5. Scams
   1. Australians are increasingly being exposed to scams through digital platforms, online banking and social media. Scams have become a perennial challenge for the banking sector as they increase in sophistication, with Australians experiencing significant financial losses and emotional distress. Scam activity also has a significant impact on the broader economy, with Australians having lost over $2.7billion to scams over 2023.[1] Total scam losses were growing materially year on year until 2023 when they fell 13 per cent.[2]
   2. The banks play a crucial role in combating scams by implementing advanced security measures, educating customers about potential risks and continuously monitoring transactions for suspicious activity. As part of this inquiry, the Committee considered actions being taken by the banks to protect customers from scams and how these compared to actions taken overseas.
   3. It should be noted that considerable progress has been made in relation to reducing scam losses by the Government and banks. This has included the establishment of the National Anti-Scam Centre and considerable investment by banks in their IT, systems and governance.
   4. However, some concerns have been raised regarding the banks’ approach to scams. ASIC’s recent report into anti-scam practices concluded that while the banks recognised the significance of scams, their overall approach was ‘highly variable and, overall, less mature’ than expected. Key observations included that:

• The banks detected and stopped a low proportion of scam payments made by their customers (approximately 13 per cent of scam payments).
• The rate of reimbursement and/or compensation varied, but was low across the banks and ranged from 2 to 5 per cent.
• The banks had inconsistent and narrow approaches to determining liability for scam losses.
• There were gaps and inconsistencies in the abilities of the banks to detect and stop scam payments.
• Steps by the banks to help prevent customers becoming victims showed a great degree of variability.[3]
  5. The Committee heard evidence from the banks on investments being made in technology to prevent and detect scams, including evidence on their positive impact to date as well as limitations in the case of romance and investment scams originating on social media. The banks expressed concern regarding the lack of mandatory codes establishing obligations for all major stakeholders—particularly large social media platforms, from which a significant percentage of scams originate—and discussed the importance of effective cross-sector intelligence sharing to counter all forms of financial crime.
  6. The Committee also heard the banks’ views about models for reimbursing bank customers for scam losses, including their scepticism about the mandatory reimbursement model in place in the UK. The banks argued that the UK’s recent performance in reducing scam losses is inferior to Australia’s, though the available data is not precisely comparable. They moreover stressed the value of having telecommunications companies and digital platforms share responsibility for any future reimbursement obligations.

Prevention and disruption technology

5.7The Committee heard extensive evidence on individual banks’ investments in anti-scam technology, and on the challenges to implementing this technology to counter evolving and increasingly sophisticated scams. The Committee also heard about steps by the broader banking sector to protect consumers. The Scam Safe Accord, announced in November 2023, is a comprehensive set of anti-scam measures, launched by the ABA and the Customer Owned Banking Association. The initiatives focus on disruption, detection and response and include:

• a new $100 million industry-wide ‘confirmation of payee’ system
• biometric checks and other controls for new online accounts
• increased warnings, payment delays and security questions
• shared scams intelligence across the banking sector with the Australian Financial Crimes Exchange (AFCX) and Fraud Reporting Exchange (FRX)
• limits on high-risk payment channels
• implementation of an Anti-Scams Strategy.
  8. One of the most significant initiatives of the Scam-Safe Accord is the roll-out of industry-wide ‘confirmation of payee’ technology for bank transfers. This technology, expected to be available across the industry over 2024–2025, will review the destination account details entered by a customer against available information, and provide customers with a rating of how accurately the account name they entered matches the actual name of the destination account. This technology will add a layer of protection in the prevention of scams and fraud resulting from misdirected payments, as well as reducing mistaken payments by customers.[4]
  9. In 2023, CBA was the first bank to introduce confirmation of payees through its NameCheck technology, and has since provided the platform to other domestic and global financial institutions.[5] CBA told the Committee that in the first three months, the technology saved customers over $11 million in mistaken payments.[6]
  10. The banks expressed firm support for the roll-out of confirmation of payee technology as an additional layer of scam protection. Westpac said the technology would be ‘game changing’ once implemented across the whole industry.[7] ANZ highlighted that Australia would be one of only a few countries with this technology, and that it was ‘extraordinarily complex’:

On that one—confirmation of payer ID—the industry is going to get there in the middle of next year. I would just point out that's one of those things that sounds really easy. It's extraordinarily complex. In fact, Australia will end up being one of only three or four countries in the world that has that capability. It's not like we're behind. We'd actually be ahead by having that. We'll do it, and we'll spend a lot of money to make sure that we're there as an industry, including ANZ, because it's the right thing to do, and it will help.[8]

