Who will bear the cost of cybercrimes? Banks soon to issue rules
The local banking community is working with regulators to come up with a Singapore-style playbook for e-payments that will spell out the responsibilities and liabilities of financial institutions and account holders amid rising online risks.
This so-called magna carta for e-payments is “something we will hopefully finish before the end of the year and fine-tune with the regulator,” Wick Veloso, president of Bankers Association of the Philippines (BAP), said in a text message.
The playbook, which would cover banks and other players in the payments space, is particularly crucial in determining who will bear losses arising from cybercrimes.
It would be similar to the guidelines issued by the Monetary Authority of Singapore in 2020, which aimed to establish a common baseline protection offered by responsible financial institutions on a business-as-usual basis to individuals or sole proprietors from losses arising from isolated unauthorized transactions or erroneous transactions from their accounts.
In the Philippines, the formula proposed by the banks is the same as the “liability shift” model adopted when the industry migrated to the more secure EMV chip technology. This principle dictates that when there are losses incurred, the party with the least protection should pay all or pay more.
Applying such principle in the case of the EMV migration, for instance, those that delayed the upgrade of their ATM terminals bore the losses in case of fraud.
Article continues after this advertisementBenjamin Castillo, executive director of BAP, said financial institutions should act promptly and respond accordingly to prevent criminals from siphoning off money.
BAP had estimated that over P1 billion worth of hard-earned money had gone down the drain this year due to fraud, including unauthorized bank withdrawals and fund transfers. INQ