In a significant move to combat the increasing threat of social engineering and other digital banking frauds, the Commonwealth of Pakistan has issued a vital policy directive. The directive aims to strengthen the digital fraud prevention controls and procedures of commercial banks and microfinance banks, while emphasizing the need for timely remedial and preventive measures. Failure to comply with these directives may result in banks being held liable for the loss of customer funds. These initiatives form part of the State Bank’s broader objective to enhance digital financial inclusion and promote digital financial services, fostering customer confidence in the safety, security, and robustness of the digital banking ecosystem.
Enhancing Security: State Bank’s New Guidelines
A Comprehensive Control System to Counter Digital Fraud
Notably, on April 14, 2023, the State Bank issued a detailed set of guidelines aimed at bolstering the security of digital banking products and services. These guidelines introduce a comprehensive control system that must be implemented by December 31, 2023. Financial institutions are now prohibited from having a digital fraud prevention policy solely to protect account holders. Instead, they are required to communicate their policy effectively and continuously improve their end-to-end digital fraud risk management and customer complaint management processes. This collaborative approach involves consultation with relevant parties to ensure optimal design, revision, and implementation of fraud prevention measures.
Safeguarding Customer Information and Reducing Disclosure Risks
To minimize the possibility of customer information disclosure, financial institutions must carefully design their processes and applications. The guidelines highlight the importance of eliminating or minimizing the disclosure of customer information, both in whole and in part. Additionally, financial institutions are directed to restructure their fraud risk management and complaint handling processes. This restructuring ensures that fraudulent transactions are handled promptly through the Fraud Transaction Dispute Handling (FTDH) system, allowing for immediate action.
Embracing International Standards and Transaction Controls
The new guidelines cover various areas related to digital fraud prevention. They emphasize the importance of governance and monitoring of digital fraud, implementation of international standards, and the adoption of fraud risk management solutions. Transaction controls play a pivotal role in the fight against fraud, and the guidelines outline the need for reasonable and configurable limits to prevent, track, and deter fraudulent transactions. These controls extend to multiple aspects, including registration, monitoring of fraudulent devices and accounts, incident follow-up, disputed transaction handling, and the protection of customer data through encryption techniques.
READ MORE: The Price of Gold in Pakistan
Limiting Transfer of Funds and Liability Shifting Framework
To prevent the fraudulent transfer of funds out of the banking system, the State Bank has directed banks offering branchless banking wallets to impose time restrictions. Transfers of funds via these wallets, including cash-out, mobile top-ups, and other online purchases, are now limited to a maximum duration of two hours. Additionally, the guidelines introduce a liability shifting framework that holds banks accountable for timely remedial and control measures. These measures include blocking digital channels promptly and handling dispute requests without delay, with the ultimate goal of compensating affected users.
Consumer Awareness Programs: Building a Strong Defense
The Need for Consumer Awareness
With the rapid adoption of digital banking by a large number of financial services consumers in Pakistan, it becomes crucial to address the lack of awareness among these users. Fraudulent elements take advantage of this gap in knowledge, employing various techniques such as forgery of official helpline numbers, SIM swap attacks, identity theft, and false registrations. State Bank recognizes the importance of consumer awareness programs and remains in constant consultation with the banking industry and other stakeholders to devise effective controls against these evolving fraud techniques.
Promoting Confidence in the Banking System
Consumer awareness programs should not only focus on educating individuals about the risks of digital banking fraud but also emphasize the role of State