5.11The banks reported a range of other anti-scam measures recently implemented to protect customers, including ‘safe call’ technology—such as CBA’s CallerCheck—which allows customers to verify whether a caller claiming to be from the bank is legitimate.[9] Other technologies include prompts and questions during transactions for customers to verify legitimacy, blocking transactions that involve cryptocurrencies, and deliberate payment delays.[10]

5.12Various banks highlighted their progress implementing biometrics as part of their broader anti-scam infrastructure. Biometrics are unique physical or behavioural characteristics used to verify identity. They can help prevent scams by ensuring that only the intended customer can access sensitive information or undertake transactions. ANZ, for example, highlighted the investment and approach it was taking to implement biometrics:

Our new platform…called ANZ Plus, is really designed around using biometrics—using selfies and biometrics which actually interrogate, 'Hey, is this the way that this customer holds their phone? Is this the way they type? Do they normally type at that speed?'—all of those things that say, 'Is that really is this person?' We're investing a lot in technology to make the bank safer in general, and we want to be the best that we can be rather than saying, 'Let's do the minimum we need to do just to catch up to a CBA or Westpac.'[11]

5.13NAB also shared its experience with biometrics, noting that it had invested in the biometrics company BioCatch to identify fraudulent activity:

…we're actually not just looking at what one would traditionally look at, which is geolocating the device to make sure that it's not in a high-risk country; we're actually looking at how the device is used by the human. So, if the usage of the device is different on a payment than what our historic usage suggests, and even how you hold the device will create a learning for us to investigate a payment. If you're pausing differently when you're entering credentials to how you've done it in the past, we will have a look at that payment. We're putting in very sophisticated layers of protection for our customers and we're going to continue to work hard at this.[12]

5.14Australia’s payments infrastructure has undergone significant reform over several years, with the New Payments Platform enabling Australians to make near real-time transfers at any time, with the recipient receiving funds almost instantly. However, without the previous friction and delay of traditional bank transfers, banks now have a greatly reduced time window in which to detect and prevent scams or recover funds. As summarised by CBA, scammers ‘love real-time and irrevocable payments’.[13]

5.15As part of the broader technological approach to preventing and disrupting scams, the Committee examined how the banks were adding friction into the payment system to enhance security and protect customers. For example, when banks incorporate additional prompts and questions about the purpose or nature of the transaction before it can authorised, customers may reconsider their payment and potentially avoid a scam. In some instances, the banks may also pause or delay transactions that anti-scam algorithms flag as suspicious.

5.16NAB, for example, detailed the effectiveness of the ‘significant friction’ it has added to payment processes:

…over $100 million of payment activity was abandoned by customers because we put in additional friction to essentially say, 'Are you sure? You have never paid this counterparty? Please double-check.' That's significant. I think it's over a quarter of a million every single day that is abandoned by Australians.[14]

5.17While this additional friction has resulted in significant payment sums being ‘abandoned’ by customers, it can also inconvenience customers by slowing down the payment process, potentially causing frustration. CBA reflected on the need to balance efficiency, safety and security, telling the Committee that while it could ‘slow every payment and not clear a payment for two weeks’, this would have a significant negative impact on customers.[15]

5.18Despite increased investments in anti-scam technologies and added friction in payment processes, the Committee heard that one of the most significant challenges facing banks is to prevent or disrupt scams authorised by their customers—particularly romance and investment scams—which are unlikely to be fully countered by technological innovations. Confirmation of payee technology, for example, was viewed as unlikely to prevent or reduce investment or romance scams.[16]

5.19The Committee heard that romance and investment scams are two of the most common scams, accounting for $1.5 billion of losses out of the total $2.74 billion reported losses in Australia in 2023.[17] These scams exploit the emotional vulnerabilities of individuals or promise high investment returns, making them highly persuasive. The banks face particular difficulties detecting these scams due to elaborate tactics used by scammers to appear legitimate, such as ensuring the transactions involved mimic normal, everyday banking activities.

5.20NAB’s evidence illustrated such challenges:

I heard this morning of what was, effectively, a romance scam which had been going for four years, where the customer was paying out to the scammer $2,500 a month in a regular payment…we will see it as something they do every month. It wouldn't have helped knowing where it was going because they had already made their minds up where it was going.[18]

5.21The Committee further heard of the challenges banks face in balancing the desire to slow down transactions to potential scammers against banks’ legal obligation to fulfil customers’ authorised payment requests (discussed further below).

