All the news, tactics and scams for finance leaders to know about in November 2023.
Payment Security 101
Learn about payment fraud and how to prevent it
After releasing a report that indicates customers overwhelmingly wear the burden of scams, the Australian Securities and Investments Commission (ASIC) has called for major banks to improve approaches to protecting customers from scams.
Report 761, Scam prevention, detection and response by the four major banks, revealed that bank customers account for 96% of total scam losses across the banks. And, collectively, the banks detected and stopped a small proportion – approximately 13% – of scam payments.
The numbers are worrying because they indicate a rise in scams, yet there’s scattered improvement in banks’ approaches to them. According to the ASIC’s review, more than 31,700 customers of the four major banks collectively lost more than $558 million through scams between 2021 and 2022 – a 50% increase in financial losses compared to the previous 12-month period. Banks only paid about $21 million in reimbursement or compensation payments for victims during the same period.
Let’s take a closer look at the report and what it means for you.
The report concludes that banks’ overall approaches to scams strategy and governance are variable and less mature than expected, with narrow approaches to determining liability.
The assessment found that victims weren’t always well supported by their banks after a loss occurred. Resourcing problems meant that cases weren’t always resolved promptly, while unclear processes created inconsistent or even bad customer experiences.
Incident response isn’t the only problem area according to ASIC’s review – so is prevention. While the banks have taken steps to prevent customers from falling victim to scams, the report found that emerging good practices were inconsistent, and it recommends that banks further evolve their scam management practices to help prevent customers from falling victim.
Deputy chair of ASIC Sarah Court has recommended that banks reconsider their response methods to reduce further distress and help customers manage the situation. She also highlighted the need for banks to inform and educate customers better and take steps to evolve their scam management practices.
Court has also emphasised the importance of collaboration between financial institutions, telecommunication providers, digital platforms, and other organisations to combat scams at the source.
The report acknowledged that banks have recently strengthened their anti-scam efforts, but these aren’t yet adequate to protect against scam techniques that are becoming more sophisticated and leveraging fast-advancing technologies. Advocating for further steps, the report provides suggestions and guidance for evolving banks’ anti-scam strategies and protections.
Certainly, the industry will need to keep making changes that protect their customers amid a rapidly changing threat environment, one where scammers are constantly hunting for new ways to bilk victims out of their money. But the takeaway for finance leaders is that customers can’t simply rely on banks to protect them from these scammers.
While stronger anti-fraud measures are crucial, there are a variety of logistical, operational barriers that make it challenging for banks to offer significant protection for customers anytime soon. Leaders who want to protect their organisation’s financial health should be looking for additional layers of protection.
One way to defend your organisation is to reevaluate your financial controls. Many controls are designed for analogue fraud instead of the growing number of online scams and tactics, creating gaps that a new generation of online fraudsters are extremely happy to exploit.
With cybercrime on the rise, it’s critical to know what finance leaders are (and aren’t) doing to protect their organisations from digital …
Eftsure provides continuous control monitoring to protect your eft payments. Our multi-factor verification approach protects your organisation from financial loss due to cybercrime, fraud and error.