Banks to implement stricter controls against online scams
New safeguards to protect customers
Singapore’s Monetary Authority (MAS) and the Association of Banks in Singapore (ABS) have announced enhanced security measures to strengthen digital banking defences. These measures, introduced on Wednesday (Jan 19), come in response to a wave of SMS-phishing scams targeting bank customers.
Key updates include mandatory cooling-off periods for account detail changes and a minimum 12-hour delay before activating mobile tokens. Banks are required to implement these changes within two weeks.
Collaborative efforts to combat scams
In collaboration with the Singapore Police Force and Infocomm Media Development Authority (IMDA), MAS is exploring long-term solutions, such as adopting an SMS Sender ID registry to combat spoofing. Additionally, the regulator is reviewing fraud detection systems at major financial institutions to ensure they are robust enough to address rising online scam threats.
MAS and ABS jointly stated: “All financial institutions must maintain strong preventative measures, efficient fraud detection, and effective customer service for scam-related incidents.”
Upcoming bank procedures
The new measures include:
Disabling clickable links in emails and SMS messages sent to customers.
Default transaction notification thresholds set at S$100 or below.
A 12-hour delay for activating soft tokens on mobile devices.
Alerts sent to existing contact details when changes are requested.
Cooling-off periods for key account updates, such as changes to contact information.
Strengthened customer support teams prioritising fraud cases.
Increased scam awareness and education efforts.
While these measures may extend the time required for certain transactions, MAS emphasised their importance in creating an additional layer of protection for customers.
Industry response and customer adjustments
DBS Bank announced its full support for the new measures and will suspend non-essential SMS notifications containing clickable links starting Friday. However, essential messages such as security notifications and one-time passwords will continue to be sent.
Ravi Menon, managing director of MAS, stressed the importance of a united approach to counter scams: “While the threat of scams cannot be eliminated, reducing vulnerabilities requires coordinated efforts across the ecosystem. Our goal is to ensure digital banking remains secure, trusted, and efficient.”
Scam losses prompt action
The crackdown follows a December phishing scam targeting OCBC Bank, which resulted in 469 victims losing at least S$8.5 million. These incidents highlight the urgent need for improved safeguards as cyber threats continue to evolve.