5.22Banks therefore also have an important role in improving customers’ ability to recognise and avoid potential scams through education and alerts. With the increasing prevalence of scam activity, some banks said they had observed a significant improvement in awareness among the broader population, but that continued education and awareness-raising continued to be important.

5.23ANZ told the Committee that the need to raise awareness went beyond the banks and extended to the media and government programs:

It's education—making people aware and careful and just questioning whether this a scam and is it really who I think it is—putting in the right tools for people and educating people with the warnings and being careful. I don't have the data to support this, but I personally think that the industry's achievements in seeing scam reduction is awareness. It's the media, government programs, the ABA's programs, the banks and all of us reaching out and saying to our customers, 'Hey, be careful.' Of course, sadly, we all know somebody who's been scammed. We've all had an experience in some way, shape or form which makes us all careful. I imagine everybody here is really reluctant to click on that SMS message we get, whatever it might be, even sometimes legitimate ones. I think awareness has been the biggest driver...[19]

5.24This view was shared by NAB, which reported a ‘significant improvement’ in scam awareness in the broader population. NAB said this increased awareness was potentially contributing to lower losses despite the growing number of scam attempts being made.[20] NAB commented that further education and storytelling were ‘key’ in the fight against scams:

Ultimately, if it feels too good to be true, then it probably is. The notion of putting $500 into a NAB credit card and expecting $1,500 back in the following week—question that. If you haven't made a payment to someone—and in this case that would have been a first-time payment—question it. If you get a call from someone pretending to be the bank asking for your personal information or your password, one of the things we say is that no bank would ever ask you for your password. We'd never do it. If someone's asking for it, push the red button and put the phone down. It's not us. Just constantly educating and talking to our customers and all Australians in plain language, I think, is one of the things that we can do most and more of.[21]

Social media and telecommunications

5.25The banks raised concerns with the current approach to social media scams, which the banks are finding increasingly difficult to identify and prevent. Common social media scams include investment scams, online dating and romance scams, and product and service scams. Scammers are increasingly establishing fake profiles on social media, messaging platforms and apps—pretending to be friends or family members or interested in a relationship, or impersonating businesses, governments or investment platforms.[22]

5.26The National Anti-Scam Centre’s recent update reported a continued increase in the number of scammers using social media to target Australians, with reports increasing by 11.8 per cent. Scam losses originating on social media were reported as the second-highest contact method after phone calls.[23]

5.27The banks gave evidence that a significant proportion of scams originate on social media. ANZ, for example, reported that social media scams represented 45 per cent of all the scams it was seeing, with Facebook accounting for 30 per cent of this figure.[24] This was similar to figures provided by the other banks.[25]

5.28The Committee also heard evidence on the difficulties obtaining a timely and effective response from social media companies when scams are reported, with the banks emphasising the need for greater collaboration through the National Anti-Scam Centre and the AFCX.

5.29Scammers often exploit social media to create convincing business profiles to mislead consumers, making it challenging for the banks to detect and prevent customer transactions to these entities. CBA provided the following example:

Let's say a scammer sets up a fake shoe company and seeks to emulate one. That is then published on social media and it's left on social media for an extended period of time. You can imagine the person who then goes and purchases the fake pair of shoes from the fake company, unless there were any prior warnings, in my view that would be almost impossible for anyone to detect.[26]

5.30All banks emphasised the need for social media platforms to take a more proactive role in reducing scams. The banks asserted that digital platforms and social media companies were ‘still missing in action’ in the broader effort against scams, noting that these platforms continued to profit from illegal advertisements by scammers targeting Australians and that the incentives for social media companies to take action are limited.[27] Westpac further detailed the difficulties of dealing with social media companies:

We provide information through the AFCX, but, having run that division, I decided that in addition to doing that I would start posting on social media platforms where I knew that the ad or the site was a scam. I'd personally go in and log it within their site. And I would get up every day and look and they were still there. They're moving too slowly. Hence I've started writing to Meta about that as well, because we can't go at this alone; we need the whole ecosystem to be fighting this crime.[28]

Importance of shared intelligence

5.31The banks also highlighted the critical importance of sharing intelligence across various sectors, extending beyond those currently participating in the AFCX. The banks highlighted that while existing collaborations were valuable, there were significant opportunities to strengthen these efforts.

