For over eleven years, our relationship with our ‘Spanish’ bank was entirely uneventful. Which, truthfully, is exactly what most people want from a bank. Money came in, bills went out, suppliers were paid, subscriptions processed, and life carried on quietly in the background while we focused on the day to day business of producing iScot.
There were no suspicious international transactions. No hidden offshore structures. No flashing red warning lights. Every penny moving through our accounts was electronically traceable and entirely routine for a small Scottish publishing business.
Then, out of nowhere, we found ourselves trapped inside a bureaucratic nightmare that consumed more than a year of our lives and very nearly finished the magazine altogether.
It began under the now familiar banner of “KYC” — Know Your Customer. On paper, the principle sounds entirely sensible. Banks are required to carry out anti-money laundering checks and understand who their customers are. The saw every single penny in and out over 11 years – what more do they need?
The trouble starts when common sense leaves the room and machines begin talking only to other machines.
Somewhere deep inside the system, our business had been assigned completely incorrect SIC — Standard Industrial Classification — codes. Instead of identifying us as a magazine publisher, the bank’s records categorised us as both a charity and a financial services operation authorised to provide financial advice.
Even writing that sentence still feels absurd.
We produce articles and magazines. We do not operate charitable trusts or advise people on pensions and investments.
We’re a magazine.
I pointed this out repeatedly. Calmly at first, then increasingly desperately as the months dragged on.
“You’ve got the wrong business,” I kept explaining. “Surely somebody can simply correct the data?”
Naively, I assumed one human being somewhere inside the organisation would look at eleven years of perfectly ordinary publishing transactions and immediately recognise the mistake. Subscription income, printing costs, advertising invoices, distribution payments, everything visible and entirely explainable.
Instead, the flawed data became gospel truth.
Because the bank’s records now labelled us “high risk,” the forms we were ordered to complete became progressively more surreal. We were asked to provide information suited to multinational financial institutions rather than a Scottish current affairs magazine operating on a tight independent budget. “ Where did the money come from 12 years ago to start the business” eh? Then, the system demanded details relating to our “Director of Money Laundering Reporting.”
I remember staring at the screen wondering whether somebody, somewhere, had mistaken us for HSBC.
The forms requested foreign exchange activity we did not conduct, compliance structures we did not possess, and layers of corporate governance entirely disconnected from the reality of a small publishing company trying to get each issue to the printers on time.
Still, we answered everything honestly.
And that, strangely enough, appeared to become the problem.
Because our truthful answers did not align with the assumptions already sitting inside the system, the machine effectively rejected reality itself.
What made matters even more extraordinary was discovering that the KYC review team were not ordinary bank employees at all, but external consultants operating on the bank’s behalf. Every attempt to explain the mismatch produced the same sterile response:
“We cannot coach you on how to answer the forms.”
“We cannot advise you what to put.”
“Please review the documentation and ensure it is completed fully and correctly.”
That phrase — fully and correctly — became almost comical after a while. The forms themselves were fundamentally incorrect, yet we were being judged on our ability to force reality into boxes that had nothing whatsoever to do with our business.
Then came the account restrictions.
Funds became inaccessible while reviews dragged on endlessly in the background. Nobody could explain timelines. Nobody could explain precisely what was wrong. Nobody appeared to possess the authority to simply say: “This is clearly nonsense. Let’s fix it.”
And this is where the story moves from frustrating into genuinely unsettling.
Because banks are not ordinary companies.
The entire banking system depends upon trust.
Customers trust that the information held about them is accurate. They trust that serious actions affecting their livelihoods are based on verified facts. Yet in our case, two profoundly serious falsehoods entered the system and were externally communicated as established fact — and to this day nobody has properly explained how either happened.
The first falsehood was the incorrect SIC classification itself. That single error triggered everything which followed: the high-risk designation, the compliance spiral, the account restrictions, and the reputational strain placed upon our suppliers.
But the second incident was arguably even more alarming.
Near the end of March, we received formal correspondence stating that the bank had been informed by Companies House that we were dissolving the business, and that they intended to object because of the remaining Bounce Back Loan balance.
The only problem was this:
Companies House had issued no such notification.
None whatsoever.
We had not filed dissolution paperwork. We were actively fighting to keep the magazine alive, not winding it up. Yet somehow a completely fabricated narrative entered the banking system and was presented back to us as verified reality.
How does that happen inside a major financial institution?
Nobody could explain it.
Eventually, after yet another complaint, the bank admitted there had been a major “communication incident” affecting thousands of business customers nationwide. Some recipients, astonishingly, were sole traders who were not even registered with Companies House in the first place.
By that stage, however, the damage was already done.
And throughout all of this there remained one detail that perfectly encapsulated the imbalance at the centre of the affair.
While our accounts were restricted and the business was enduring enormous operational disruption, the bank continued helping itself to its monthly account fees without interruption.
The Ombudsman’s view, effectively, was that the bank incurred administrative costs associated with managing the restricted account and therefore remained entitled to collect its fees.
What was never meaningfully acknowledged was the immense workload and disruption their actions imposed upon us. The endless phone calls. The repeated document submissions. The hours sitting on hold. The strain on suppliers. The interrupted cash flow. The reputational concerns. The emotional exhaustion.
Apparently, the machine’s workload had value.
Ours did not.
After everything that happened — and let me assure you there are many more examples I have deliberately left out simply because space does not permit them all — perhaps nothing better captures the sheer absurdity of the situation than what unfolded around our Bounce Back Loan repayments.
