The Philippines passes Anti-Financial Scamming Act (AFASA)

As we discussed earlier this summermany Southeast Asian nations have begun exploring new fraud-fighting legislation. In July, the Philippines passed the Anti-Financial Scamming Act (AFASA), introducing tough penalties for cybercriminals, mandating customer reimbursements for fraudulent transactions, and placing liability on banks to maintain robust security systems.

With AFASA, banks must take proactive steps to safeguard customer accounts and work closely with law enforcement to combat financial fraud.

How banks are adapting: Embracing advanced technologies

To comply with AFASA, banks are enhancing their fraud detection capabilities using AI and machine learning. These technologies enable real-time monitoring, predictive analytics, and fraud detection based on behavioral biometrics. The use of behavioral biometrics, which tracks unique user patterns like typing speed or device interaction, offers a seamless security layer, reducing the risk of account takeovers without compromising convenience.

In countries like India, the Reserve Bank of India (RBI) has already championed behavioral biometrics as a game-changing technology in the reduction of fraud, perhaps setting an example for the Philippines to follow.

Benefits for customers, compliance for banks

For customers, AFASA strives to bring enhanced protection and peace of mind with mandatory reimbursements and next-gen fraud-detection solutions. Real-time alerts and biometric security measures further enhance the protection of digital accounts, reducing the risk of financial loss.

Additionally, AFASA shifts liability to financial institutions, holding them accountable for breaches and pushing them to adopt new technologies. The increased focus on consumer education attempts to ensure customers are well-informed about the latest threats, empowering them to recognize and report suspicious activity.

1. Institutional liability: Financial institutions that fail to implement adequate risk management systems and controls, or fail to exercise the highest degree of diligence, can be held liable for reimbursing funds to account owners. This liability applies even without a criminal conviction. Behavioral intelligence solutions not only meet this requirement but also display remarkable results in identifying and stopping fraudulent transactions, as evidenced in the RBI recommendation referenced above. Banks should be wary, however, of deploying the cheapest solutions available to meet the bare minimum of AFASA requirements. A Band-Aid approach to fighting fraud can result in economic penalties for the bank deploying it, even if they meet the most basic AFASA provisions.

2. Restitution of funds: The law states that institutions “shall be liable for restitution of funds to the account owners” if they fail to employ adequate risk management systems or fail to exercise the highest degree of diligence in preventing loss or damage arising from prohibited acts.

3. Failure to hold disputed funds: An institution that fails to temporarily hold funds subject to a disputed transaction, as required by the Act and BSP regulations, shall be liable for any resulting loss or damage, including the restitution of the disputed funds to the account owner. In other words, banks can be held liable for mule accounts they fail to identify and shut down.

Balancing security and convenience

While AFASA promises stronger protection, some customers may worry about privacy or potential inconveniences. Stricter authentication processes, such as MFA or frequent identity verifications, could lead to longer log-in times or additional steps for routine transactions. Additionally, AI-based fraud detection systems may flag legitimate transactions, leading to delays or account blocks.

Behavioral biometrics are designed to minimize such inconveniences while ensuring maximum security. Importantly, behavioral biometrics also do not rely on personal identifiable information (PII), addressing privacy concerns while continuously monitoring suspicious activity in the background of every digital banking session.

The future: Technology as the key to security

AFASA’s passing highlights the essential role technology plays in modern banking security. AI and machine learning allow for real-time fraud detection and quick responses to emerging threats. Behavioral biometrics offers a more nuanced layer of security that doesn’t interrupt the user experience but provides robust protection. As these technologies evolve, they will continue to shape a safer and more secure financial landscape, benefiting both customers and institutions.

In summary, AFASA seems a commendable step in securing the Philippines’ financial systems, encouraging banks to invest in ML-driven solutions while ensuring customers their money is safe, and their privacy is respected.