5.32Designed by the banks, the AFCX is a central platform that now brings together government, law enforcement and industry groups to protect consumers and businesses from financial crime, cyber-crime and scams. Through the AFCX, data is shared and used to collaborate in real-time, to identify criminal events, to deduce patterns and to predict long-term trends in order to reduce financial crime.[29] Its membership also includes other large banking institutions, the ATO and the Australian New Payments Platform, and it has formal partnerships with the National Anti-Scam Centre and Australian Communications and Media Authority.

5.33CBA told the Committee it was ‘extremely important’ that other sectors were involved in sharing information in order to work constructively and rapidly on scams—‘or we simply won’t be able to reduce it’[30]:

We've touched on the AFCX. That plays a very important role. We're, of course, participants and subscribers to that. I'd like to see a world where all financial institutions, telcos and other providers are providing data and subscribing to it and have agreed to service levels to take down a website and block a particular telco or SMS scam. There's a world where we're all subscribing to and providing information in real-time and responding to that, and something I think that will really draw a number of different industries into that. I think that will seek to harden the overall approach for Australia and make it less attractive.[31]

5.34The banks identified other challenges and areas for improvement in the information sharing regime, particularly around anti-money laundering laws and the sharing of personal information. NAB explained to the Committee that:

The issue that we have is that with the country's AML laws there are tipping-off regimes where we are not able to share personal information about a potential scammer with another bank. What does that mean and how does it manifest? It means that I can share the BIN number and the account number of a scammer that's maybe using a NAB mule account, but we'll be in the process of shutting it down. The challenge that we have in the industry is that scammer will then just go to another bank and open another account or do an account takeover and continue their practices. It's particularly challenging where maybe they're doing it at a smaller bank or a digital bank that may not have the capabilities of a bigger bank.[32]

5.35Telecommunication companies were also identified by the banks as playing an important role in combatting scams. Text messages are one of the highest reported scam contact methods. Bank scams sent via text messages typically involve scammers impersonating banks to obtain personal information or money. This includes scams pretending to notify customers of unauthorised transactions or login attempts, or fake account lock-out alerts. In response to the prevalence of such scam texts, some banks no longer send text messages to customers with external links.[33]

5.36The National Anti-Scam Centre reported that between October and December 2023, telecommunications providers blocked over 246.7 million scam calls and 106.7million scam SMSs. The National Anti-Scam Centre also reported that text messages were the most reported contact method by scammers in 2023 overall, with a 37.3percent increase in reports from 2022.[34] Scam calls still accounted for the highest reported losses at $116 million, despite a 17.7 per cent decrease from 2022.[35]

5.37Recent progress has been made towards implementing an SMS sender ID registry to protect brands and government agencies from SMS impersonation.[36] Westpac told the Committee that this was critical, and that ‘we’ve got to be able to trust texts again in this country’.[37]

5.38Despite this, the banks said more needs to be done. NAB told the Committee that Singapore’s approach was ‘worth looking at’ as a model to consider:

They blocked out scams through SMS and worked with the telcos to do that. That is the model to look at. I commend the government for doing that. That is one of the things on the plan. But we have to get together; I can't do it without telcos. We recently worked with a telco to block out the SMS scams that were on ours. We had a drop of 70 per cent overnight. The next day they had gone back up again because they had gone to another telco. Again, it has to be everybody in unison, otherwise they find the weakest link. They have more money than you and I combined to spend on this. It is a global criminal ring that is doing this.[38]

Reimbursements and liability

5.39ASIC’s report on the banks’ anti-scam measures noted that the rate of reimbursement from banks to customers for scam losses ranged from 2 to 5 per cent. In discussions with the Committee on whether reimbursement rates were too low, the banks’ overall position was that reimbursements were appropriate where a bank had made an error. However, the banks said most scams involve customer-authorised transactions, such as in romance or investment scams. The banks asserted that in the case of such authorised transactions, where banks had acted to fulfil the requests of their customers to make a payment or transfer, banks should not bear a responsibility to reimburse resulting losses. Westpac told the Committee that:

What we do on reimbursement is we look at it on a case-by-case basis. As Carolyn said, we're broadly looking for things like, if we've told a customer, 'It's a scam,' and they still proceed with the payment, I think it's pretty clear that we wouldn't refund that because we feel like we've done what we would do. In relation to flip cases, where we don't do what we think we need to do, we will consider reimbursement. We don't think there are a lot of cases where that has been the case.[39]

5.40ANZ expressed a similar view:

