February 10, 2012

February 9, 2012, 9:05 pmInvestment Banking

Users of Citibank Bill-Pay App Charged Twice

By BEN PROTESS

Victor J. Blue/Bloomberg NewsA program error at Citibank was not detected for months.

Citigroup’s effort to become “the world’s digital bank” has encountered a snag.

A technical bug caused Citi, the nation’s fourth largest bank by deposits, to double the charge for customer payments in recent months. Some customers using their iPads to settle their cable bill or mortgage payment, for example, actually paid twice, according to customers and a bank official.

The problem, which began in July but went undetected by the bank until December, prompted bogus payments big and small. Some customers quickly spotted the redundant transaction and complained to Citi, while other consumers were caught off guard when the bank recently notified them of the discrepancy. The snag even led some unsuspecting customers to overdraw their accounts, though a bank spokesman said that was rare.

Citi has traced the error to its nascent iPad application. Other mobile applications and the bank’s broader online bill payment system were immune from the problem, the bank said.

But a few clients who were charged twice said they had not used an iPad to pay bills. And the Citi spokesman declined to disclose the number of customers caught up in the mishap, saying only that it amounted to “a limited number of clients.”

Instead, the spokesman said that fewer than 2 percent of Citibank transactions executed through an iPad were counted twice. The spokesman would not elaborate on the number of iPad transactions at Citi, citing concerns about releasing proprietary data.

The spokesman, Andrew Brent, said the bank had “immediately fixed the technical issue” once it was detected and moved to reimburse customers. The bank also vowed to replenish any fees that customers incurred because of the extra charge, refund lost interest and dole out a modest amount of points for its rewards program, called ThankYou, as an apologetic gesture.

“We take seriously the functionality of our products and services as well as the satisfaction of our clients,” Mr. Brent said in a statement.

While Citi may be the first company to stumble with the iPad, it is far from the only bank to encounter electronic hiccups. Customers have long been befuddled by accidental A.T.M. withdrawals and so-called transaction gaps, where a customer pays online but the transaction fails to process. A number of regional banks have also double-dipped with customer payments and even JPMorgan Chase, the nation’s biggest bank, recently had a minor brush with duplicate online withdrawals.

The mishaps, while minor, underscore the risks that customers face when banks wade into the fledgling world of online banking. While banks are scrambling to please customers who prefer clicking a mouse to dealing with tellers, the industry is learning that new technologies come with some growing pains.

“It’s a challenge for banks to keep up with the device proliferation — everything is moving very fast,” said David Albertazzi, a senior analyst with Aite Group, which advises financial institutions on technology and regulatory issues. “It is very important that financial institutions balance speed-to-market versus safety and soundness.”

Most banks, Mr. Albertazzi said, employ special software to pinpoint dubious payments. When something goes awry, the banks are usually quick to sound the alarms to consumers.

Last year, JPMorgan Chase owned up to its gaffe, a technical hitch with an online cash transfer system, within a day. “People make mistakes. Unfortunately, we made one twice,” Ryan McInerney, Chase’s chief executive of consumer banking, told customers, who received a $25 cash bonus for their troubles.

Citi’s response, however, appears to have been not nearly as prompt. The error began in July, within days of the bank introducing its gleaming new iPad application. The coming-out for the application included a press release announcing the “new standard for digital banking” with a “one-of-a-kind app.”

Analysts praised its features that allow customers to plan cash outflow and analyze spending habits.

“EBusiness professionals at retail banks — and other financial institutions — should pay close attention to what Citibank has done, particularly its willingness to experiment and try out new ideas in a brand-new channel,” Forrester Research, a technology research company, said in a report.

But almost immediately, a smattering of anonymous customers began posting concerned comments online, wondering whether it was their own fault — the product of double-clicking. Then fingers began to be pointed at the bank. One online commenter posting on the company’s Apple store Web site called the application “very unreliable.”

In late December, the bank tracked the error to an internal flaw. A technical command on the bank’s iPad application, it turned out, was wrongly set to redo transactions that had initially failed.

The bank began alerting customers to the snag in mid-January, and made another round of calls this week, including to clients who say they had not paid their bills through the iPad.

Apple, which provides companies with guidelines for using its products, did not respond to a request for comment.

Citi has had other technology problems in the last year. Last summer, the bank disclosed that hackers had stolen the names and addresses of hundreds of thousands of North American credit card customers. A week later, the bank revised its estimates, saying that about 80 percent more customers had been ensnared than previously thought.

The breach, which did not include Social Security numbers or security codes, was a lesson for Wall Street firms. Big banks, experts say, are now more reluctant to estimate the scope of a problem in case the numbers grow.

“It’s very challenging to really pinpoint the number of customers affected,” Mr. Albertazzi said. “It’s the nature of the beast.”

My Comments: This article speaks directly to what we learn about in Chapter 6. Sometimes it’s a great thing for a company to begin to expand it’s business online but only if it’s going to be secure. Citibank is now forced to deal with figuring out transactions and paying back customers who were accidently charged twice.  As stated in the article, “The mishaps, while minor, underscore the risks that customers face when banks wade into the fledgling world of online banking. While banks are scrambling to please customers who prefer clicking a mouse to dealing with tellers, the industry is learning that new technologies come with some growing pains.” If customers want fast, online, convenient service they have to realize that this service doesn’t come without risk of damages, at least for now.