News
Analytics
Double Charges, Weak Answers: Azerbaijan’s Banking System Faces a Trust Crisis

photo: Azerbaijan.az

Double Charges, Weak Answers: Azerbaijan’s Banking System Faces a Trust Crisis

25 Jun, 09:01
Analytics

The repeated debiting of funds from the cards of customers of Azerbaijani banks on June 24 cannot be treated as an ordinary technical malfunction. Formally, the incident was explained by technical reasons, not by a cyberattack or fraud. But for customers who suddenly saw additional charges on their accounts, this is little consolation.

In a digital banking system, trust is built not only on the fact that money is eventually returned. It is built on confidence that money will not disappear without a clear explanation and that if an error does occur, the bank will immediately take responsibility before the customer.

On June 24, some customers of banks connected to the Azericard system faced repeated debiting of funds from their accounts. Public reports and user complaints mentioned ABB, Rabitəbank, AccessBank, Expressbank and other banks. Some banks sent customers notifications about technical difficulties and additional debiting of funds. The Central Bank of Azerbaijan later stated that the incident was not linked to a cyberattack or fraudulent activity and had occurred for technical reasons. Azericard explained the situation as duplicate transactions that emerged during the processing of interbank settlement files, adding that the repeated operations were being cancelled and accounts were gradually being restored.

Latest News & Breaking Stories | Stay Updated with Caspianpost.com - Double Charges, Weak Answers: Azerbaijan’s Banking System Faces a Trust Crisis

photo: getty images

These explanations are important because they help distinguish a technical failure from a criminal scenario. But they do not answer the main question: why should a customer end up in a situation where their money is temporarily debited twice, while clear public instructions are not provided immediately?

For the banking sector, this is not only a technological issue, but also a matter of responsibility. A customer is not obliged to understand exactly where the failure occurred at the bank, at the processing center, during the handling of settlement files, or at the level of a third-party technical provider. The customer opens an account with the bank, receives a card from the bank, uses the bank’s mobile application and entrusts the bank with their money. Therefore, for the customer, the bank is the first line of responsibility.

When banks and processing structures begin explaining the problem in technical language, while the regulator limits itself to saying that it was not a cyberattack, there is a risk that responsibility becomes blurred. A bank may refer to the processing center, the processing center may refer to a technical cause, and the regulator may point to the absence of an information security threat. But the customer does not need a circle of mutual explanations. The customer needs one clear answer: what happened, when the money will be returned, whether an application must be submitted, what to do in the case of a negative balance, and whether compensation is envisaged if the person suffered real damage because of the error.

What makes the current case particularly worrying is that it did not occur in an empty information field. In recent years, Azerbaijan has already seen signals of problems in its card and digital payment infrastructure.

In April 2022, media outlets wrote about problems with the use of bank cards. It was reported that in some cases citizens were unable to withdraw money from ATMs or pay for purchases through POS terminals. At the time, representatives of the banking sector said there was no serious systemic problem and that individual technical difficulties could occur in any country. But even then, an important point was raised: if a bank carries out technical work or faces disruptions, customers must be warned in advance.

In January 2024, a major Azericard outage was reported. According to media reports, due to a problem at the processing center, customers of banks connected to the system faced restrictions when using ATMs, POS terminals and mobile applications. The problems affected not only banking operations, but also related services. Azericard then confirmed the difficulties and said work was underway to resolve them.

In 2025, problems with bank cards again entered the public debate. Media outlets wrote about citizens’ complaints regarding unauthorized debits, failures in mobile banking applications, fraud and declining service quality. The Azerbaijan Banks Association at the time reminded the sector of the need for two-factor authentication, anti-fraud systems and protection of personal data. This was no longer a story about a single failure, but a signal that the growth of digital payments must be accompanied not only by convenient applications, but also by stricter standards of security and communication.

