Close Menu
Invest Intellect
    Facebook X (Twitter) Instagram
    Invest Intellect
    Facebook X (Twitter) Instagram Pinterest
    • Home
    • Commodities
    • Cryptocurrency
    • Fintech
    • Investments
    • Precious Metal
    • Property
    • Stock Market
    Invest Intellect
    Home»Fintech»What You Need to Know about Singapore’s Upcoming Shared Responsibility Framework
    Fintech

    What You Need to Know about Singapore’s Upcoming Shared Responsibility Framework

    October 28, 20246 Mins Read


    Free Newsletter

    Get the hottest Fintech Singapore News once a month in your Inbox

    The Monetary Authority of Singapore (MAS) and the Infocomm Media Development Authority (IMDA) will implement the Shared Responsibility Framework (SRF) for phishing scams on 16 December 2024.

    The SRF, to be implemented via a set of SRF Guidelines, aims to strengthen the direct accountability of financial institutions (FIs) and telecommunications companies (telcos) for phishing scam losses.

    The guidelines specify that responsible entities will bear scam-related losses arising from any failure to fulfill their designated duties, using a “waterfall” approach to determine liability.

    By holding these entities accountable, the SRF enhances consumer protection and provides clear avenues for victim recourse in cases of phishing-related losses.

    MITB FNN

    Entities and Types of Scams Covered Under the Shared Responsibility Framework

    The SRF applies to all full banks, major payment service providers (PSPs), and telcos with major roles in safeguarding consumers’ financial and communication activities.

    The framework specifically addresses phishing scams with a clear connection to Singapore, targeting scams where perpetrators impersonate local or international entities serving Singapore residents.

    While the SRF covers common phishing scams involving impersonation and unauthorized transactions, it does not include scams involving authorized transactions, such as investment scams and love scams.

    Additionally, MAS has excluded phishing scams conducted through non-digital means, as these are addressed through public education and advisories that stress not sharing credentials or one-time passwords (OTPs).

    The SRF’s liability provisions do not extend to transactions involving credit cards, charge cards, or debit cards issued in Singapore.

    Responsibilities of FIs, PSPs, and Telcos in Combating Scams

    Under the SRF, MAS and IMDA have established specific duties for FIs, PSPs, and telcos, designed to directly combat phishing scams.

    The final framework includes the originally proposed duties and introduces a new fraud surveillance duty for FIs in response to public feedback.

    Duties of FIs and PSPs

    FIs and PSPs must implement several anti-scam measures to prevent unauthorized access and detect phishing threats.

    A 12-hour cooling-off period is required for the activation of digital security tokens and new device logins to e-wallets, reducing the risk of unauthorized access.

    FIs and PSPs must also send real-time alerts for high-risk actions, such as new device logins, contact detail changes, transaction limit increases, and the addition of new payees, allowing consumers to respond swiftly to suspicious activity.

    Additionally, both FIs and PSPs are mandated to provide a 24/7 self-service “kill switch,” accessible by phone or app, enabling consumers to block account access if unauthorized activity is suspected.

    In response to feedback, MAS has introduced a new fraud surveillance duty specifically for FIs.

    This duty requires FIs to conduct real-time monitoring to detect unauthorized transactions linked to phishing scams.

    If an account is rapidly drained, FIs are expected to either block the transaction until they confirm with the customer or place a 24-hour hold on the transaction.

    FIs have a six-month transition period to comply with this new duty before it becomes enforceable under the SRF.

    Telcos’ Duties

    Telcos play a key role in securing SMS channels used in digital banking. They are required to connect only with authorized SMS aggregators, block unauthorized SMS sources, and implement anti-scam filters that use machine learning to detect and block malicious URLs in SMS messages.

    Compliance will be assessed based on telcos’ ability to block SMS messages containing URLs flagged by the police as malicious.

    Recognizing the limitations of SMS—such as potential delivery issues due to network or device conditions—IMDA also recommends a multi-channel notification approach to enhance security across platforms.

    Determining Compensation With the Waterfall Approach

    The SRF employs a “waterfall” approach to assign responsibility for losses from phishing scams.

    This approach prioritizes FIs as the primary entities responsible for compensating victims when SRF duties are breached.

    If both FIs and telcos fail in their responsibilities, FIs are first in line to cover losses, with telcos bearing secondary responsibility.

    This structure establishes a fair and clear framework for compensation, balancing accountability between financial and telecommunications providers while encouraging vigilance across both sectors.

    Four Stages of SRF Claim Investigations

    The SRF outlines a structured, four-stage process to streamline claims for consumers impacted by phishing scams, with refinements based on consultation feedback:

    Claim Stage:

    To initiate an SRF claim, consumers must report the phishing scam to their FI within three days, providing a valid email, a police report, and, if available, digital communication records (such as SMS, emails, or WhatsApp).

    FIs and telcos may request further details but will accommodate victims’ limitations in providing comprehensive information.

    Investigation Stage:

    FIs lead the investigation, coordinating with telcos if SMS-based scams are involved.

    Both FIs and telcos will conduct concurrent and independent investigations, with a target of completing straightforward cases within 21 business days and more complex cases within 45 business days.

