The Monetary Authority of Singapore (MAS) updated that banks in Singapore have substantially implemented additional measures to bolster the security of digital banking announced on 19 January 2022. The measures, taken together, provide a significant added layer of security to protect customers’ funds. MAS is working with the industry to evaluate longer-term measures to be implemented in the coming months, as well as to develop a framework for equitable sharing of losses arising from scams.
The Payments Council, chaired by MAS, has been working since July 2021 on a framework that aims to provide clarity on how losses arising from scams are to be shared among consumers and financial institutions.
Under the framework, all parties have responsibilities to be vigilant and to take precautions against scams. Financial institutions have the responsibility to protect their customers, such as through robust controls to safeguard customer accounts, and effective measures to detect and respond to suspicious transactions.
Customers have the responsibility to take necessary precautions, especially by never giving away personal or banking credentials to anyone, never clicking on links in SMSes or emails which are claimed to be sent by a bank, and transacting only through the bank’s official website or mobile application.
The proportion of losses each party bears will depend on whether and how the party has fallen short of its responsibilities. MAS expects financial institutions to treat their customers fairly and bear an appropriate proportion of losses arising from scams. At the same time, care must be taken to ensure that compensation paid to customers does not weaken their incentive for all to be vigilant.
OCBC’s recent goodwill payouts to fully cover customer losses were a one-off gesture by the bank in the circumstances, which included the bank’s consideration of how it had not met its own expectations of customer service and response. They do not set a general precedent for future cases.
MAS aims to publish the framework for public consultation within the next three months. Other than the sharing of losses, the consultation will also cover the responsibilities of other key parties in the ecosystem.
Customers are urged to exercise greater vigilance and adhere to the following digital safety practices: Never click on links provided in SMSes or emails claimed to be sent by banks. Never disclose internet banking credentials or passwords to anyone, including persons claiming to be from banks or government agencies. Verify SMSes or emails received by calling the bank directly on the hotline listed on its official website. Transact only on the bank’s official website, or through the bank’s official mobile application. Closely monitor transaction notifications received from the bank so that any unauthorised payments are reported as soon as possible to increase the chances of recovery. Keep your devices updated with the latest security patches and anti-virus software.
Re-disseminated by The Asian Banker