MAS Imposes Capital Requirements on OCBC for Inadequate Scam Response
Additional capital requirements have been imposed on the OCBC bank by the Monetary Authority of Singapore (MAS) after a spotty response to phishing scams.
The Monetary Authority of Singapore has placed additional capital requirements on the Oversea-Chinese Banking Corporation (OCBC) Bank after passing an inadequate response to phishing scams in December. An amount of around S$330 million will be required by OCBC to hold up as additional capital.
The assistant managing director for banking and insurance at MAS, Marcus Lim said that it is the prime duty of financial corporations to incorporate robust solutions to combat these scams.
While commenting on the official website of MAS, Lim commented “This means ensuring that their controls remain effective against evolving scam tactics, and prompt actions are taken as soon as a scam is detected”. He further added that MAS is currently working closely with the industry and other agencies on dealing with these scams and strengthening the collective defences against them.
The bank came under severe criticism as it lost S$13.7 million in scams while affecting around 790 victims in January. The scam was carried out by sending SMS to the victims through a spoofed phone number. The messages claimed that they were being sent through the bank providing links to a fake website to provide login credentials for resolving the issues with their bank accounts.
The CEO of OCBC Bank, Helen Wong, said: “While we took various actions in December to stem the scam, we should have responded faster and better to early signs of the attacks.” Moreover, she added that the phishing attacks in December reached a level of realism which were not seen in the previous attacks.
The OCBC has enforced an independent firm to review its systems, as noted by MAS. “Deficiencies were noted in the bank’s mitigation of identified risks, pre- and post-transaction controls, incident management and complaints handling, resulting in delays in containment measures and customer response time.”
Suggested Read: SMS Phishing Scams are Impersonating State Agencies – FTC Warns