Sadly, the number one cause of scams is where customers willingly want to send money to a scam investment product or a romance scam, and even with warnings by the bank they still want to go and do it. It's difficult to then say 'The bank should reimburse' in those situations where the bank has actually done nothing wrong other than fulfil our legal obligation to our customers, which is to fulfil their instructions, which we are obliged to do. Where we make the mistake, where we've let somebody down, where we shouldn't have let that money go et cetera we reimburse, just as we do with fraud on cards.[40]

5.41The banks also expressed support for reimbursement obligations to be clarified in mandatory industry codes capturing the broader ecosystem, beyond banks, including digital platforms and telecommunication companies. The Committee heard that industry codes should establish clearer obligations for which entity is responsible for reimbursements. The banks argued that it is unrealistic for them to be held solely responsible for reimbursements, given the other significant players involved.

5.42CBA argued that a mandatory code intersecting with other industries would enable proportionate liability in relation to reimbursements. CBA commented that:

If we're found to have not done what we said we were going to do. If we're providing information into an intelligence loop, which we are, and the company didn't take down the ad or the bank didn't act—because once you are alerted to something that's a very different set of obligations—then we'll be paying out greater levels of liability.[41]

5.43ANZ expressed similar support for a mandatory code capturing the broader ecosystem:

…if the banks are purely going to be held accountable when actually it's other parts up the chain, I just think we're going to struggle to continue making the type of progress that we are currently making. At the moment it's very much a voluntary code. It is fantastic that we have made the progress we have. Exploring and looking at a mandatory code is something that we would welcome, particularly if that mandatory code isn't just mandatory for banks but is mandatory for the telcos and the social media companies. Unless we get that whole-of-community bar to the same place, I just don't think we're going to see the progress that we want to continue making.[42]

5.44After the final public hearings for this inquiry, the Government introduced the Scams Prevention Framework Bill 2024. This legislation intends to create core obligations to prevent, detect, disrupt and respond to manipulation tactics used by scammers. Initially banks, telecommunication companies and some digital platforms are expected to be subject to mandatory sector-specific codes and to face significant penalties for non-compliance. While the Bill does not guarantee that victims of scams will be mandatorily reimbursed for their losses[43], the Bill does provide redress mechanisms to consumers where a regulated entity has contravened a civil penalty provision.

The United Kingdom’s mandatory reimbursement model

5.45The UK recently introduced a world-first scheme that requires banks to reimburse customers for scam losses, unless a customer has acted fraudulently or with gross negligence, as a mechanism to encourage banks to invest in detection and prevention.

5.46This model was raised by the Committee in discussion with the banks. Overall, the banks expressed concern regarding the reimbursement model in the UK, suggesting that it had created the ‘wrong incentives’ for scammers, despite the good intentions of the scheme.[44] Some said the reimbursements have not been successful in reducing the number of scams, and furthermore that comparisons between Australia and the UK were complex.

5.47CBA stated that it had looked at the situation in the UK ‘very closely’ in relation to its own internal policy, but also in the context of a broader industry approach or standard. CBA told the Committee that:

…there has been a pretty significant uptick in scams in the UK since 2019, which is when the voluntary code started. They've had about a 250 per cent increase in scams since then. Australia, in the same period, has had a 33 per cent to 34 per cent increase in scams, both of which are completely unacceptable. I don't want to necessarily draw a tight line between the introduction of the compensation code in the UK and the massive increase, but it's something we are looking at closely to ensure that we don't fall into the moral hazard trap. As you say, nobody wants to be the underwriter of scammers. We're very conscious of that, too, but equally on the other side of the ledger we have to acknowledge that we do need to develop an overall approach across the ecosystem and across the financial services sector.[45]

5.48ANZ similarly held concerns with the UK’s model, particularly around the potential monetary impact on consumers through increased charges if the banks were made solely responsible for reimbursement:

The difficulty with those sorts of schemes is that at the end of the day the criminals are still winning. They're still getting the money. What we're discussing here is who should pay for it. If it ends up being socialised, and the banks end up paying for it, then we all pay for it. That's a perfectly reasonable decision for the community more broadly to make, if that's what we would like to do. It would mean that cost would be borne by all of us through higher charges and other things, and that's a debate we should probably have with the government and the broader community... Our view is that doesn't solve the problem of scams, that just solves the problem of who pays for it.[46]

