Blog
Financial Scams on the Rise: Fraud-Proof your Financial Account through AFASA
Over the years, increased business activity across varying sectors has driven robust growth in the country’s financial system.1 A key factor in this progress is the rise of digital banking and financial services which reached previously underserved segments.2
With the advent of digital banking and services, however, came the alarming surge in cyber financial scams. In 2023, there was a seventeen percent (17%) increase in digital fraud attacks in the financial services sector, which include both human and automated bot attacks, new creation attacks, and payment fraud.3 In one instance, borrowers were harassed, humiliated, and threatened for the late payment of their loans, which they obtained through social media, charging a weekly interest of thirty-five percent (35%).4 Worse, scammers have already entered legitimate message threads for e-wallet services such as Gcash and Maya,5 preying on unsuspecting users.
With the proliferation of ingenious fraudsters, institutions6 are called to devise ways to deter these illegal activities. Acknowledging such need to protect the public from cybercriminals and criminal syndicates who exploit financial accounts for fraudulent activities, the government enacted the Republic Act No. 12010, otherwise known as the Anti-Financial Account Scamming Act (“AFASA”). Below are the salient provisions of AFASA.
Prohibited Acts
The prohibited acts under AFASA are as follows:
- Money Muling Activities are activities performed to handle proceeds from crime, which include using, borrowing, or allowing the use of a financial account7, buying, renting, selling, or lending a financial account, or opening a financial account under a fictitious name or using the identity or identification documents of another.8
- Social Engineering Schemes are schemes used to fraudulently obtain sensitive information to gain unauthorized access and control over another’s financial account, which include misrepresenting oneself as acting on behalf of an institution, or making false representations or using electronic communications to get sensitive identifying information.9
- Economic Sabotage where money muling activities are committed in specific circumstances, which are conspiracy by a group of three (3) or more persons, committed against three (3) or more persons individually or as a group, through a mass mailer, or through human trafficking.10
- Other prohibited acts include willful aiding or abetting in the commission or willful attempt to commit of any of the aforementioned offenses, or opening a financial account under a fictitious name or using the identity or identification documents of another, or buying, renting, selling, or lending a Financial Account.11
Powers of BSP under AFASA
- Temporarily hold funds – Institutions may hold funds involved in disputed transactions for a period prescribed by the Bangko Sentral ng Pilipinas (BSP) not exceeding thirty (30) days, unless further extended by a court.
A transaction is considered disputed if there is reasonable ground to believe that it appears to be:
- Unusual;
- Without clear economic purpose;
- From an unknown or illegal source, or unlawful activity; or
- Facilitated through social engineering schemes
- Issue rules and regulations – BSP has the power to prescribe rules and regulations for the temporary holding of funds, which may include circumstances under which such authority may be exercised, grounds, procedure, and duration for holding of funds, notification period to BSP, release of subject funds, verification and validation processes, and permissible actions by institutions and account owners during the holding period.12
- Investigate and inquire into financial accounts – BSP has the power to investigate financial accounts linked to acts constituting an offense under AFASA. Such power is not limited and covered by Revised Non-Stock Savings and Loan Association Act of 1997 (R.A. No. 8367), and confidentiality laws, including Secrecy of Bank Deposit (R.A. No. 1405), Foreign Currency Deposit Act of the Philippines (R.A. No. 6426), and Data Privacy Act (R.A. No. 10173). Further, no court below Court of Appeals may enjoin BSP from exercising this authority. 13
- Apply for cybercrime warrants and related orders – BSP has the power to apply for cybercrime warrants and issue orders in relation to Cybercrime Prevention Act (R.A. No. 10175) concerning electromagnetic communications used in violation of AFASA, and request assistance from NBI and PNP in the implementation of the warrants and orders.14
- Share information on financial accounts – BSP has the power to issue rules on sharing and disclosing information with authorities. Shared information can only be used in investigating and prosecuting violations of AFASA.15
Responsibility of Institutions
Institutions must implement risk management systems and controls such as multi-factor authentication (MFA), fraud management systems (FMS), and other account owner enrollment and verification processes, which must be proportionate to the size, nature, and complexity of the institutions’ operations.
Acknowledging the need to protect the public from cybercriminals and criminal syndicates who exploit financial accounts for fraudulent activities, the government enacted the Republic Act No. 12010, otherwise known as the Anti-Financial Account Scamming Act (“AFASA”) which regulates the use of financial accounts and prevents their use in fraudulent activities.An institution that fails to hold disputed funds is liable for the resulting loss or damage, including restitution to the account owner.16 Further, an institution that improperly holds disputed funds or exceeds the allowable holding period shall be subjected to Republic Act No. 7653 (New Central Bank Act), in addition to liabilities under existing laws.17
There is a solution
If you have fallen victim to a financial scam or cyber attack, or are even experiencing harassment and threats as result thereof, rest assured that legal remedies are available to protect your rights. Depending on the totality of facts, remedies vary and range from civil actions for damages and recovery of losses to criminal actions such as estafa. Cases may also be filed under special laws such as the Securities Regulation Code, Cybercrime Prevention Act, Anti-Money Laundering Act, Access Devices Regulation Act, and AFASA. Having access to these remedies can help you recover your losses, hold perpetrators accountable, and prevent further harm.
For expert and prompt legal assistance, do not hesitate to contact us.
Prepared by Reinalyn Domasig.
FOOTNOTES
- BusinessWorld, Philippine financial system resources up 8.8% at end-November available at https://www.bworldonline.com/top-stories/2025/01/17/647317/philippine-financial-system-resources-up-8-8-at-end-november/(last accessed 02 February 2025).
- Id.
- Fintech New Philippines, Digital Fraud Attacks Rise 17% in Financial Services, Driven by Payment and Account Creation Fraud available at https://fintechnews.ph/64678/studies/fraud-attacks-financial-services-payment-account-creation-fraud/(last accessed 02 February 2025).
- CNA, Philippines arrests 100 suspects in online scam farm raid available at https://www.channelnewsasia.com/asia/philippines-arrests-100-suspects-online-scam-farm-raid-4908471 (last accessed 02 February 2025).
- Philippine News Agency, CICC warns of scam SMS in e-wallet services, available at https://www.pna.gov.ph/index.php/articles/1237296 (last accessed 29 January 2025).
- Institutions refer to banks, non-banks, other financial institutions, payments and financial services providers under the jurisdiction of the Bangko Sentral ng Pilipinas (BSP), R.A. Act No. 12010, Sec. 3(f).
- Financial Account refers to accounts used to avail products or services offered by institutions, including but not limited to interest or non-interest-bearing deposit and e-wallet, R.A. Act No. 12010, sec. 3(d).
8. Sec. 4(a), R.A. No. 12010.
9. Sec. 4(b), R.A. No. 12010.
10. Sec. 4(c), R.A. No. 12010.
11. Sec. 5, R.A. No. 12010.
12. Sec. 7, R.A. No. 12010.
13. Sec. 12, R.A. No. 12010.
14. Sec. 13, R.A. No. 12010.
15. Sec. 14, R.A. No. 12010.
16. Sec. 9, R.A. No. 12010.
17. Sec. 10, R.A. No. 12010.