BSP cybersecurity team to submit findings on BDO fraud by end-January
FILE. A logo of the Bangko Sentral on its building in Manila
MANILA, Philippines — The cybersecurity team of the Bangko Sentral ng Pilipinas (BSP) is planning to submit its findings on the investigation into the recent online banking scam that hit clients of BDO Unibank Inc. by the end of the month.
During Monday’s hearing of the Senate banks committee, BSP Director Mhel Plabasan said the investigation into the incident is still ongoing.
“Admittedly, the incident is quite complex, it really requires cyber forensic investigation. Unfortunately, at this point, we cannot disclose yet with certainty what really went wrong, but hopefully [at] the end of this month, we will come up with something and we will submit it to the Monetary Board already,” he said.
Plabasan noted that “a number of the 700 involved accounts have already been restituted by the concerned bank.”
In December last year, social media posts of some victims said fund transfers from BDO clients were sent to a UnionBank account of a certain “Mark Nagoyo.”
BDO had said it is aware of a “sophisticated fraud technique” that affected some of its clients. The bank management added that it has already implemented additional security measures to block further attempts for unauthorized transactions and to protect bank credentials.
“Unfortunately this may be one of many that will happen eventually. So there has to be some sort of a game plan of the government that if something like this happens, immediately we have the resources and capability to track it as soon as possible,” said Senator Grace Poe, chairperson of the Senate panel, which is currently tackling the proposed Financial Consumer Protection Act.
Poe then asked whether there is “encompassing cybergroup” that is under the BSP that will immediately have the capability to act on such cases.
Plabasan told the senator that the BSP has a “dedicated” group called the Cybersecurity Oversight and Surveillance, which he heads.
“That’s primarily the mandate of the group. And we are constantly, similar to other government agencies, we are constantly building our capability,” he added.
According to Plabasan, the team has around 15 to 18 employees.
BSP Governor Benjamin Diokno said they are planning to expand its cybersecurity group.
“I think that’s really important. Imagine, from a certain number, how many have we increased from 2019. 29 percent were banked in 2019 and now, we’re hitting 70 percent for 2023,” Poe pointed out.
“Majority of that will really be online transactions or e-money accounts. I think the Cybersecurity group of the BSP should likewise also expand in keeping up with the expansion of the bank, online transactions that will be happening,” she added.
