KUALA LUMPUR (July 9): Banks cannot just blame their customers for losses from scams, unless there is evidence of client negligence in protecting personal security information, said Deputy Finance Minister Lim Hui Ying.

Every case of financial scams will be investigated, Lim told the Dewan Rakyat on Tuesday. For cases caused by weaknesses in the bank's system or risk management practices, the bank will bear the responsibility for the losses, she said.

"However, if evidence clearly shows that security details were compromised due to the client's negligence, the bank should consider offering appropriate compensation based on the case details," Lim said.

Victims have the right to accept or reject compensation offers, and can lodge complaints with the Ombudsman for Financial Services (OFS) for any disputes over compensation amounts, she said.

The OFS was established under Bank Negara Malaysia (BNM) under the Financial Services Act 2013 and Islamic Financial Services Act 2013 as an independent assistance mechanism that offers free services to clients concerning financial disputes with financial service providers.

From 2020 to mid-2023, there were 18,238 scam cases involving the banking sector, with 11% or about 2,000 cases brought to the OFS. Of these cases, 75% have been resolved.

To enhance client protection, Lim noted that BNM had updated its policy on unauthorised online banking transactions. This includes requiring financial institutions to conduct prompt and transparent investigations and implement stronger preventive measures.

"Under the updated policy, compensation will consider the effectiveness of institutions' security controls against financial scams,” Lim said. “It also clarifies the roles of consumers and banks in addressing online financial scams.”

Lim also highlighted that since June 2023, major banks had implemented several security measures to enhance client protection. These include ensuring that every banking transaction complies with security features, such as client confirmation and transaction notifications.

Banks have also strengthened scams detection rules to identify suspicious transactions, and limited customers to using only one device for authentication of online banking transactions to prevent misuse by third parties, Lim said.

Additionally, there has been an accelerated transition from sending one-time passwords via SMS to stronger authentication methods for online transactions related to account opening, fund transfers, payments, and personal information exchange.

BNM has also introduced a 'kill switch' mechanism allowing users to freeze their accounts if they detect suspicious activity, including unauthorised access or usage without permission.

For more Parliament stories, click here.