    While FIs act as the main contact, telcos may assist with specific queries, ensuring collaboration and timely responses.

    Outcome Stage:

    MAS and IMDA have mandated a single communication chain for SRF claims to ensure clarity and consistency, addressing public feedback for a streamlined process.

    Recourse Stage:

    For cases outside the SRF scope or without duty breaches, consumers can pursue mediation with the Financial Industry Disputes Resolution Centre (FIDReC) or seek civil action through the courts.

    Source: MAS’ Response to Consultation Paper on Proposed Shared Responsibility Framework

    E-wallet Inclusion in the Framework

    With the raised regulatory “stock” and “flow” caps as of 15 December 2023, allowing larger amounts to be held in and transferred through e-wallets, MAS requires e-wallet providers holding a major payment institution (MPI) license to participate in the SRF.

    This inclusion acknowledges the increased risk of significant losses from e-wallets and mandates robust consumer protection controls.

    Major e-wallet providers are also required to join FIDReC, giving users access to mediation and adjudication services for SRF-related disputes, similar to protections available to bank account holders.

    Ongoing Anti-Scam Efforts

    The SRF is part of a broader, evolving strategy against scams in Singapore, as MAS, IMDA, and industry partners continue to strengthen defenses against phishing and other scam types.

    In addition to the SRF, MAS and IMDA have been working on strengthening digital security to protect consumers.

    Hern Shin Ho
    Ho Hern Shin

    Ho Hern Shin, Deputy Managing Director (Financial Supervision), MAS, said,

    “With the addition of a new fraud surveillance duty, some retail customers may experience more inconvenience when conducting larger value transactions. This additional friction is necessary to protect customers against large unauthorised transactions.

    Beyond the SRF, we are studying stronger, out-of-band authentication solutions, such as the use of Fast IDentity Online (FIDO)-compliant tokens, to enhance defences against unauthorised phishing transactions.”

    A FIDO-compliant token is an authentication device that must be in close proximity to the user’s device when conducting a transaction, adding another layer of protection against unauthorized access.

    Aileen Chia
    Aileen Chia

    Aileen Chia, Deputy Chief Executive (Connectivity, Development & Regulation), IMDA, said,

    “IMDA has worked closely with the telcos to secure the SMS channel, an official channel adopted by FIs for digital banking, through the implementation of measures such as the mandatory SMS Sender ID Registry and anti-scam filter.

    These measures resulted in over 20 million SMSes being blocked since 2023. IMDA and telcos will continue to play our part in strengthening the ecosystem against scams.”

    Featured image credit: Edited from Freepik





    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    Secret Fintech Payments Cloud $725 Million Facebook Class Action Settlement

    Fintech

    CM launches initiative to boost fintech, insurtech education | Bhubaneswar News

    Fintech

    Fintech, compliance and sustainable growth

    Fintech

    FundedNext expands access to global markets with fintech innovation

    Fintech

    The Gaps In RBI’s “Build It All, But Responsibly” Vision For AI In Fintech

    Fintech

    HSBC invests in Chinese cross-border fintech firm Dowsure

    Fintech
    Leave A Reply Cancel Reply

    Top Picks
    Commodities

    Launac. Les métalleux en folie pour le Galem Fest

    Cryptocurrency

    Should African central banks pursue digital currencies?

    Commodities

    la préfecture prend un arrêté

    Editors Picks

    Hong Kong family office VMS Group makes first foray into cryptocurrency

    June 23, 2025

    NCB busts top darknet-based drug vendor; seizes drugs and cryptocurrency

    July 1, 2025

    Montana’s annual Clean Energy Fair

    August 24, 2024

    Stock market today: Wall Street sees little movement as GM surge offsets losses

    October 23, 2024
    What's Hot

    Solum Global Inc. and DEBAARS Announce Strategic Joint

    July 26, 2024

    Trending Cryptocurrency Tokens on Avalanche Chain Today – rLoop, ArenaToken, Pharaoh

    June 12, 2025

    Renewables Producing More Energy Than Coal in the US for the First Time

    August 19, 2024
    Our Picks

    Blezek Awards Aim to Keep Agricultural Education Teachers in Nebraska – KCSR / KBPY

    October 19, 2024

    Here’s what happened in crypto today — TradingView News

    October 27, 2024

    Fintech developments in the Philippines

    October 11, 2024
    Weekly Top

    Morocco Strategic Minerals Reports High Copper Values at Tifernine

    August 23, 2025

    Konami Plans All-New Metal Gear Solid Games Without Kojima

    August 23, 2025

    Lindsay Lohan turns heads in silver strapless top as she stuns fans with surprise appearance at Freakier Friday theatre showing in NYC

    August 23, 2025
    Editor's Pick

    Ero Copper Corp. : Desjardins est neutre sur le titre

    April 4, 2025

    Live: Internet outage latest | Airlines, businesses, border crossings hit by global tech disruption

    July 20, 2024

    Killington Resort Makes Investments In Energy-efficient Snowmaking 

    October 16, 2024
    © 2025 Invest Intellect
    • Contact us
    • Privacy Policy
    • Terms and Conditions

    Type above and press Enter to search. Press Esc to cancel.