With huge profits, it is time for banks and telcos to invest more in improving their infrastructure against rising criminal activities.
IT came as a huge shock to my colleague when she was saddled with a RM38,000 credit card bill – five transactions that took place in Brazil within minutes of each other, a country she had never visited in her life.
The purported expense came when she was travelling overseas. She only discovered her credit card was missing three months after the incident when the bank asked if she had her card with her.
“I was with another colleague in Hong Kong at the time. He received the same SMS alert from his bank. We both called our banks at the same time. But the difference was his bank stopped the transaction because they could not verify it,” she said.
Despite showing proof that she was in Hong Kong at the time of the transaction, her bank could not provide her with the details of the case as they did not ask the merchant for it. The minute they found out the transactions were physical, they washed off their hands and sent her a letter which indicated she was liable for the RM38,000.
“They even tried to charge a currency conversion fee, late fee and interest on the disputed transactions. Finally, after days of frustrating exchanges with the bank, I reported the case to Bank Negara, and only now the bank is reaching out to the merchant to investigate,” my colleague told me.
Sadly, her quandary is not something new. Credit card fraud is on the rise in Malaysia. But financial institutions in general argue that if a card is lost or stolen, it is still the responsibility of the cardholder if any transactions take place. But shouldn’t the onus be on the bank to at least perform due diligence on red flag transactions?
A year ago, banks under the ambit of the Association of Banks in Malaysia (ABM) and Associa-tion of Islamic Banking and Financial Institutions Malaysia (AIBIM) launched their refreshed #JanganKenaScam awareness campaign.
At that time, the associations claimed that the campaign underscored the banking industry’s commitment to combating financial scams and preventing fraudulent banking activities.
They have since implemented several security measures to fight scams, such as migrating from the SMS One-Time-Password (OTP), tightening their fraud detection rules, imposing a cooling-off period for first-time online banking registrations, restricting secure authentications to a single device, and setting up dedicated fraud hotlines for customers.
According to the two associations, these measures have successfully prevented fraudulent transactions worth RM351mil.
But combating fraudsters is a constant battle, with the banks themselves admitting that there is an upward trend and huge losses due to credit card fraud.
Over the years, The Star has published numerous articles highlighting scams and scammers and credit card fraud.
In fact, exactly 10 years ago, we published a front-page article on fraudulent credit and debit card transactions.
We wrote: “Many consumers are questioning the assurance banks give on Internet security after discovering that their credit and debit cards have been used in unauthorised online transactions.”
Ten years later, nothing seems to have changed. If anything, things have got worse.
A study by Ipsos last December revealed that an overwhelming majority of Malaysians have encountered scams, with a distressing number reporting substantial financial harm. The study indicated that scams are exploiting the digital realm, signalling a shift in criminal tactics that jeopardises our collective economic health.
Despite the additional security measures, the current national scam awareness campaign throws the entire burden of fighting scams on poor defenceless Malaysians, many of whom are retired, in their senior age, and somewhat gullible.
This is in stark contrast to what our neighbour down south has done – Singapore is holding the telcos and banks responsible for customers who have fallen prey to scams.
The Monetary Authority of Singapore (MAS) says financial institutions and telcos will have to compensate their customers who have been cheated if they are found to have breached their responsibilities.
These responsibilities include failure by banks to send outgoing transaction alerts to consumers and telcos failing to implement a scam filter for SMSes.
The Singapore authorities acknowledged that “responsibility for preventing scams should not lie solely with consumers but also with industry stakeholders”, such as the financial institutions and telcos.
The shared responsibility should also apply here because banks and telcos, as the primary gatekeepers, must do more to protect Malaysians.
Financial institutions play a critical role as a gatekeeper against the outflow of monies due to scams, while telcos play a supporting role as infrastructure providers for SMSes.
They must incorporate more circuit breakers and track the enormity of the scams that are taking place. Tracking is not good enough; they must also act on it.
With Budget 2025 to be tabled next week, I hope our reform-minded Finance Minister introduces stronger and better measures to help Malaysians and demand more from banks and telcos.
Banks and telcos have amazing balance sheets with huge profits. It is time that they invest more to improve the infrastructure against scamming and fraud.
Brian Martin
Brian Martin is the managing editor of The Star.