Comparison with other jurisdictions

5.49The Committee also drew to the attention of the banks comparisons made with other jurisdictions, particularly the UK, on scam losses per capita. The UK reported a £1.17 billion loss in authorised and unauthorised fraud in 2023.[47] For comparison, Australians lost an estimated $2.74 billion in 2023 to scams, as reported by the National Anti-Scam Centre.[48]

5.50However, the banks did not consider this data sufficiently complete to draw accurate comparisons. They highlighted a number of limitations. For example, Westpac explained that the UK’s data only reported what had been reimbursed by the banks and was ‘more limited…than you think it would be’. Westpac highlighted that the data was limited to payments made on the UK’s equivalent of the New Payments Platform, and therefore did not factor in payments facilitated through other payment modalities such as cash or cheque.[49]

5.51NAB also expressed caution about using data and statistics to compare scam performance with other jurisdictions. NAB drew attention to Scamwatch, led by the National Anti-Scam Centre, as Australia’s source of scam-related data. Scamwatch data incorporates scams that may not involve banks, and therefore ‘like for like’ comparisons with other jurisdictions were difficult to make.[50]

5.52The banks also detailed significant progress in Australia compared to other countries in reducing financial losses due to scams. Some of the banks reported savings in the range of $100 to $180 million over a year.[51]

5.53This contrasted with the progress in other countries, with NAB informing the Committee that it was not aware of other jurisdictions or countries that were ‘seeing that type of improvement in annualised scam losses’.[52] Similarly, CBA informed the Committee that:

…our losses to customers in the last 12 months, or in our financial year, were down just over 50 per cent. Of course, a dollar being lost to a scammer is a dollar too much. If we look across the industry, I think it was down 13 per cent. The UK is only down five per cent.[53]

Committee comment

5.54The Committee recognises that while banks are not the only parties responsible for preventing and disrupting scams, they play a crucial role due to their central position in the financial systems. The banks have the resources and technology necessary to detect and prevent many scams. The Committee is encouraged to see the increasing investment in innovation by the banks to develop and implement advanced scam-protection technologies, as well as steps to educate customers on how to identify scams.

5.55The Committee also recognises that banks are only one part of the ecosystem. The banks should continue to collaborate with law enforcement, regulatory bodies, other financial institutions, and digital and telecommunications platforms to counter financial crime, including by sharing vital information and data.

5.56As many scams originate on social media, collaboration in this area is essential in ensuring that effective action is taken and that the banks’ efforts are not circumvented by social media inaction. While some progress has been made encouraging telecommunications and social media platforms to play a more active role in combatting scams, the Committee acknowledges that the contributions of digital and especially social media platforms remain deficient. Large digital companies operating in Australia can and should face more stringent obligations to prevent scammers from using their platforms to defraud Australians.

5.57The Committee heard that the loss reimbursement model in the UK has seen mixed success, but notes that the long-term impact is not yet known. However, the Committee believes that reimbursements are a crucial mechanism to incentivise all relevant sectors to fulfill their obligations. Mandatory codes outlining the obligations of all sectors in preventing scams will be critically important.

5.58The Committee acknowledges that legislation is currently before the Parliament that seeks to address many of the issues raised throughout this inquiry in relation to scams prevention. This legislation recognises the need for a whole-of-ecosystem approach to protect Australians from scams, and will establish both overarching principles and a multi-regulatory framework. It will enable sector-specific codes to be established for all significant players in the ecosystem—including banks, telecommunications firms and digital platforms—and will authorise AFCA to provide an external dispute resolution avenue for complaints made under the framework.[54] At the time of writing, this legislation was before the Senate Economics Legislation Committee, due to report in February 2025.

Footnotes

[1]National Anti-Scam Centre, Targeting Scams: Report of the National Anti-Scam Centre on scams activity 2023, April 2024, www.accc.gov.au/about-us/publications/serial-publications/targeting-scams-reports-on-scams-activity/targeting-scams-report-of-the-accc-on-scams-activity-2023, viewed 3 February 2025, p. 4.

[2]National Anti-Scam Centre, Targeting Scams:Report of the National Anti-Scam Centre on scams activity 2023, p. 5.

[3]ASIC, REP 761: Scam prevention, detection and response by the four major banks, April 2023, asic.gov.au/regulatory-resources/find-a-document/reports/rep-761-scam-prevention-detection-and-response-by-the-four-major-banks/, viewed 3 February 2025, p. 3.

[4]Australian Banking Association, ‘New Confirmation of Payee service hits important milestone’, Media Release, 8 August 2024, www.ausbanking.org.au/new-confirmation-of-payee-service-hits-important-milestone/, viewed 3 February 2025.

