The Banking Ombudsman says almost a third of its annual investigations related to scams, in which victims' average losses were $57,000.
This news comes from the Banking Ombudsman's annual report, issued on Tuesday.
The Ombudsman, Nicola Sladden, found complaints about scams were increasing at a worrying rate.
"The Banking Ombudsman Scheme’s annual report shows customer complaints about scams rose 43% on the previous year, making up 625 of the 3,513 complaints received in 2022-23. Nearly a third [32%] of all complaints formally investigated were about scams, and the average loss was $57,000. Phishing and investment scams predominated," Sladden said.
Sladden said there had been an increase in sophisticated, unauthorised payment scam cases in which customers were duped into entering their banking credentials into fake websites.
Sladden said introducing confirmation of payee technology, or name and account number checking, would be a game-changer.
Confirmation of payee lets a customer check whether the name of the recipient's account matches the name and account details provided by the customer.
One high-profile scam which is estimated to have cost victims millions, saw payments made to ASB accounts in New Zealand when the payments were meant to go to a Citibank account for a faked term deposit scheme.
On Friday, the New Zealand Banking Association (NZBA), which represents the banking sector, said it would “instigate” an industry-wide confirmation of payee account checking service.
Sladden said she supported the urgent implementation of this fraud detection system.
Critics of the banking sector say New Zealand banks have taken too long to bring in confirmation of payee and left systemic gaps for scammers to exploit.
Confirmation of payee was introduced in the United Kingdom in 2020, and large UK banks Lloyds said it had helped to reduce bank transfer scams by 31% within the first few months.
Parliament’s Finance and Expenditure Committee recommended banks bring in confirmation of payee in a report published in August. It also recommended banks look at a voluntary scheme to reimburse victims who are tricked into making payments to scammers, called authorised payment scams.
At present NZ banks do not routinely reimburse people who have authorised a payment to scammers, although some were offering partial settlements and requiring customers to sign non-disclosure agreements.
Consumer NZ said NZ banks needed to move quickly to bring in confirmation of payee, and should from now reimburse authorised payment scam victims, because the banks had admitted they could do more to protect their customers by introducing confirmation of payee.
Sladden said there was currently no contractual or legislative requirement for a bank to check whether the name of the recipient’s account matches the name and account details provided by the customer.
She said there had been an increase in sophisticated unauthorised payment scam cases in which customers were duped into entering their banking credentials into fake websites.
"In one of the cases highlighted in our annual report, the customer genuinely believed she was giving payment authorisation codes to the bank, and there was nothing suspicious about the website that would have alerted a reasonable customer to the fact it was a fake.
"We did not consider she had acted negligently or breached the terms and conditions of her account by entering her details and the codes from her bank into the fake website.”
Sladden said the bank’s text and email warnings in this case were not sufficiently explicit.
The bank had reimbursed the customer for the full amount lost, nearly $30,000.
One anti-scam centre to bust them all?
Sladden said the continual emergence of new and more sophisticated scams was a key factor in the rise of complaints.
She said the banking sector, along with other organisations, must take a more coordinated and unified approach to the problem, pointing to Singapore's lauded national anti-scam centre.
"The Singaporeans have shown how beneficial such an approach can be. Their recently established anti-scam centre, made up of representatives from 80 stakeholders, has disrupted scams with great success through skillful intelligence-gathering and the clever use of technology."
As part of the banking industry's Friday announcement, the NZBA said the industry supported a national anti-scam centre, would remove hyperlinks from text messages and would work together to freeze mule accounts, used to siphon stolen money from victims.
The Ombudsman has estimated financial losses for scams in excess of $200 million, but we don't really know the size of the issue.
A recent poll by Horizons found New Zealanders were experiencing a "major crime wave via their banks".
Horizon found fraud and theft via bank accounts and cards was running at twice the rate of losses via cybercrime, where internet devices were accessed without permission.
In the past 12 months, 10% said they had experienced fraud or theft involving a bank account, while 13% said they have had someone use a bank card, credit card, cheque or other document without permission to commit fraud or steal from them.
A further 7% said they had been a victim of cybercrime, with a device accessed without permission.
Horizon polling showed 80% of fraud victims had lost up to $5000, 54% said they lost up to $500. The majority, 83%, said banks should do checks to make sure names and account numbers match. Horizon said 43% of the respondents felt they were being let down by their banks.
The survey also found that 73% of Kiwis believed banks should fully compensate scam victims if they should have spotted that the transaction was suspicious. Horizon polled more than 1000 people.
An August Horizon poll found New Zealanders were experiencing fraud or theft from their bank accounts at the rate of 5,200 cases per week.
The Government's Computer Emergency Response Team's latest quarterly report said 1,950 incidents had been reported to it, with 409 cyber security incidents where a financial loss was reported.
Cert NZ said direct financial losses totalled $4.2 million in the second quarter of 2023, a 27% decrease compared to last quarter. It said 57% of those cyber incidents saw financial losses below $500, 13 reported losses of $100,000 or more.
*The chart below comes from the Banking Ombudsman's annual report.
9 Comments
It would be interesting to know the ages of the victims. There are at least two generations out there that didn't grow up with any of this sort of technology, and a large number of those will *never* understand how it all works. Trying to explain to my aged mother even the simplest things about internet banking is hard enough - explaining all the subtle nuances that are red flags for scam and fraudulent sites is nigh on impossible.
It's great that banks are cutting costs by closing branches - but it must be noted that this is at the expense of the large swathe of people who have zero clue about computers and software and just want to show up to the bank and have the expert make the transactions.
Nothing annoys me more than the banks who are making billions on dollars close their branches. Especially as there are still sooo many things that they still require you to go to a branch to do things. Ie close a bank open you opened online by accident.
ASB has only one branch from the entire Manawatu.160,000 people. The sole branch is in the mall and has just 2 tellers.
What 2 generations, boomers and who else? I am gen X and we definitely had internet technology I was in my late teens. I was programing in my early teens, I know far more about tech than my children (well I am a software engineer) but most people my age are quite capable of dealing with technology. In fact I find the younger generation in general understand tech less since its so easy to use that they don't have to really understand how it works under the hood.
In general scams are not about technology, but manipulating people psychologically, even boomers know to not to transfer money into a scammers account, the problem is they didn't think they where a scammer in the first place.
On another note while I do think name account verification is a good thing, I don't think its a game changer, scammers will just move on, it may of stopped 31% of scams in the first month but scams will just develop to get around it.
I didn't it was quite clear to me, if you didn't enter the right name exactly it still went through, so couldn't be. It should have been of course but so should bank transfers that are instantaneous, but look at how long its taken for them just to get 7 day a week transfers, it seems the still run batches just more often.
It actually shows how little banks are investing, sure they invest in making their web site prettier, but the underling technology hell no.
Note I used to do software development for a bank and I would not be at all surprised if some of them still have COBOL programs running their back end.
"Convenience" costs money. Oh for the days of physical cash, when you could look the payee in the eye, rather than send your digital cash to the DPRK give a little fund for ballistic nuclear munitions research, while expecting those nice shoes from screwmegood.com.
Perhaps the banks are told to donate a few million to these guys on top of a $200m reimbursement fund, call it a we're big and slow and don't care tax.
We welcome your comments below. If you are not already registered, please register to comment.
Remember we welcome robust, respectful and insightful debate. We don't welcome abusive or defamatory comments and will de-register those repeatedly making such comments. Our current comment policy is here.