ASIC has released a report (REP 790) into anti-scam practices of 15 banks and financial services providers outside the four major banks. Background.

From its findings about existing and emerging bank practices in preventing, detecting and responding to scams, ASIC has provided observations for all banks to consider, to minimise the impact of scams on their customers.

While “scams” are generally defined as a subset of fraud where people are tricked into providing information or money, for the report ASIC employed a narrower definition of scams, limiting scams to situations where customers authorised the transaction by either making the transaction or aiding the scammer to make the transaction, including by providing multi-factor authentication passwords.

This is differentiated from the broader definition of scams where the customer provided the scammer with personal information (such as date of birth and address) allowing them to impersonate the customer and conduct the unauthorised transaction.

ASIC’s findings are in the following categories:

• Scams strategy, governance and reporting;
• Preventing scams;
• Detecting and stopping scams;
• Responding to scams and scam victims.

ASIC observed that:

• Governance and reporting tended to be fraud focussed.
• Capabilities to hold or delay potential scam payments were inconsistent across payment channels.
• Lack of protection against brand misuse across all telecommunication channels.
• Poor customer experiences due to lack of resourcing and customer focus. The reviewed banks did not always consider the likely distressed state and vulnerability of the scammed customer and scam reports were frequently mishandled. This led to delays – in part due to resourcing constraints, financial loss to the customer, unclear and confusing communication, and failure to identify and respond to scam victims who were experiencing vulnerability.
• Adoption of inconsistent and narrow approaches when considering liability. Many reviewed banks lacked a bank-wide approach to determining liability for scam losses resulting in inconsistent outcomes for customers. In addition, policies did not always consider all relevant factors for determining liability.

ASIC says the issues noted above were generally acknowledged by the reviewed banks as leading to poor customer outcomes and requiring improvement.

The report also contains an update on scam prevention by the four major banks.

If you found this article helpful, then subscribe to our news emails to keep up to date and look at our video courses for in-depth training. Use the search box at the top right of this page or the categories list on the right hand side of this page to check for other articles on the same or related matters.