MAS hits OCBC with additional capital requirement of S$330 million over SMS phishing scam response | #phishing | #scams

SINGAPORE: The Monetary Authority of Singapore (MAS) on Thursday (May 26) said it has imposed an additional capital requirement of S$330 million on OCBC Bank due to “deficiencies” in the bank’s handling of SMS phishing scams in December last year. 

OCBC will be required to apply a multiplier of 1.3 times to its risk-weighted assets for operational risk, said MAS in a media release on Thursday. 

This translates to an additional amount of about S$330 million in regulatory capital, based on reported financial statements as at Mar 31, 2022, said MAS.

A total of S$13.7 million was lost in the spate of phishing scams that affected 790 customers, according to OCBC Bank in an update in January.

Following the scams, OCBC engaged an independent firm to review its systems and processes.

This uncovered “deficiencies … in the bank’s mitigation of identified risks, pre- and post-transaction controls, incident management and complaints handling, resulting in delays in containment measures and customer response time”, said MAS. 

These were in line with MAS’ own assessment, said the regulator, adding that OCBC is in the process of addressing them.

The additional capital requirement takes into account OCBC’s efforts to strengthen its controls and its approach to resolving customer complaints following the incident, said MAS. 

The additional capital requirement will be reviewed when MAS is “satisfied that OCBC has addressed all deficiencies identified in the review”, it added. 

Mr Marcus Lim, MAS’ assistant managing director (banking and insurance) said: “Financial institutions have a duty to put in place robust measures to prevent, detect and respond to scams. 

“This means ensuring that their controls remain effective against evolving scam tactics, and prompt actions are taken as soon as a scam is detected. 

“Consumers must also remain vigilant against persistent attempts by scammers to deceive them into divulging their log-in credentials or initiating transfers themselves.” 

He added that MAS is working closely with the industry and other agencies to further strengthen the sector’s collective defences against scams.

Original Source link

Leave a Reply

Your email address will not be published.

5 + three =