Banks to reimburse fraud victims
A bank will be required to reimburse clients if it fails to prevent a money transfer to a fraudulent account put on the relevant database of the Bank of Russia. In accordance with the new law adopted by the State Duma, the bank shall pay the compensation within 30 calendar days after the receipt of the victim’s application.
The law also provides for a two-day cooling-off period when a bank is allowed not to transfer funds to a suspicious account and should notify its client of the dubious transaction. Thus, the person tricked by malefactors will have time to think better of the transaction and make the decision not to confirm the money transfer.
Besides, banks will be obliged to disconnect persons involved in withdrawing and cashing out of stolen funds from remote banking, if the information about their illegal operations was reported by the Russian Ministry of Internal Affairs. Currently, banks receive the information on the so-called droppers from the regulator’s database.
‘Today, banks’ anti-fraud systems help avoid a large amount of thefts from clients, but there is still a significant number of the victims. The new comprehensive approach will increase banks’ financial liability and protect people against cyber fraud more efficiently’, noted Vadim Uvarov, Director of the Bank of Russia’s Information Security Department.
The new law will become effective one year after its official publication. Over this period, all participants in information exchange will be able to enhance their automated systems and business processes.
The Bank of Russia maintains the database on actual and attempted unauthorised money transfers based on the information reported by banks and other payment system operators. This database contains a large number of parameters — unique identifiers, including data on conducted transactions, payers and payees. The information from the database is forwarded to all banks.