KUALA LUMPUR: Financial institutions continue to be operationally resilient, with no major system-wide disruptions reported in the second half of 2022.
According to Bank Negara Malaysia (BNM), operational risk losses remained small relative to the banking sector’s capital and profits (0.04 per cent and 0.4 per cent, respectively).
“However, a rise in the number of payment-related fraud incidents, both globally and domestically,
highlighted growing concern with cybercrimes, with more frequent attacks being observed and higher costs for affected parties as well as the wider economy,“ said the central bank in its Financial Stability Review 2nd Half 2022 (2H 2022) report, released today.
In Malaysia, a total of 19,165 cases of online banking fraud involving RM94.6 million were reported by customers of financial institutions in 2H 2022, up from the 9,735 cases totalling RM39.9 million reported in the first half of the year.
While internationally, the Financial Action Task Force (FATF) has embarked on new initiatives focusing on cyber-enabled fraud and ransomware, including the publication of reports on the latest trends and methods as well as recommendations to effectively curb ransomware activities.
In Malaysia and several other countries, national anti-scam centres have been established in an effort to centralise rapid and effective responses to online scams and together with the financial industry, the central bank has continued to intensify ongoing efforts to educate the public role in preventing fraud.
“The bank has also required all banking institutions to further tighten fraud counter measures against the increasingly sophisticated and continuously evolving nature of financial scams, which prey on social behaviours that increase vulnerabilities to fraud,“ it said, adding that as of December 2022, all major banking groups have offered alternative authentication methods, and are progressively migrating all their customers to more secure methods.
Banks also continue to refine and improve other security measures, including stepping-up verification processes for mobile device enrolment, conducting call-back verifications, continuously fine-tuning fraud detection rules to block suspicious transactions, and conducting ongoing brand monitoring to detect and take down fake websites in collaboration with the Malaysian Communications and Multimedia Commission (MCMC).
“Banks with elevated numbers of fraud cases have each appointed a senior independent director to oversee the handling of fraud and data breach incidents, and coordinate with the National Scam Response Centre (NSRC) for faster tracing and interception of stolen funds,“ it added.
Meanwhile, BNM said while operational losses from financial scams do not currently pose a risk to overall financial stability, their rising trend, left unabated, can affect public confidence in banks and payment infrastructure in more significant and uncertain ways.
The report said in 2022, over 90 per cent of financial institutions achieved substantial compliance
with the Risk Management in Technology (RMiT) standards issued by the BNM, up from the 35 per cent in 2020.
Meanwhile, it said the Real-time Electronic Transfer of Funds and Securities System (RENTAS) and major retail payment systems (RPS) continued to maintain high system availability, with no cyber incidents detected in 2H 2022.
In order to ensure high system availability, the bank and Payments Network Malaysia Sdn Bhd (PayNet), as payment system operators of RENTAS and major RPS, respectively, continued to enhance control measures to maintain a strong degree of resilience against cyber threats, strengthen the management of critical service providers (CSPs) and further improve business continuity management (BCM).
Effective Feb 10, 2023, the Real-time Retail Payments Platform (RPP) has been prescribed as a designated payment system under the Financial Services Act 2013 and Islamic Financial Services Act 2013.
This designation accords the bank with additional powers under the law to issue directives to RPP participants and assume control of the operations of RPP in specific circumstances to safeguard financial stability and the provision of critical payment services. -Bernama
