Shared Responsibility Framework for FIs, Telcos, and consumers for phishing scams and revisions to E-Payments User Protection Guidelines to come into effect on 16 December 2024
21 November 2024
On 16 December 2024, the Shared Responsibility Framework (“SRF”) for phishing scams will take effect. The SRF will be implemented via the Guidelines on Shared Responsibility Framework (“SRF Guidelines”) issued by the Monetary Authority of Singapore (“MAS”) and the Info-communications Media Development Authority.
The SRF Guidelines assign banks and relevant payment service providers that have issued a protected account (“responsible FIs”) and mobile network operators under the Telecommunications Act 1999 which provide cellular mobile telephone services (Telcos) relevant duties to mitigate phishing scams, and set expectations of payouts to affected scam victims where these duties are breached.
MAS’ E-payments User Protection Guidelines (“EUPG”), which also take effect from 16 December 2024, set out the responsibilities of responsible FIs and consumers in relation to unauthorised and erroneous payment transactions, and establish a baseline protection offered by responsible FIs to consumers for losses arising from these transactions. The FI duties in the SRF were drawn from the EUPG.
In relation to the applicability of the EUPG on major payment institutions that are licensed under the Payment Services Act 2019 to carry on a business of providing an account issuance service and that issue personal payment accounts containing e-money, MAS on 25 October 2024 published its Circular on Anti-scam Measures by Major Payment Institutions Providing Personal Payment Accounts that contain E-money.
Collectively, the SRF and EUPG are part of MAS’ efforts to uplift standards of anti-scam controls and electronic payments across the financial sector and place a greater emphasis on consumer vigilance.
To read our article which provides an overview of the SRF Guidelines and MAS’ clarifications on the enhancements to the EUPG, please click here.