A routine trip to deposit coins turned into a nightmarish experience for a Singaporean couple at OCBC’s Northpoint City branch, raising serious concerns about the bank’s system safeguards and customer support.
On what was meant to be a straightforward visit to the self-service coin deposit machine, the machine appeared unoccupied when the user approached. The screen was showing the welcome menu, prompting a selection of services. Assuming all was in order, the man selected the coin deposit option and began feeding coins into the machine.
The trouble began after the deposit hit the system’s maximum limit. Instead of prompting him to insert his ATM card or input his account details, the machine bypassed the expected verification step and issued a receipt showing that the money had been credited to someone else’s account—a complete stranger.
Disturbed by the unexpected outcome, the user flagged the nearby security guard for assistance. Despite being outside of regular banking hours, staff were still present behind the counters, though none came forward to help. The security guard explained that the incident likely occurred because the previous user had not properly exited the session, and claimed this was a “common” occurrence.
Naturally alarmed, the man’s wife immediately contacted the OCBC hotline, providing all relevant details: transaction number, machine number, their own account number, and more. A bank representative took down the information and promised to follow up. But when they called back roughly 30 minutes later, their response left the couple stunned — OCBC claimed they could not do anything, and advised them to lodge a police report instead.
Left with no other recourse, the wife did exactly that, and they now await updates from the Singapore Police Force.
This frustrating encounter has sparked several troubling questions about OCBC’s system and response:
Why Was the Previous User Still Logged In?
How could a banking machine continue a session even after the prior user had supposedly removed their card? Isn’t card removal supposed to terminate the session automatically to prevent exactly this type of mix-up?
Why Can’t the Bank Intervene Immediately?
The affected customer reported the incident immediately, yet the bank refused to take swift action to freeze the transaction or reverse it. In this digital age, where banks tout instant transfers and advanced fraud prevention, why is basic remediation not possible in such clear-cut cases?
Why Must the Burden Be on the Victim?
OCBC’s instruction to “make a police report” rather than taking ownership of the technical loophole adds salt to the wound. Shouldn’t the bank proactively contact the unintended recipient, confirm the situation, and act accordingly?
Is This a Known Glitch — Or a Loophole?
Most concerning of all is the guard’s admission that this issue is common. If so, why hasn’t it been fixed? If it is possible for someone to “accidentally” leave their session open and trap the next depositor, is this a loophole ripe for abuse?
In a country like Singapore that prides itself on efficiency and trust in financial systems, this experience raises alarm bells. If major banks like OCBC are not equipped to deal with such scenarios promptly and effectively, it leaves the door open for accidental loss — or worse, deliberate exploitation.
The affected couple awaits further updates from the authorities. But this experience serves as a harsh reminder: even with automated systems, vigilance is critical — and clearly, banks have a long way to go in ensuring real accountability.