Business / Companies
Banks to be held responsible for fraudulent use of cards
05 Jul 2017 at 07:15hrs | Views
FINANCIAL institutions will be held responsible for any fraudulent or unauthorised transactions carried out without the knowledge of a credit or debit card holder.
The Reserve Bank of Zimbabwe (RBZ) last week announced the Consumer Protection Framework which stipulates that a regulated entity should ensure cards are issued and delivered to the consumer named on the card, or to an authorised person.
"A regulated entity should not issue a credit card or increase a credit card limit except upon customer's request and/or consent, in written or electronic form," RBZ said.
"The issuing entity is responsible for any fraudulent or unauthorised transactions carried out without the knowledge of the card holder, whether made before or after the cardholder informs the banking institution, except in cases where the financial services provider proves the cardholder's responsibility for these transactions."
Cases of fraudulent use of credit cards were becoming rampant in the country. Only on Monday, a restaurant owner and five other suspects appeared before the courts where $6 000 was illegally transferred into various bank accounts using cloned bank cards.
Under the Consumer Protection Framework, banks will solely be responsible for such practices unless they can prove the client's own negligence.
However, banking sources say that some financial institutions were not happy with this stipulation which was facing resistance.
Compensation for bank cardholders was also stated under the Internet, Mobile Banking and ATM Banking Services section within the framework.
"A regulated entity should take appropriate measures to ensure that all online banking channels are safe and secure. The regulated entity should compensate the customer of any loss concerning liability of the provider of service," RBZ said.
"A regulated entity providing internet and mobile banking should have in place a security program that ensures:
data privacy, confidentiality and data integrity; authentication, identification of counterparties and access control; non-repudiation of transactions; a business continuity plan; and the provision of sufficient notice when services are not available."
Financial expert Persistence Gwanyanya told NewsDay yesterday that with the increase of electronic payments and transactions banks needed to strengthen their security.
"It may not go well with them because they have not invested in efficient infrastructure but it will compel them to do so in the future which I think is only fair for the consumers," he said.
The Reserve Bank of Zimbabwe (RBZ) last week announced the Consumer Protection Framework which stipulates that a regulated entity should ensure cards are issued and delivered to the consumer named on the card, or to an authorised person.
"A regulated entity should not issue a credit card or increase a credit card limit except upon customer's request and/or consent, in written or electronic form," RBZ said.
"The issuing entity is responsible for any fraudulent or unauthorised transactions carried out without the knowledge of the card holder, whether made before or after the cardholder informs the banking institution, except in cases where the financial services provider proves the cardholder's responsibility for these transactions."
Cases of fraudulent use of credit cards were becoming rampant in the country. Only on Monday, a restaurant owner and five other suspects appeared before the courts where $6 000 was illegally transferred into various bank accounts using cloned bank cards.
Under the Consumer Protection Framework, banks will solely be responsible for such practices unless they can prove the client's own negligence.
Compensation for bank cardholders was also stated under the Internet, Mobile Banking and ATM Banking Services section within the framework.
"A regulated entity should take appropriate measures to ensure that all online banking channels are safe and secure. The regulated entity should compensate the customer of any loss concerning liability of the provider of service," RBZ said.
"A regulated entity providing internet and mobile banking should have in place a security program that ensures:
data privacy, confidentiality and data integrity; authentication, identification of counterparties and access control; non-repudiation of transactions; a business continuity plan; and the provision of sufficient notice when services are not available."
Financial expert Persistence Gwanyanya told NewsDay yesterday that with the increase of electronic payments and transactions banks needed to strengthen their security.
"It may not go well with them because they have not invested in efficient infrastructure but it will compel them to do so in the future which I think is only fair for the consumers," he said.
Source - newsday