Cracking down on cybercrime: Industry collaboration for a secure digital banking ecosystem
In my previous two columns, I’ve talked about how Filipinos are increasingly becoming vulnerable through something that was originally created for their own convenience: digital banking. In the last few years since its mainstreaming, the number of digital fraud cases has risen, affecting people from all walks of life, all unwilling victims to the whims of increasingly bold and equally deceptive cybercriminals.
The message cannot be clearer: to get to the root of this, we—government, private organizations, and citizens—need to have a cohesive plan centered on collaborative efforts, learning from one another towards the creation of a secure and resilient digital banking ecosystem in the Philippines.
The threat against digital finance still abounds, more so as more of us shift to cashless transactions. According to the Bangko Sentral ng Pilipinas’ 2023 report on e-payments, 2.6 billion out of 5 billion monthly transactions, or more than 50 percent of retail payments were done digitally last year. But as our reliance on digital transactions grew from mere convenience to necessity, so did the kinds of illegal interference aimed at defrauding millions of Filipinos.
As we continue to safeguard ourselves and our systems against these malicious actors, they too have continually adapted, coming up with newer schemes with the same mission to extract pesos from unsuspecting consumers.
Prevalent types of cybercrimes like online selling and investment scams along with debit/credit card fraud saw a decline based on the Philippine National Police Anti-Cybercrime Group (PNP-ACG) figures for the first half of 2024. However, cybercrimes continue to hit us from every conceivable angle including on social media and telecommunication channels such as SMS and calls, where “smishing” or “phishing” conducted over text happens. These include suspicious text messages offering lucrative but too-good-to-be-true jobs, rewards, and tokens that you can claim by clicking through links.
While they may seem harmless and completely avoidable in hindsight, their economic impact is immense, amounting to about a billion pesos, according to the Department of Information and Communications Technology – Cybercrime Investigation Coordinating Center (DICT-CICC).
It is why we should treat this with utmost urgency and come up with a unified response across all sectors because cybersecurity is not the responsibility of one entity as it affects all of us.
Now more than ever, it is important to forge public-private partnerships that will harmonize the government’s and private organization’s efforts. In the Philippines, the Cybercrime Prevention Act of 2012 has provided the foundation for law enforcement as to what constitutes crime with regard to the wide-ranging applications and uses of electronic communications. Special units as well as government agencies, such as the aforementioned PNP-ACG and DICT-CICC, have been established and deployed to look into developing areas of cybersecurity concerns.
And even between private entities, information sharing is power. We can glean insights from how we, financial companies, are each safeguarding our customers from these threats. Best practices offer a wider perspective on what else can be done and where vulnerabilities lie.
Part of these efforts should also be looking at how our counterparts in the region and beyond are responding to these challenges. In countries like India where cyber fraud is also commonplace, industry leaders are investing in technological interventions that block malware from dubious links sent via SMS. Meanwhile, in Singapore, facial recognition as an additional layer of security on top of multi-factor authentication is being added to banking apps to safeguard accounts.
But the adoption of new technologies especially in banking should also come with a healthy dose of skepticism, recognizing that while emerging technologies can be beneficial, they can also introduce new cyber risks.
Locally, across banking entities, investments in cybersecurity are also being ramped up as the country ranks high in the number of financial-related phishing attempts in Southeast Asia based on a 2023 report by cybersecurity firm Kaspersky. This is supplemented by consumer education, something we at CIMB put a premium on recognizing early that cybercriminals tend to attack at the consumer level, where it is easiest.
It is also why time and again, we also remind our valued customers that the safety of their money is also in their hands. They are the first defense against digital attacks. As trusted banking institutions, it is up to us to do our best to equip our consumers with the knowledge that can help shield them but it is also ultimately up to them to put those into use. We regularly put out reminders to keep you abreast of the next steps they can take as we implement new strategies against online threats.
At CIMB, we also encourage those who fall victim to these scams to report them through the various channels open at all times. Doing so is not only helpful in the timely resolution of the incident but also in tracking trends and information about how cybercriminals are behaving, what tricks they employ, and how we can respond to those to ensure that it doesn’t happen to the next consumer.
Remember, cybersecurity is a shared responsibility.
About the author
Vijay Manoharan is CEO of CIMB Bank Philippines—a digital-only commercial bank providing innovative mobile-first digital banking solutions and services. Named by Forbes as the number 1 Bank in the country in its 2023 World’s Best Banks ranking, CIMB PH is also part of the CIMB Group, one of ASEAN’s leading banks present in over 16 global markets.
Read more about the bank’s products and services on www.cimbbank.com.ph