Minister of State for Trade and Industry Alvin Tan stated that the comprehensive implementation of anti-scam obligations shared by financial institutions and telecommunication companies (telcos) within a newly proposed shared responsibility framework is expected to significantly reduce the risk of phishing scams.
More from OMY: Singapore sees surge of phishing scams involving Singpass
A consultation paper released last month by the Monetary Authority of Singapore (MAS) and the Infocomm Media Development Authority (IMDA) introduced a set of responsibilities and liabilities for financial institutions and telcos, indicating that negligent behaviour could hold them responsible for phishing scam losses.
This proposed framework delineates “discrete and well-defined duties” for these companies, attributing liability if they fail to meet their obligations. For instance, these obligations include banks’ failure to send outgoing transaction alerts to consumers and telcos’ inability to implement a scam filter for SMS messages.
“Besides assigning accountability for scam losses, the important point is that full implementation by the financial institutions and telcos of their respective safeguards should materially reduce the risk of phishing scams in this first instance,” said Tan, who is a MAS board member.
MAS estimates a potential reduction in phishing scams, which totaled approximately 15,000 cases with an average loss of around S$3,900 (US$2,880) between 2021 and mid-2023.
While the number of these scams continued to rise in the first half of 2023 compared to the previous year, they constituted a smaller portion of the overall scam cases, dropping from 17% to 13%.
Moreover, the average loss per phishing scam decreased by 20% during the same period.
The proposed framework suggests a “waterfall approach” for assessing responsibility regarding scam losses. Banks would be initially liable, followed by telcos, and if both have fulfilled their duties, consumers would bear the full loss.
However, the framework’s initial focus is only on digitally occurring phishing scams, excluding other types such as investment or love scams where victims authorise payments to scammers.
Minister Tan underscored the necessity to distinguish between authorised and unauthorised transactions, hinting at the challenge of encompassing all forms of deception under the proposed framework.
He stressed the importance of customer vigilance and personal responsibility in dealing with scams, while simultaneously highlighting the need for public education initiatives.
“We also want to guard against the moral hazard risk in terms of consumers letting their guard down and potentially also working in cahoots with scammers to default the banks,” he added.
Notably, Singapore is pioneering an “ecosystem approach” by involving telcos in the reimbursement framework for scams, which Minister Tan dubbed as a positive start. He emphasised the framework’s continuous review and adaptation to address changing scam patterns.
The conversation has extended beyond banks and telcos to engage with major technology firms like Google, which are collaborating with regulatory bodies and financial institutions to enhance their malware protection systems.
Despite concerns about the exclusion of certain scam variants, such as malware scams, from the framework, Minister Tan assured that subsequent updates will consider these new scam typologies. Additionally, he mentioned the constantly evolving frameworks in place within banks to aid scam victims.
“But I want to assure … members of this House that we will review these new scam variants, such as malware, as part of subsequent updates of (the shared responsibility framework).”
“MAS is leaning on the banks to be even more accommodative in applying these goodwill payment frameworks, taking into account the sophistication of scam typology as well as consumers’ financial situation among others,” he added.
In response to queries from Members of Parliament Sylvia Lim and Tan Wu Meng regarding difficulties in requesting physical security tokens from banks, Minister Tan acknowledged these challenges and assured efforts to reduce friction in such requests, particularly for customers who are less comfortable with digital tokens.
More from OMY: How scammers gain control of your phone: insights on malware