KOTA KINABALU (Sabah, Malaysia): The Federation of Chinese Associations Malaysia (Huazong) has welcomed and supported the Bank Negara Malaysia (BNM) announcement of latest security measures to enhance safeguard against financial scams, especially via online transactions.
Its President Tan Sri T.C Goh also acknowledged that the ‘main source’ of the problem was largely due to ignorance of the bank customers, who had downloaded some phishing apps to their mobile phones or computers, as revealed by many cases that were reported recently.
Goh who is also President of The Federation of Chinese Associations Sabah (FCAS) cum a member of the Sabah Economic Advisory Council (SEAC) was commenting on the latest instruction issued by BNM Governor, Tan Sri Nor Shamsiah Mohd Yunus, requiring banks in Malaysia to implement five key measures to safeguard against financial scams, especially via online transactions.
He noted that the statistics provided by the Commercial Crime Division of the Royal Malaysian Police revealed that, 48,850 cases, or 68% of 71,833 commercial crime cases involving losses amounting to RM5.2 billion, reported from 2020 to May this year, involved online fraud. Since 2014, the police has also discovered 205,544 accounts belonged to the money mules, and as of March this year, 17% or 34,000 of them had been arrested, with the remaining 83% still at large.
“The above statistics clearly indicated that such incidents had existed for a long time, and what’s even more worrying was the fact that such a trend continues to spiral upward. This also showed that the Bank Negara was a bit slow in taking the necessary and appropriate actions, to ensure that the banks fulfill their duties and responsibility of safeguarding the personal information and money of their clients,” he lamented.
He thus hoped the banks will expedite the implementation of the new security measures required by BNM, without further delay.
Besides this, he also hoped BNM will take note of the potential setbacks or ‘inconveniences’ which may arise following the implementation of the recommended security measures.
In a statement issued today, he thus proposed the following measures for the government/BNM’s consideration:
- The bank to continue with the ‘favourite account’ feature, either for daily or monthly transactions, with a certain limit (on the number of favourite accounts allowed) for individual account holder; with higher limit for business account holder. This feature is helpful for regular transactions, such as making payments to suppliers or retailers, or for children’s education etc. Transactions for those accounts listed in the ‘favourite account’ shall be automatically exempted from further ‘security check’, and be approved via short message service (SMS) or one-time password (OTP).
- The bank to consider allowing small transactions such as those below RM50 or RM100, for food order/delivery and e-hailing services, to go through without having to go through more secure forms of authentication.
- Proposing the bank to require account holder to set a transaction limit, such as RM500,000 or RM1 million (similar to the limit set for personal credit card). This is to require the account holder to contact the bank before conducting any transaction which capped or exceeded the set limit.
- If such transaction is being conducted without notification from the account holder, the bank shall immediately contact the account holder, or to place it under ‘cooling-off period’ for further verification; if the said transaction is ascertained to be questionable or fraudulent in nature, the bank must then immediately alert the account holder.
- The bank must enhance its security system, besides identifying those accounts belonging to the ‘money mules’ which are suspected to be involved in unauthorized or fraudulent transfer of money from other bank accounts, and to immediately contact the police or relevant authorities for follow-up actions be taken against the ‘money mules’ and their masterminds.
- In today’s advance technology era where almost every single person owned a smartphone, verification method too can and should be carried out more efficiently and effectively.
- The bank should step up effort to provide double layers of security for its clients. For example, when a Google account holder wanted to log in to his Facebook account, he can do so by keying in his registered name and password, besides through Google authenticator by entering his reveal pin, in order to safeguard his Facebook account from being hacked.