Probably not really a topic for this forum, but....
When I first came to the UK many years ago I was amazed at how backwards the banking system was...it would take a week to send money overseas and 3 or 4 days to send money to another person....it took many years but finally they got the Faster Payment System which allows people to put money in someone else's account pretty much instantly....however I am still amazed at how many individuals and businesses are reluctant to give their account number and sort code out so you can pay them....why is this??
...however I am still amazed at how many individuals and businesses are reluctant to give their account number and sort code out so you can pay them....why is this??
Because there is always the danger that the other person may "pull" money from your account by direct debit once they have your name and account information. It's the easiest thing of the world. Collect as many bank account data as you can (the usual trick is to transfer one cent or penny to an account to check if it's still valid), then, on Thursday evening debit 1000 Euros or Pounds to each, go to your bank on Friday morning, collect your booty in cash and take the first flight to the Seychelles or any other country that does not extradite for fraud. If money has been debited from your account you will only get it back if it is still there.
OK...so should I black out my bank details (which are written on the bottom) when I send someone a cheque? (because they won't accept direct transfers)...it gets pretty silly....it would be a crap system if all you needed was an account number (and name presumably) to steal someone's money...and I'm sure if it was that unsafe it would be shut down by now...And cheques would not have the details on them...and therefore be useless
If someone fraudulently withdraws money from your account then it is not your problem. Giving them your account and sort code is not like giving them your pin number.
Right....and the only mechanism I can think of is a Direct Debit...but only regulated companies (SUN) can receive money this way and then there is the Direct Debit guarantee...so you would get your money back if taken fraudulently...but as What Next demonstrates, the irrational fear is out there and thriving
The obvious answer is that some largish European countries behave, well, you know.
As another example consider the French using their cheques all over. Is there any other reason than avoiding VAT?
I first started using Internet banking in 1990. Haven't done it any other way since.
however I am still amazed at how many individuals and businesses are reluctant to give their account number and sort code out so you can pay them....why is this??
Probably several reasons...
One is UK's historical reliance on cheques for business payments. It is only in the last few years that this started to change in a big way.
I suspect the shift was triggered by increased bank charges for cheques (loss of free banking on business accounts kept in credit, due to today's vanishing interest rates, basically) versus lower bank charges for online payments, coupled with the increasing theft of letters by gangs operating within Royal Mail. Plus postal charges have been going up at an amazing rate...
Also, online payments became practical (for small firms and persons) only with the internet, and this has become accepted in business only within the past 5 years or so.
And even then many UK banks make online payments a painful process. Theis systems are designed mostly by complete idiots (parallels with some aspects of airports and aviation perhaps? 
) who have assumed that everybody's PC is totally compromised by some virus. This is true for many people but most banks have not applied any intelligence to it. I am with one bank which required the use of the stupid card reader (plus PIN) for any payment, rather than engaging their brain and requiring the card reader only for setting up a new payee. They got a torrent of complaints and after about a year were pushed to implement the "sensible" option. I also run my Mum's finances (she is in a care home) and Barclays make online payments so complicated (starting with a 12-digit login number which I basically have to copy/paste from somewhere, etc) that it is easier for me to write a cheque and an envelope. I could go on and on about UK bank stupidity...
Another thing: it's only in recent years that if you changed your bank, there was an automated process for transferring DDs. Previously, you had to do it all manually, which was a big disincentive to using online payments, whereas with cheques you don't have that problem.
Because there is always the danger that the other person may "pull" money from your account by direct debit once they have your name and account information
I have often wondered about that, but e.g. German companies routinely list their bank account details (often 5-10 of them!) on their letterhead.
I know for a fact that you can have money taken out without you actually signing a DD mandate. A few years ago Citibank paid somebody else's mortgage out of my account, until I noticed it... They refunded the money and gave me £100 compensation I am not with them anymore but that's because they were blocking some foreign payments I was trying to make because my surname appeared on a U.S. Govt list of known terrorists and Citibank London were asked by the USA to check any payments against that list!
However the above was a mistake within Citibank, and I doubt some random new person could take money out of somebody's bank account without "somebody" within Citibank looking up your DD mandates. Someone could probably still do it by setting up a business whose name approximates the name of one of your previously configured DD mandates, however. You would have to know the target, plan it carefully and do one large hit and then leg it.
I agree the risk is with the bank but that won't help you if you take a very large hit which causes payments to bounce and makes your company look like it's going bust. UK's credit reference agencies are also run by idiots. Not long ago, Experian published a report saying my business had a large chance of going bust within the next 12 months. The report was bogus because it was based on extrapolating nonexistent company data (my company files only abbreviated accounts). I tried to contact them about it but they do not enter into communication with businesses unless they first receive a payment of £70. Yeah, you read that right! I did eventually sort it, but not until we were refused a credit account with one large supplier who (stupidly) relied solely on Experian's reports for their due diligence. That was sorted out later as well but all took a few days of my time.
So we do not put our bank details on our correspondence. We freely give it to known customers, of course
And we are now in the process of dumping one bank (Bank of Scotland) and moving to HSBC, largely because BoS was repeatedly screwing up foreign payments, sometimes "losing" them and then duplicating them. HSBC offers a good process for making foreign payments, online.
However, foreign payments remain expensive. I don't think we can pay anybody outside the UK for less than £6, and often it reaches something like £15, and that is paying just our half of the charges. My personal bank charges about £20 minimum. This is a particular irritation if I don't pay the landing fee at some foreign airport (nobody there, and they say "it's OK, we will send you the invoice") and the invoice offers a bank transfer as the only means of payment. No credit / debit card option is of course also idiotic...
only regulated companies (SUN) can receive money this way
That may be true but in the UK it means very little. It's very easy to set yourself up to receive DD payments nowadays. And the internal safeguards are poor; that much is obvious from the DD mandate one has to fill in.
Paypal makes online payments trivial like nobody else, but if you (as a trader) receive payments via Paypal you are vulnerable to being scammed. It's also not a viable "bank".
Because there is always the danger that the other person may "pull" money from your account by direct debit once they have your name and account information
Same as with credit cards.
I make three or four trips to Europe a year, and about once a year my credit cards get fraudulent charges from European sources after I return. Most recently was, ummm, today... Which is annoying because I just changed my credit card number a month ago due to attempted fraud.
I was apparently once a fee-paying applicant to a Swiss university... after using my ATM card at a Swiss petrol station once because I was out of cash. It took a month or so to get that reversed. The latest trend is apparently very small withdrawals from large numbers of accounts. Today's is $4.62, had it for a similarly small amount a year ago.
It's getting to be a pain, motivating me to move to cash. And yes, VAT avoidance is another big reason to go with cash to individuals. Almost everything I do with locals in Germany is done that way.
Reportedly, small CC transactions are used to check whether the card "works" and then you follow it up with a big hit. It's trivial to auto-generate valid CC numbers (the formula is public) and then you have a guess at the expiry date (not many possibilities) and if you do this a lot (millions of cards) you will get some right PIN #s too.
However, there should be a huge difference in the difficulty of raiding somebody's CC and raiding somebody's bank account.
There's very easy way for protecting everything known for at least 10-15 years: - for physical cards (credit & debit) - EMV (chip & PIN) - for online banking and using cards online - two-factor authentication
However, banks are reluctant and slow (especially US) in implementation because they estimate fraud loss is less than cost of improving security.
