The Monetary Authority of Singapore (MAS) has asked banks to assess and implement customer authentication mechanisms that are more resistant to both phishing and malware attacks, taking into account the needs of seniors with limited digital literacy.
These measures, when well developed, could be considered for inclusion in the Shared Responsibility Framework (SRF), which prescribes a set of anti-scam duties for financial institutions (FIs) and telecommunication companies (Telcos).
Minister of State for Trade and Industry and MAS’ Board Member Alvin Tan shared this in a parliamentary reply about the SRF.
The SRF was proposed by the MAS in October 2023 as part of a broader suite of measures to protect consumers from phishing scams. Under the SRF, FIs and telcos would be held directly accountable to consumers for any scam losses that occur due to a breach of their defined duties.
Besides assigning accountability for scam losses, the full implementation of safeguards by FIs and telcos should “materially reduce the risk of phishing scams in the first instance”.
The number of phishing scams has continued to rise in the first half of this year compared to the previous period, but has declined as a proportion of total scam cases from 17% to 13%. The average loss per phishing scam has also declined by 20% over the same period.
Tan added,
“Based on data collected by the Police, MAS estimates there were about 15,000 phishing scam cases from 2021 to mid-2023, with an average loss per case of about $3,900.
We do not have data on the number of phishing scams that involve potential breaches of duties by FIs. But such data will be tracked under the SRF going forward.”
He also noted that besides the SRF, banks also have discretionary goodwill payment frameworks for their scam victims. Depending on the circumstances of each scam case, the sophistication of the scam typology, and the consumer’s financial situation, banks have covered part or all of the losses incurred by scam victims.
Tan concluded,
“MAS has leaned on the banks to be even more accommodative in applying their goodwill payment frameworks.
These goodwill frameworks complement the SRF which is intended to strengthen the direct accountability of FIs and telcos to consumers when they have breached their defined duties.”