BSP reminds banks to put safeguards when using bots

MANILA, Philippines — The Bangko Sentral ng Pilipinas told banks to put safeguards in place when handling personally identifiable information (PII) like login credentials amid security concerns over the use of bots in gaining access to financial accounts and facilitating transactions.

Software robotics use bots to perform repetitive human tasks, such as extracting data, filling in forms, moving files, and more. Some banks around the world now use this technology to save time by performing functions like examining loan applications and doing KYC processes, among others.

In a memorandum sent to all BSP-supervised financial institutions (BSFIs), the central bank said that this technology could potentially pose significant risks that may undermine consumer trust in financial service providers and compromise the integrity of the financial system.

“Many institutions leverage innovative solutions and technologies to enable them to access, utilize, and transform data to gain deeper insights into the market needs, assess product suitability, and optimize customer service processes,” the BSP said.

Data privacy concerns

“However, improper and/or unauthorized access end handling of customer data, particularly involving financial information, may expose BSFls to customer complaints and data privacy concerns,” it added.

READ: BSP eyes unified standard for handling, use of bank clients’ digital data

While these technologies have merits as an internal data collection automation tool, the BSP acknowledged that the use of robotic process automation (RPA) and other similar tools as an alternative data-sharing method raises some issues within the financial services industry.

That said, the central bank explained that BSFIs must meet the requirements of the National Privacy Commission regarding consumer consent. These requirements, the BSP said, may pertain to the right of a user to obtain a copy of data that was processed, procedures for obtaining consent, data access methods, and data sharing arrangements.

“The BSP underscores the importance of responsible data handling in fostering innovation in the financial ecosystem,” the central bank said.

“The proper handling and protection of PIl and other sensitive data serve as cornerstones of customer privacy and represent critical components in the prevention of fraud, identity theft, and other financial crimes,” it added.

Read more...