Having frozen the business account, ( Done without a court order, or any evidence of wrongdoing) the bank then refused to allow the normal automated monthly BBL repayment to leave the account.
Shortly afterwards, threatening default letters began arriving.
Not once.
Several times.
Formal notices warning of missed payments and arrears, despite the fact that the repayments had actually been maintained by me personally from a secondary account simply to protect the business and preserve our payment record.
In other words, the loan was being paid on time.
The money was arriving.
But because the bank had itself blocked the original payment route, its internal systems detected only the failed direct debit attempt — not the successful replacement payments coming from elsewhere.
The machine saw the blockage.
It failed to see the solution.
When I challenged this absurd situation and asked that the threatening letters stop, I was informed they could not be stopped because the system generating them was “automated.” And that I should just ignore the letters.
Just pause on that for a moment.
A customer makes every effort to ensure the debt is paid despite the bank itself creating the obstruction. The payments are successfully made. Yet automated systems continue firing out default threats because one part of the machine cannot communicate properly with another.
What astonished me even further was that the Ombudsman appeared to see nothing fundamentally wrong with this arrangement either.
To ordinary people, repeated threatening letters over a debt that has actually been paid would seem self-evidently unreasonable. Instead, it was treated almost as an unfortunate technical inconvenience rather than what it actually felt like from the receiving end: repeated automated intimidation generated by a system incapable of recognising its own mistakes.
One aspect of this ordeal that genuinely shocked me was the way vulnerability appeared to become meaningless the moment the words “Limited Company” entered the conversation.
I am registered with the bank as a vulnerable customer because I have incurable Stage 4 cancer. The bank knows this. They also know that prolonged stress, endless telephone queues, and repeated administrative conflict are not small inconveniences in my circumstances.
Truthfully, navigating the automated phone systems alone was mentally exhausting. After a while, the whole thing started to feel less like customer service and more like trying to breach the Praetorian Guard just to speak to somebody capable of exercising common sense.
Yet despite having vulnerability formally recorded on the account, the process never appeared to adapt in any meaningful way.
When this was raised during the Ombudsman process, the response left me genuinely stunned.
The Ombudsman acknowledged my illness sympathetically enough, but effectively argued that while my condition was “unfortunate,” a Limited Company itself cannot have cancer.
That remark very nearly had me filling the office swear box in a single sitting.
Because it entirely misses the point.
A company does not answer the phones. A company does not sit awake at three in the morning worrying whether suppliers will lose confidence. Human beings do.
So it raises a reasonable question: what is the purpose of banks asking business customers whether they are vulnerable if that vulnerability has no meaningful impact whatsoever on how the customer is ultimately treated?
The wider context here matters too.
A few years ago, the unnamed Spanish-owned bank at the centre of this story was fined £107.7 million by the Financial Conduct Authority after serious anti-money laundering failings allowed hundreds of millions of pounds linked to criminal activity to move through accounts unchecked.
Against that backdrop, it is not difficult to see why banks have become hypersensitive about compliance and KYC procedures.
But understanding the climate does not excuse reckless overreach.
Nor does it excuse abandoning common sense.
There is also an uncomfortable irony in the fact that the outsourced KYC machinery involved in our case came from the same professional auditing world surrounding the collapse of Carillion, the construction giant which imploded with liabilities of around £7 billion.
In 2023, the Financial Reporting Council fined KPMG £21 million for “exceptional failings” in relation to its Carillion audits, concluding there had been failures to exercise proper professional scepticism and failures to challenge assumptions adequately.
That phrase stayed with me:
Failure to challenge assumptions.
Because that, ultimately, was our experience too.
A flawed assumption entered the system.
Nobody challenged it.
And once embedded inside the machinery, it became almost impossible to remove.
The Ombudsman’s finding of “no further action required” was, as you might expect, formally rejected by me. I simply could not sign off on a conclusion that reduced this experience to little more than a procedurally acceptable inconvenience.
And frankly, after everything that happened, I believe people deserve to hear it.
Were it not for extraordinary patience from suppliers, painful internal cost-cutting, and the support of what I can only describe as a heaven sent guardian angel along the way, iScot may not have survived this experience at all.
So where does all of this leave us?
First and foremost, with gratitude.
I want to sincerely thank every reader, subscriber, supplier, advertiser, and supporter who has stood beside iScot during what has unquestionably been the most painfully difficult period in the magazine’s history.
For that, I also owe readers an apology.
The interruptions to the print schedule and delays to certain editions were never taken lightly. Behind the scenes, however, we were fighting an exhausting administrative battle simply to keep the business functioning under circumstances no small publisher should ever have to endure.
Thankfully, we are now beginning to steady the ship.
Slowly but surely, iScot is getting back onto a more even keel. Supplier relationships are being rebuilt, systems are stabilising, and a sense of normality is gradually returning.
And we are only getting there because of the remarkable loyalty and stalwart support of readers who refused to abandon us when things became difficult.
One final point, for the record.
We are no longer banking with our former Spanish-owned bank.
After everything that unfolded, trust — once broken to that extent — simply could not be rebuilt.
Still, despite everything, iScot remains here.
Still printing.
Still questioning.
Still speaking up.
And perhaps more determined than ever not to let bureaucracy, corporate indifference, or the industrialisation of error have the final word.
If you can, please Show Your Support
