SINGAPORE: The Monetary Authority of Singapore (MAS) is mulling a proposed Shared Responsibility Framework (SRF) that could see financial institutions and telecommunications companies (telcos) share responsibility for losses suffered by consumers to scams.
According to the consultation paper published by the agency on its website, which is open to the public from today until Dec 20, the framework will set out specific anti-scam duties of the companies.
The failure by these companies to fulfil said duties would render them responsible to make payouts to consumers who suffered the scam losses.
“Financial institutions and telcos involved in the digital banking and digital payments ecosystem are answerable to regulators if they fail to implement the necessary anti-scam measures.
“However, there is currently no framework for entities to be directly accountable to consumers who have suffered scam losses due to lapses by the said entities.
“The government recognises that responsibility for preventing scams should not lie solely with consumers but also with industry stakeholders, such as financial institutions and telcos,” MAS said.
The SRF is expected to apply to all “full banks and relevant payment service providers” and “telcos that are mobile network operators”.
MAS said financial institutions hold responsibility as gatekeepers “against the outflow of monies arising from scams”, and must safeguard consumers’ accounts and effectively respond to suspicious transactions.
Telcos, on the other hand, facilitate the sending of SMS texts, which are often used by financial institutions for official communication and to send authorisation access codes such as SMS OTPs, the agency said.
“However, scammers have attempted to impersonate financial institutions and other businesses via SMS channels.
“Telcos therefore play a supporting role in fostering the security of digital banking and digital payments by implementing scam disruption measures within the SMS communications networks that reduce the risks of scam SMS being delivered to consumers.”
MAS said the SRF will primarily cover online phishing scams that deceive consumers into clicking on links and entering their credentials.
However, it will also only cover scams that involve impersonated entities that are Singapore-based, or based overseas and offer their services to Singapore residents.
It will, however, exclude love or investment scams where victims authorise payments to the scammer; scams where consumers are deceived into giving their credentials away directly via text messages and non-digital means; and unauthorised transaction scam variants that do not involve phishing, such as hacking, identity theft, and malware variants.
Last April, Malaysia’s communications and digital ministry issued a directive to all local telcos to block any URL link in SMS to prevent consumers from becoming victims of online fraud.