By 
KARACHI: The State Bank has warned banks that failure to promptly take preventive action to combat social engineering and other digital banking frauds could result in them being held liable for lost account holder funds.
“Banks are required to compensate the customers due to their part in their taking timely remedial and control measures, such as delay in blocking digital channels, delay in raising dispute requests, etc.,” the central bank stated in a statement on Thursday.
According to a survey by the banking ombudsman, the number of complaints regarding fraud, particularly those involving digital transactions, has been rapidly rising.
In order to prevent social engineering and other types of digital banking fraud, the State Bank of Pakistan (SBP) has recently ordered commercial banks and microfinance banks to enhance their digital fraud protection controls and procedures.
It said that banks will be held accountable for any customer monies lost as a result of their failure to promptly take corrective and preventive action.
According to the statement, “These new measures are part of broader SBP objective to enhance digital financial inclusion and promote digital financial services by creating and enhancing customer trust in the safety, security, and soundness of the digital banking ecosystem.”
“Fraudsters have been preying on the lack of awareness among customers with the increasing adoption and usage of digital banking in Pakistan by a large number of financial service users,” it stated.
In addition to focusing on a consumer awareness programme by SBP and banks, the SBP claimed it had been in constant communication with the banking sector and other stakeholders to develop controls against sophisticated fraud techniques like spoofing of banks’ official helpline numbers, SIM swap attacks, identity theft, false registrations, etc.
The SBP released a fresh, comprehensive set of recommendations for increasing the safety of online banking services and products.
By December 31, 2023, banks must put this complete control regime into place, according to the rules.
According to the new standards, financial institutions are not allowed to create a digital fraud prevention strategy to safeguard their account holders and guarantee that this policy is effectively communicated.
In accordance with this, they will establish, evaluate, and constantly improve end-to-end procedures for managing the risk of digital fraud and the handling of consumer complaints.
The SBP has instructed banks providing branchless banking wallets to prohibit cash-out, mobile top-up, and or other online purchases from incoming fund transfers for two hours, the central bank said. This is one of the major interventions the SBP has made to prevent fraudulently transferred funds from leaving the banking system.
