MAS to Implement E-Payments User Protection Guidelines
The Monetary Authority of Singapore (MAS) commenced a public consultation on 13 February 2018 on its proposals to enhance the protection of consumers and micro-enterprises (account holders) that adopt electronic payments (e-payments) from losses arising from unauthorised or erroneous payment transactions through their payment accounts. The proposals are part of the measures contemplated by MAS to encourage the wider adoption of e-payments.
The guidelines will apply to account holders, their accounts through which e-payments are made (e-payment accounts), the users of e-payment accounts (account users), and financial institutions (FIs) that issue e-payment accounts. Micro-enterprises qualifying for protection as account holders are businesses with fewer than 10 employees or an annual turnover of no more than S$1 million.
The MAS consultation paper focuses on three topics: liability of account holders for losses arising from unauthorised transactions and the amount of such losses; duties of account holders, account users and FIs to protect e-payment accounts; and the resolution process for erroneous payment transactions.
Liability of Account Holders
The liability of an account holder for losses arising from unauthorised transactions will depend on the extent of its account user’s contribution to the loss. The account holder will not be liable for any portion of the loss if they did not contribute to the loss. If the loss was mainly caused by the account user’s recklessness, the account holder will be liable for the entire actual loss. Liability is capped at S$100 for all lesser degrees of contribution to the loss, including negligence of the account user.
Duties of FIs, Account Holders and Account Users
FIs are required to inform account holders of their duties to protect their e-payment accounts, to provide transaction notifications at least once a day to account holders for the account holders to keep track of their transactions, to provide account users the opportunity to confirm payment transactions and the particulars of the recipients before they are executed, to provide account holders with a free reporting channel to report any unauthorised or erroneous payment transactions, to complete their investigation of claims by account holders within specified periods and to credit the account holders’ e-payment accounts during the investigations unless there are good reasons to believe that the account holders contributed to the losses and the account holders have been notified of the reasons.
ii. Account Holders
Account holders must provide complete and accurate contact details as requested by the FIs to facilitate the sending of transaction notifications, report unauthorised transactions along with details of the unauthorised transactions within a specified period and furnish a police report to the FI if required by the FI.
iii. Account Users
Account users are required to protect access codes by refraining from disclosing them unless required by the FIs for any purpose and from keeping records of the access codes. If records of the access codes are made, the account users must make reasonable security arrangements to store the records. Account users are also required to periodically enhance the security of devices used to access the e-payment accounts and to follow any security instructions provided by the FIs.
Resolution Process for Erroneous Payment Transactions
When alerted of an erroneous payment transaction complete with its details, the FI of the account holder should inform the FI of the unintended recipient of the funds within specified periods to facilitate the recovery of the funds that have been wrongly transferred.
The public consultation is due to close on 16 March 2018 and MAS intends to publish the guidelines in the coming months. A copy of the consultation paper is available here.
Originally published at http://www.orionw.com/blog/news/fintech/mas-to-implement-e-payments-user-protection-guidelines