The chairperson of the House Ways and Means Committee sought Monday a congressional inquiry into the safety features in digital banking and the ability of law enforcement agencies to implement laws against financial cybercrimes in the country.
Albay Rep. Joey Salceda filed House Resolutions 2406 and 2407 in response to recent reports of hacking of digital bank accounts.
HR 2406 urges the House Committees on Public Order and Safety, and Public Accounts to conduct hearings, in aid of legislation, on the capacity of law enforcement agencies to apprehend, detect, investigate, and prosecute financial cybercrimes.
Meanwhile, Salceda called on the Senate to pass its own version of the bill that enhances consumer protection, that has been passed by the lower chamber.
The bill aims to protect users of banking and other monetary services and was recently passed in the House in response to recent incidents of phishing, hacking, and other financial services scams.
The Bangko Sentral ng Pilipinas earlier said it is looking into complaints of hacked bank accounts posted on social media by some bank customers.
The BSP said it was in close coordination with BDO Unibank Inc. and Union Bank of the Philippines regarding the reported hacking incidents of several BDO online banking accounts last weekend, central bank Governor Benjamin Diokno said.
Diokno issued the statement after several BDO account holders reported unauthorized transactions on social media. They said they noted unauthorized transactions to a certain “Mark Nagoyo,” purportedly the beneficiary account for these illegal transactions.
Bankers Association of the Philippines president Jose Arnulfo “Wick” Veloso called on the public to be more vigilant against cyberattacks, following reports of fraudulent schemes involving one of the country’s biggest lenders.
In a statement released Sunday, Veloso reminded the public to refrain from giving out sensitive information which could lead to their accounts being compromised.
In related developments, Sen. Joel Villanueva sought to heighten cybersecurity measures to foil digital pickpockets preying on workers’ e-wallets and bank accounts.
If ordinary employees guard their hard-earned money against pickpockets, he said banks should also make sure that cybercriminals don’t pick the digital wallets of those who gave them their pay for safekeeping.
“Payroll money entrusted by both employers and their workers should be kept safe at all times,” the chair of the Senate labor committee said.
He also called on government authorities to treat the security breach in one bank “as if it were a cyberattack on our country of the grave kind.”
“This goes beyond one company. The national reputation is at stake. The Philippines cannot be seen as having a porous banking system because such weakness will only entice cyber criminals to attack us,” Villanueva said.
Salceda, principal author of House Bill 6768 or the Consumer Financial Protection Act, said: “Unfortunately, we do not have a comprehensive framework for protecting the users of online financial services just yet. The Bangko Sentral deals with issues on a per-incident basis, but our laws are not yet there.
“As a result, scammers feel emboldened to cheat others of their hard-earned money, because the central bank cannot possibly be everywhere, monitoring financial products.
“I will also file a resolution calling on the Committee of Banks and Financial Intermediaries to assess the level of retail client protection among banks in the country, and one with the Committee on Public Accounts to see how prepared our cybercrime prevention units are in implementing the anti-fraud provisions of the Anti-Cybercrime Law,” Salceda added.
At the same time, HR 2407 directs the House Committee on Banks and Financial Intermediaries to look into the safety and security measures and user protection mechanisms being undertaken by banks and electronic payment solutions providers to protect their customers from being defrauded.
“Without adequate protection from banks for their retail users, ordinary citizens are compelled to use digital payment solutions due to mobility restrictions and convenience even when they are not certain about the security of their hard-earned savings,” Salceda said.
He cited RA 10175, or the Cybercrime Prevention Act, penalizing computer-related fraud or “the unauthorized input, alteration, or deletion of computer data or program or interference in the functioning of a computer system, causing damage thereby with fraudulent intent.”
The solon noted that Philippine law enforcement agencies do not yet have specific anti-financial crime units that are otherwise typical in other countries.
“Financial crimes similar to the reports … could be prosecuted under the aforementioned provision of Republic Act 10175 if law enforcement agencies have the capacity to apprehend, detect, and investigate financial cybercrimes,” Salceda said.
Diokno said BSP would do everything to ensure the safety and integrity of the financial system as well as the protection of financial consumers.
“An important reminder: You will never be a victim of cybercrime if you never give your personal information, such as One-Time Password, to other people. If you do not give your personal information to others, cybercriminals will never be able to steal your money,” Veloso said in Filipino.
“BSP has been monitoring the surge in complaints posted in social media platforms since the early part of this week. We are in close coordination with BDO as well as UBP on this incident to ensure that remedial measures are being undertaken, including reimbursement of affected consumers,” Diokno added.
Villanueva said a swift solution was needed “because we cannot be seen as a prime destination of cybercrime, a haven for hackers.”
“Solving this crime early – perpetrators identified, and the modus explained – should signal to our people the comforting assurance that their hard-earned money is safe with banks,” he said.
The senator urged the government to convene an inter-agency task force “that will immediately get to the bottom of this and institute measures that will prevent it from happening again.”
Any delay, he said, will corrode the public’s faith in our banking system, “a relationship based on trust.”
Villanueva said the Department of Information and Communications Technology, the Bangko Sentral ng Pilipinas, the National Privacy Commission, the National Bureau of Investigation, among others, can be among the agencies in the task force.
He welcomed the statement by the concerned bank that the interest of victims will be protected as “most reassuring and is the correct thing to do.”