[5]CBA, ‘CBA steps up national battle against scams’, Media Release, 30 May 2023, www.commbank.com.au/articles/newsroom/2023/05/namecheck.html, viewed 3 February 2025.

[6]Mr Matt Comyn, Chief Executive Officer, CBA, Committee Hansard, 13 July 2023, Canberra, p. 1.

[7]Ms Carolyn McCann, Group Executive, Customer and Corporate Services, Westpac, Committee Hansard, 29August 2024, Canberra, p. 48.

[8]Mr Shayne Elliott, Chief Executive Officer, ANZ, Committee Hansard, 30 August 2024, Canberra, p. 50.

[9]CBA, CallerCheck, www.commbank.com.au/support/security/callercheck.html, viewed 5 January 2025.

[10]For example see: Ms Carolyn McCann, Group Executive, Customer and Corporate Services, Westpac, Committee Hansard, 29 August 2024, Canberra, p. 47 and Mr Andrew Irvine, Chief Executive Officer, NAB, Committee Hansard, 30 August 2024, Canberra, p. 26.

[11]Mr Shayne Elliott, Chief Executive Officer, ANZ, Committee Hansard, 30 August 2024, Canberra, pp. 50–51.

[12]Mr Andrew Irvine, Chief Executive Officer, NAB, Committee Hansard, 30 August 2024, Canberra, p. 7.

[13]Mr Matt Comyn, Chief Executive Officer, CBA, Committee Hansard, 13 July 2023, Canberra, p. 9.

[14]Mr Andrew Irvine, Chief Executive Officer, NAB, Committee Hansard, 30 August 2024, Canberra, p. 7.

[15]Mr Matt Comyn, Chief Executive Officer, CBA, Committee Hansard, 29 August 2024, Canberra, p. 21.

[16]Mr Shayne Elliott, Chief Executive Officer, ANZ, Committee Hansard, 12 July 2023, Canberra, p. 10.

[17]National Anti-Scam Centre, Targeting Scams: Report of the National Anti-Scam Centre on scams activity 2023, p. 4.

[18]Mr Ross McEwan, Chief Executive Officer, NAB, Committee Hansard, 12 July 2023, Canberra, p. 51.

[19]Mr Shayne Elliott, Chief Executive Officer, ANZ, Committee Hansard, 30 August 2024, Canberra, p. 51.

[20]Mr Andrew Irvine, Chief Executive Officer, NAB, Committee Hansard, 30 August 2024, Canberra, p. 19.

[21]Mr Andrew Irvine, Chief Executive Officer, NAB, Committee Hansard, 30 August 2024, Canberra, p. 12.

[22]ScamWatch, Social media scams, www.scamwatch.gov.au/types-of-scams/social-media-scams, viewed 18 November 2024.

[23]National Anti-Scam Centre, National Anti-Scam Centre in action: Quarterly update January to March 2024, May 2024, www.nasc.gov.au/system/files/NASC-Quarterly-update-Q3-2024.pdf, viewed 3 February 2025, p.22.

[24]Ms Maile Carnegie, Group Executive, Australia Retail, ANZ, Committee Hansard, 30 August 2024, Canberra, p. 38.

[25]For example: Ms Carolyn McCann, Group Executive, Customer and Corporate Services, Westpac, Committee Hansard, 29 August 2024, Canberra, p. 35; Mr Matt Comyn, Chief Executive Officer, CBA, Committee Hansard, 29 August 2024, Canberra, p. 18; Mr Shaun Dooley, Group Chief Risk Officer, NAB, Committee Hansard, 30 August 2024, Canberra, p. 9.

[26]Mr Matt Comyn, Chief Executive Officer, CBA, Committee Hansard, 29 August 2024, Canberra, p. 19.

[27]Mr Peter King, Chief Executive Officer, Westpac, Committee Hansard, 29 August 2024, Canberra, p. 29; MrShayne Elliott, Chief Executive Officer, ANZ, Committee Hansard, 30 August 2024, Canberra, p. 50.

[28]Ms Carolyn McCann, Group Executive, Customer and Corporate Services, Westpac, Committee Hansard, 29 August 2024, Canberra, p. 35.

[29]Australian Financial Crimes Exchange, Resources, www.afcx.com.au/resources/, viewed 19 November 2024.

[30]Mr Matt Comyn, Chief Executive Officer, CBA, Committee Hansard, 29 August 2024, Canberra, p. 18.

