A measure granting the government more power to combat phishing and other online scams is awaiting President Rodrigo Duterte’s signature as the country sees an alarming rise in cyber threats, a lawmaker said Saturday.
Camarines Sur Rep. Luis Raymund Villafuerte said the expected signing into law of a bill enhancing financial consumer protection “couldn’t have come at a more appropriate time than now” when the Philippines placed fourth in Kaspersky’s 2021 global ranking of countries most targeted by web threats.
He said the measure aims to empower the Bangko Sentral ng Pilipinas (BSP) and the rest of the banking community to better protect financial consumers against phishing, “money muling” (acting on behalf of someone to transfer or move illegally acquired money), and other online scams.
They shall be granted such powers as rulemaking, surveillance and inspection, market monitoring, and enforcement powers relative to consumer protection.
“We are hopeful that President Duterte will sign this measure into law as it aims to regulate the use of bank accounts and electronic wallets and consider certain illegal financial acts related to their use as a form of economic sabotage and a heinous crime if done on a large scale,” Villafuerte said.
He noted that the pandemic has presented new opportunities for “cybercriminal exploitation, including remote work, virtual crime, and persistent threats,” especially as social distancing protocols have
increased online transactions to avoid face-to-face interactions.
Although banks have increased their efforts in addressing cybercrimes, and consumers have also become increasingly vigilant against such offenses, the Philippines still has no law against the use of financial accounts as an accessory to financial crimes, Villafuerte said.
“Worse, there is no punishment that can deter these criminal actions,” he said.
Villafuerte cited reports from the Teachers Dignity Coalition claiming that about 20 to 40 teachers lost between PHP26,000 and PHP121,000 each from their allegedly “hacked” LandBank accounts, but the lender claimed that its systems were safe and secure and that these teachers had fallen prey to a phishing scheme.
He also cited the case wherein three Filipinos and a Nigerian were indicted in January by the Department of Justice for the hacking attack that victimized about 700 Banco De Oro (BDO) customers who reportedly lost as much as PHP50,000 each through unauthorized transfers from their bank accounts.
“Our ongoing efforts to accelerate the country’s digital switch must be complemented by measures to safeguard consumers against cyber threats and other illegal online schemes,” Villafuerte said. “The recent gains in the digitalization of financial services should not result (in) adverse consequences for our people, especially during this prolonged pandemic.”
The bill, he said, prohibits the opening of a bank account, an e-wallet account, or other financial accounts under a fictitious name or using the identity or identification documents of another to receive or transfer or withdraw proceeds derived from crimes or offenses.
The measure also seeks to penalize any person performing any phishing or social engineering schemes by slapping a term of life imprisonment and a fine of PHP1 million to PHP5 million on those found guilty of cyber offenses that constitute economic sabotage.
BSP Governor Benjamin Diokno said the enactment of the proposed Financial Consumer Act is envisioned to provide an “armor of protection” to all financial consumers.
Diokno said it would ensure that relevant government institutions and financial regulators would be fully equipped with the legal authority to enforce prudent, responsible, and customer-centric standards of business conduct.
“The passage of the FCP Act will enable financial regulators to sanction business practices and entities that pose grave and irreparable injury to financial consumers. It will deter frauds and scams, and ensure that every Juan and Maria are provided with positive customer experiences,” he said.
He reported that the BSP received a total of 42,456 complaints from 2020 to 2021, which amounted to an estimated PHP540 million during last year alone.
The BSP also cited account takeovers or identity theft, phishing, and social engineering schemes, including the card-not-present fraud, as the top three cybercrimes in 2020. (PNA)