Senators confident BSP can avert cyber threats

The chairman of the Senate Committee on Banks, Financial Institutions and Currencies is relying on regulators of the Bangko Sentral ng Pilipinas (BSP) to strictly enforce adequate measures to protect people’s money in the wake of last week’s bank mishaps at Banco de Oro (BDO) and Bank of the Philippine Islands (BPI).

After reviewing the two banks’ protocols, Sen. Francis G. Escudero expressed confidence that the banking sector, with BSP’s guidance, can “guarantee stakeholders such incidents can be handled properly, and that measures to protect the people’s money are in place.”

Interviewed after Monday’s hearing, Escudero said he was prodding regulators to also ensure strict compliance in the implementation of the Europay Mastercard Visa (EMV) technology, referring to what was billed as a more secure chip-based technology than the traditional magnetic stripe in old credit cards.

He acknowledged, however, that due to the magnitude and complexity of the EMV migration process, the BSP opted to extend the deadline of compliance from January 1, 2017, to June 30, 2018.

The BSP earlier assured the shift to EMV technology will help in preventing and detecting  automated teller machine (ATM) skimming transactions, warning that in case of fraud or ATM skimming, banks that are not yet EMV compliant will bear the loss and not the depositor.

In urging the banking sector to beef up its cyber-security measures to deter threats to online banking, Escudero asserted the need to “uphold the public’s confidence and trust in our country’s banking industry, and ensure that their financial transactions are protected from different forms of fraud and theft, may it be online or not”.

The senator said the banking sector should be “reliable and well-equipped to prevent cyber attacks” and immediately address and resolve internal system malfunctions.

Senators called the public hearing on the state of the banking system in the Philippines after two of the biggest banks in the country recently experienced an internal system error and fraud incidents.

But Escudero, at the outset, made it clear that the aim of the Senate inquiry is to inform the public of what really happened, in order to avert speculations with respect to BPI and BDO operations.

The probe was prompted by reports that BPI,  on June 7, received information from bank clients regarding insufficient and incorrect balances from their respective accounts, which were reported on social media, causing panic and fear among other account holders.

BPI, however, explained to the Senate Committee what actually transpired was only an “internal data-processing error” and assured that their system was not hacked. Senators were told that after an internal investigation, BPI officials found out the incident was “due to human error”. It was explained that the account balance discrepancies were traced back to transactions from April 27 to May 2 that were posted twice, in which “some were debited and some were credited from the accounts.”

Escudero noted that according to BPI, 2.9 million transactions were affected, but the bank was able to resolve the issue within 37 hours, adding that the “mispostings” in the accounts of their customers have been corrected, and their online- and mobile-banking services have all been reactivated.

“Whether due to human error or system glitch, we shouldn’t let these kinds of incidents compromise the credibility and integrity of our banking sector,” Escudero asserted, even as he noted that barely a week after the BPI fiasco, BDO also encountered problems after bank clients reported “unauthorized withdrawals” from their accounts.

Turning Points 2018
Suntrust banner2