was safe… Credit purchases: don't sign your life away… Sticky subject [Daily News (South Africa)](Daily News (South Africa) Via Acquire Media NewsEdge) Imagine you need to buy yourself a double bed. The retail price is just over R4 000, but you don't have the cash, and you don't have a credit card, so you're forced to sign a credit agreement. So you sign, and by the time the furniture store has added goods and life insurance, an extended warranty, club membership, a delivery fee and service fees, the total amount you owe has swelled to R11 247, to be paid off at R469 a month. Then imagine that you don't quite earn R1 000 a month as |a gardener, and that you're married with six children to support. So before you've bought a loaf of bread, almost half your earnings have gone to paying off that double bed. For two years. The gardener in question is William Mlilo of Delft, and he signed this deal at Price n Pride furniture store in Bellville, Cape Town, last April. He couldn't keep up the payments, and by January this year he'd been handed over to debt collectors. His former employees, Norman and Judy Thomson, took up his case with the JD Group, which owns Price n Pride and many other furniture retail brands, on behalf of Mlilo. Norman Thomson, who recently retired as financial director of a large retailer, said he was appalled that the deal was signed up in the first place, and argued that it was clear that Mlilo could never afford the repayments, and that, being totally illiterate and unsophisticated, he'd simply written his surname, in shaky, disjointed letters, where told to. JD Group's Grant Whitfield was "extremely efficient and helpful", Thomson said, and accepted R1 562 in full settlement of the bed debt. But the couple, concerned about how Mlilo could possibly have passed the required affordability test, raised the case with me. "Having paid the R469 bed instalment, he would have been left with R250 a month to live on," Thomson said. "How can a company allow an individual to commit financial suicide with this sort of contract? "Any fool could see that he could not afford this debt." I took up the case with Whitfield, and received a response from Phillip Kruger, chief executive of JD Financial Services. It makes for fascinating reading. He said a full affordability assessment was conducted with Mlilo in that Bellville store that day, and all the elements of the credit agreement were explained to him. He agreed that Mlilo said he earned R980 a month, and said he declared his monthly expenses to be just R250, because he lived with his parents in |an RDP house, and additional expenses were shared by other family members. "A further verification was concluded at the credit bureau to confirm if there were any undeclared expenses, and there were none," Kruger said. He said Mlilo had said he was single with no dependents, and his employer had been contacted to confirm his employment. "Although a disposable income of R730 was available, our risk management system only permitted a maximum instalment of R511, of which Mr Mlilo took an instalment of R469. This is an additional buffer that we include in case |of undeclared expenses." When the Thomsons queried the deal, and informed the company that Mlilo was married with six children, the deal was converted to a cash transaction, and Mlilo, with help from the Thomsons, only ended up paying the cash price of the bed, plus the delivery charge. Kruger pointed out that the JD Group did not charge the maximum fees and rates laid down by the National Credit Act (NCA). He concluded: "Given the current regulatory focus on consumer affordability and reckless lending, we are currently refreshing all our NCA training, with specific focus on affordability calculations." Good to hear. Without the help of the Thomsons, that bed debt would have gone on to attract interest and debt collectors' fees, spelling certain financial ruin for Mlilo. Dependents or not, shared living expenses or not, R469 out of a R980 monthly income is a disproportionate amount |to pay off a bed purchase, one that was padded with interest and all manner of extra costs. Life and goods insurance alone totalled R2 250. "No matter what they say they did, William could not afford this debt, and a very simple, two-minute discussion with him would have highlighted it to any reasonable person," Judy Thomson maintains. "It should have been very apparent that there was no way he understood what he was signing." Affordability calculations aren't the only aspect of the lower end of the furniture business in need of refreshment, in my view. Those massive extras need to be done away with in some cases - extended warranties on beds, for starters - or at least severely trimmed, in the case of the insurances. And there should be extraordinary procedures in place for dealing with illiterate consumers. As does my commitment to the view that Gardner and the rest of us have a right to know. THE first thing I asked Durban personal assistant Sue Gardner when she told me that fraudsters had whipped almost R20 000 out of her bank account was: "Do you remember clicking on a link in an e-mail that you thought was sent by your bank?" It's the question I ask all those who approach me about the same predicament. In all previous cases, excluding those involving bank card skimming and the like, it has turned out that, yes, they clicked on the e-mail link in order to "update their