At present, existing regulations and laws have already taken into account the need to protect the public in cases of financial fraud.
“However, I understand the concerns of the people. I would like to clarify that under current regulations, banks cannot hold customers responsible for any losses from online banking fraud unless the bank has clear and solid evidence showing that the customer did not take reasonable steps to protect their personal security details at all times, Deputy Finance Minister Lim Hui Ying said in the Dewan Rakyat today.
Generally, every fraud case will be investigated, and in cases caused by system weaknesses or the bank’s risk management practices, the bank will be responsible for bearing such losses, she added.
Lim said this in reply to a question raised by Chong Chieng Jen (Stampin) who requested the Minister of Finance to state whether the Government intends to amend the law to make banks accountable for bearing losses (partially/entirely) suffered by victims of frequent bank scams.
However, if clear evidence shows that security details were compromised due to the negligence of the account holder themselves, the bank must consider offering fair compensation to the victim based on the specifics of the case. If the account holder disagrees with the decision or compensation offer made by the bank, they have the right to dispute this decision with the Financial Services Ombudsman (OFS), Lim said.
She explained to strengthen consumer rights protection, Bank Negara Malaysia (BNM) has recently enhanced policies related to electronic banking transactions. This includes ensuring financial institutions conduct more thorough and transparent investigations within a reasonable timeframe, and implementing more effective preventive controls.
In addition to this, since June 2023, all major banks have also implemented the following measures:
i) Ensuring every banking transaction complies with security features such as customer transaction verification and transaction notifications;
ii) Enhancing fraud detection regulations to identify suspicious transactions;
iii) Limiting customers to using only one device for online banking transaction verification to prevent account misuse by third parties;
iv) Accelerating the transition from One Time Passwords (OTPs) via Short Message Service (SMS) to stronger verification for online transactions related to account opening, fund transfers, payments, and personal information updates and account settings;
v) Providing a dedicated hotline for victims to report online fraud cases;
vi) Additionally, BNM has enforced a ‘kill switch’ mechanism allowing users to freeze their accounts if they suspect unauthorized access or use.
“These enhancements aim to ensure that any compensation considers the effectiveness of security controls implemented by financial institutions in handling online financial fraud. This policy also clarifies the responsibilities of both users and banks in addressing online financial fraud. In finalising this policy, BNM has engaged with relevant stakeholders,” Lim said.
Banks Cannot Hold Customers Responsible For Online Banking Fraud Losses Under Present Regulations: Lim