[31]Mr Matt Comyn, Chief Executive Officer, CBA, Committee Hansard, 13 July 2023, Canberra, p. 9.

[32]Mr Andrew Irvine, Chief Executive Officer, NAB, Committee Hansard, 30 August 2024, Canberra, p. 9.

[33]For example see: NAB, ‘NAB removes links in text messages to protect customers’, Media Release, 7 July 2023, news.nab.com.au/news/nab-removes-links-in-text-messages/, viewed 3 February 2025.

[34]National Anti-Scam Centre, Targeting Scams: Report of the National Anti-Scam Centre on scams activity 2023, p.14.

[35]National Anti-Scam Centre, Report of the National Anti-Scam Centre on scams activity 2023, p.15.

[36]National Anti-Scam Centre, Report of the National Anti-Scam Centre on scams activity 2023, p. 10.

[37]Mr Peter King, Chief Executive Officer, Westpac, Committee Hansard, 29 August 2024, Canberra, p. 36.

[38]Mr Ross McEwan, Chief Executive Officer, NAB, Committee Hansard, 12 July 2023, Canberra, p. 50.

[39]Mr Peter King, Chief Executive Officer, Westpac, Committee Hansard, 29 August 2024, Canberra, p. 46.

[40]Mr Shayne Elliott, Chief Executive Officer, ANZ, Committee Hansard, 30 August 2024, Canberra, p. 38.

[41]Mr Matt Comyn, Chief Executive Officer, CBA, Committee Hansard, 29 August 2024, Canberra, p. 19.

[42]Ms Maile Carnegie, Group Executive, Australia Retail, ANZ, Committee Hansard, 30 August 2024, Canberra, p. 38.

[43]Josh Gibson and Scanlon Williams, ‘Scams Prevention Framework Bill 2024 [Preliminary Digest]’, Bills Digest No. 33, 2024-25, Parliamentary Library, Canberra, 15 November 2024.

[44]Mr Peter King, Chief Executive Officer, Westpac, Committee Hansard, 13 July 2023, Canberra, p. 40.

[45]Mr David Cohen, Deputy Chief Executive Officer, CBA, Committee Hansard, 13 July 2023, Canberra, pp. 11–12.

[46]Mr Shayne Elliott, Chief Executive Officer, ANZ, Committee Hansard, 12 July 2023, Canberra, p. 10.

[47]UK Finance, Annual Fraud Report 2024, 3 June 2024, www.ukfinance.org.uk/policy-and-guidance/reports-and-publications/annual-fraud-report-2024, viewed 3 February 2025.

[48]ACCC, ‘Scam losses decline, but more work to do as Australians lose $2.7 billion’, Media Release, 28 April 2024, www.accc.gov.au/media-release/scam-losses-decline-but-more-work-to-do-as-australians-lose-27-billion, viewed 3 February 2025.

[49]Ms Carolyn McCann, Group Executive, Customer and Corporate Services, Westpac, Committee Hansard, 29 August 2024, Canberra, p. 48.

[50]Mr Andrew Irvine, Chief Executive Officer, NAB, Committee Hansard, 30 August 2024, Canberra, p. 18.

[51]For example: Ms Carolyn McCann, Group Executive, Customer and Corporate Services, Westpac, Committee Hansard, 29 August 2024, Canberra, pp. 47–48; Mr Shayne Elliott, Chief Executive Officer, ANZ, Committee Hansard, 30 August 2024, p. 31.

[52]Mr Shaun Dooley, Group Chief Risk Officer, NAB, Committee Hansard, 30 August 2024, Canberra, p. 9.

[53]Mr Matt Comyn, Chief Executive Officer, CBA, Committee Hansard, 29 August 2024, Canberra, p. 18.

[54]Explanatory Memorandum, Scams Prevention Framework Bill 2024, parlinfo.aph.gov.au/parlInfo/search/display/display.w3p;query=Id%3A%22legislation%2Fems%2Fr7275_ems_4ee55c79-dd09-40ea-bc07-166c4071de27%22, viewed 3 February 2025, p. 1; the Hon Michelle Rowland MP, Minister for Communications, and the Hon Stephen Jones MP, Assistant Treasurer and Minister for Financial Services, ‘Albanese Government unveils Scams Prevention Framework for public consultation’, Media Release, 13 September 2024, ministers.treasury.gov.au/ministers/stephen-jones-2022/media-releases/albanese-government-unveils-scams-prevention-framework, viewed 3 February 2025.