security", as instructed by the e-mail, and provided their bank details, including their PIN. And thus they'd unwittingly provided not their bank, but a fraudster, with the means to transfer money out of their account. Well, almost. In order to ensure that the bank sends the one-time password (OTP) needed to do an electronic funds transfer to them, not the genuine account holder, they hijack the victim's cellphone by doing a SIM card swop, with the help of an accomplice working for a cellphone network. And so it was in Gardner's case. If someone is found to have responded to a phishing e-mail, the banks take no responsibility for their loss, as they are deemed to have compromised their own security. Of course, such crimes can't be committed without the fraudster also obtaining the OTP, via cellphone, and that remains a thorny issue. Gardner was adamant that not only had she not responded to any of the many phishing e-mails she'd received, but that no one could have used her computer in order to do so. She lives alone and has no computer at home, nor does |she have a smartphone on which to do banking. She did her internet banking on her work PC, in one quick session at about 7.30am when no one else was around, and in any event, she has a semi-enclosed office tucked away in the corner of an open-plan office. The first Gardner knew of any suspicious activity on her account was when she got a call from a bank employee at work on the morning of October 11, to say that her account had been blocked as the bank suspected that fraudulent withdrawals had been made. To cut a long story short, money had been transferred from her credit card account into her cheque account, and then two withdrawals of just under R10 000 each made from that account into a Capitec account. Interestingly, on Gardner's bank statement, the words "ABSA Bank Wages" appears next to one withdrawal, and "ABSA Bank Contract" next to the other. With Gardner being told she was responsible for paying off that R20 000 credit card debt, she approached me for help. Given her circumstances, and her complete confidence that she hadn't responded to a phishing e-mail, I suggested to Trevor van de Ven, communications manager for Absa's digital channels and payments, that the bank conduct a forensic investigation. He got back to me with the good news: "Our fraud team will provide for a full, independent forensic analysis of Mrs Gardner's devices that she used to access her internet banking." In this case there was just one device - the PC she uses at work - to analyse. An independent investigator duly flew down from Johannesburg in midNovember, and visited Gardner at her workplace, taking full control of her PC. Gardner was sent the resultant report in mid-December, which she forwarded to me. I was delighted to see the following sentence in that report: "No evidence was found on the desktop computer indicating that a phishing website was accessed from the desktop computer." Then this: "An unknown device that connected to the internet banking service for (Gardner's account) on August 23 which could not be matched to the desktop computer (was) investigated. "A device configured with a Windows 7 operating system using Internet Explorer 7 and connecting through a Telkom internet service provider was identified, which was not submitted for analysis. "Our investigation remains inconclusive until all devices have been identified and submitted for analysis." Then I began asking Absa for a response. What did the report mean? How did Gardner, who only ever used that one PC for her internet banking, compromise her banking details? How, exactly, was the fraud committed? Gardner was never told, and nor was I. All Van de Ven would say was: "The case has been final-ised and an amicable outcome reached between the two parties. We are committed to respecting the confidentiality of the agreement." It was Absa which insisted that the settlement be confidential. Gardner remains in the dark about what she did wrong, if anything, and has lost confidence in internet banking as a result. She's not willing to take the risk of it happening again, so she now pays her creditors the old-fashioned way - in person. I pleaded with Van de Ven to provide the answers. "With respect," I wrote, "this is a matter of public interest. Absa is the entity insisting on the confidentiality of that agreement, not Sue Gardner. "Over the years, I have been told by various banks, and by Clive Pillay, the Banking Ombudsman, that there has never been a case of such fraud having been committed without the account holder having been found to have compromised their banking details by responding to a phishing e-mail," I said. Gardner claimed that she did not respond to a phishing |e-mail and the investigators could find no evidence that she had done so. "So clearly the fraudsters got her account number and PIN in some other way, and she doesn't know how." The refusal to reveal exactly how her bank details were obtained in order for her funds to be accessed via that "unknown device" leaves Gardner, Absa account holders and potentially those of other banks, too, feeling vulnerable, I argued. "I urge you to reconsider your standpoint." His response: "Our commitment to the confidentiality |still stands." DON'T BE FOOLED Daily News (c) 2014 Independent Newspapers (Pty) Limited. All rights strictly reserved. Provided by Syndigate.info, an Albawaba.com company |