In 2026, separate problems also appeared in the field of transport payments. In April, media outlets reported passenger complaints about debits and restrictions when paying with bank cards on public transport. Representatives of the system explained this by the mechanism of delayed authorization, under which a trip is recorded immediately, while the actual debit may take place later. Experts noted that the delay between the transport system and the banking infrastructure creates financial uncertainty for users. On June 17, a short-term technical malfunction was also reported in bus validators, causing temporary difficulties with payments using BakıKart, bank cards and other contactless means.

Each of these episodes can be explained separately. In 2022, as isolated technical difficulties. In 2024, as a processing center outage. In 2025, as a rise in fraud and complaints about cards. In 2026, as the specifics of transport payments and temporary technical disruptions. But taken together, they form a more serious picture: digital payment infrastructure has become part of everyday life, while standards of public accountability and customer communication are lagging behind the pace of digitalization.

This is why the June 24 incident cannot be closed with the phrase “the technical failure has been resolved.” For the customer, it is not only the final return of funds that matters. The first minutes and hours after the problem are also critical. Did the customer receive a push notification? Did an explanation appear in the mobile application? Was a hotline opened? Did the bank say what to do if the balance went negative? Did the bank explain whether penalties, commissions or overdue payments would be cancelled if, because of the erroneous debit, the customer was unable to make another payment?

In the financial sector, reaction time matters enormously. When a person sees that money has been debited from their card, they will not wait for an official press release in the evening. They will open social media, write to the bank, call friends and start searching for similar complaints. If at that moment the bank remains silent or responds with a generic phrase, the vacuum is filled with panic, rumors and mistrust.

The social dimension of the problem must also not be ignored. For some, an erroneous debit is an unpleasant episode. For others, it may mean being unable to pay for groceries, medicine, a taxi, utilities or an urgent payment. If the balance goes negative or the card temporarily becomes unusable for payments, the person is effectively restricted from accessing their own funds. This is no longer just a technical error in a settlement file. It is a consumer rights protection issue.

That is why the banking sector must answer several uncomfortable questions.

How many customers were affected? What was the total amount debited twice? Which banks faced the problem? Have all funds been returned? Were there cases of negative balances? Did customers receive individual notifications? Why was there no unified public message immediately after the first complaints appeared? What measures have been taken to prevent this from happening again? Will a technical report be published?

The Central Bank must also go beyond the formula that “this was not a cyberattack.” Yes, this is an important clarification. But it does not exhaust the problem. If repeated debits occur in the system, the regulator must assess not only information security, but also the quality of operational risk management, the speed of fund returns, customer protection, and the transparency of banks and processing centers.

The financial market cannot demand that citizens fully switch to cashless payments if, during failures, those same citizens are left in uncertainty. The digitalization of banking services is not only about convenient applications, QR codes, NFC, Apple Pay, Google Pay, one-click transfers and polished advertising campaigns. It is also about the obligation to provide a clear mechanism for protecting customers when something goes wrong.

Banks need to develop a unified crisis response standard. In the event of a mass technical failure, the customer must receive an operational notification through the application, SMS or push message. Bank websites and social media pages must publish equally clear explanations: what happened, which operations were affected, whether the customer needs to do anything, when the funds will be returned and where to apply. After the problem is resolved, a brief report with conclusions should be published.

Otherwise, every new failure will be perceived not as a technical accident, but as a sign of systemic weakness. The banking system may be technologically complex, but for the customer its logic must be simple: my money is protected, my bank is accountable to me, and in the event of an error I will not be left alone with the problem.

The June 24 incident became a test of maturity for Azerbaijan’s banking system. A test for banks of their readiness to take responsibility. A test for the processing infrastructure of its resilience. A test for the regulator of its ability to demand transparency. And a test for the entire market of its understanding that trust in the financial sector is lost not when an error occurs, but when the customer does not understand who is responsible for that error.

Even if all erroneously debited funds have been returned, that is not enough. Returning the money is the minimum. What must follow are public conclusions, a clear explanation and new rules for responding to such incidents. Without this, the next technical failure may become not merely a problem of bank cards, but a full-scale crisis of trust in digital payments in the country.

By Samir Muradov

Share on social media