Digital financial crime poses rising threat to Singapore

Written by Kapronasia || February 02 2022

The Covid-19 pandemic has aggravated the threat digital financial crime poses to Singapore. Since the pandemic began, the city-state has experienced a surge in online loan, e-commerce and phishing scams. Since 2016, scammers have made off with S$965 million, according to a recent investigation by The Straits Times. A record high of S$268.4 billion was taken in 2020 as the pandemic forced most banking and other transactions online. The threat did not recede in 2021 as seen with the OCBC phishing incident.

Much of the conversation about financial crime in Singapore thus far has focused on the risks posed to customers, and indeed, they are the one who usually suffer most immediately, even if insurance may in some cases help offset their losses. Yet there is a significant financial and reputation risk to banks as well. Indeed, the greatest asset that banks have is customer trust. For incumbent banks, this is the most important factor that differentiates them from tech-savvy but unproven digital competitors. Banks perceived to be incapable of protecting customers from the fast-evolving financial crime threat will be at a significant disadvantage in the months and years to come.

On January 30, OCBC said that a total of S$13.7 million was lost in the recent slew of phishing scams. That compares to an earlier estimate of S$8.5 million reported in December. According to an investigation, victims of the scammers provided their online banking log-in credentials and one-time PINs to phishing websites. The criminals then took control of the customers’ accounts and made fraudulent transactions.

Could this have been prevented? To be sure, some people are more gullible than others. Cybercriminals are also intractable. But there is much that banks can do to bulwark their digital infrastructure, stay alert for suspicious activity and educate customers about the threat posed by online financial crime.

OCBC conceded in a statement that its “customer service and response fell short of our own expectations, that could have affected loss mitigation in some of the cases.” With that in mind, it is heartening to hear that the bank has decided to compensate the scam victims in full, which OCBC describes as “as a one-off gesture of goodwill given the circumstances of this scam.”

Looking ahead, new measures announced by the Monetary Authority of Singapore (MAS) to boost digital security for banks may help reduce the likelihood of future incidents of this nature. Per the new measures, there will no longer be clickable links in SMSes or emails sent to customers, a default threshold of S$100 or lower for funds transfer transaction notifications will be set and there will be a delay of at least 12 hours before the activation of a new soft token on a mobile device.

“The growing threat of online phishing scams calls for immediate steps to strengthen controls, while longer-term preventive measures are being evaluated for implementation in the coming months,” the MAS and the Association of Banks in Singapore (ABS) said in a statement.