Representatives of two of the Philippines' biggest banks, BPI and BDO Unibank, on Wednesday reassured a hearing of the Senate committee on banks, financial institutions, and currencies that they have addressed recent failures that saw a 26 hour system shutdown at BPI and a spate of ATM compromises at BDO.
Earlier this month an internal data processing error at BPI caused account balances to seemingly inflate, lose money or become negative. After first acknowledging the customer issues the bank later issued a statement to clarify that "transactions occurring between April 27 and May 2" were "double-posted as of June 6" affecting 1.5 million of the bank's 8 million clients.
After identifying the root cause of this error, it temporarily suspended access to electronic channels for more than a day to allow for rectification.
At the Senate hearing Ramon Jocson, BPI executive president and head of the Enterprise Services Group, told the panel that the programmer owned up to her mistake and had been transferred to another area. He also reassured the panel that their investigation had confirmed that the programmer had no links to external syndicates or groups.
The bank also told the panel that the mistake had occurred as the bank is in the middle of upgrading its deposit system from end-of-day batch to 24/7 processing, which it hoped to complete by the end of this year. To help avoid such significant outages in future it also said it plans to look at its recovery processes and implement more restore points.
Representatives of BDO Unibank were called by the Senate to report on a recent spate of ATM skimming attacks that affected its customers and was reported in local media. They told the panel that the numbers were not significant and clients were reimbursed after an investigation.
The bank claims the issue will be addressed by the shift to the Europay Mastercard Visa (EMV) technology and away from old masgtripes on all its issued cards, which it will complete by the end of the year.
The Philippines central bank (BSP) has been putting pressure on all local banks to complete the EMV migration. As of April, there were still seven banks that had not completed the migration and missed the original January deadline. This was extended until the end of 2017, after which the BSP said it would consider hard sanctions.