In a statement, the Association of Banks in Malaysia (ABM), the Association of Islamic Banking and Financial Institutions Malaysia (AIBIM) and the Association of Development Finance Institutions Malaysia (ADFIM) provided details in relation to those five key measures.

They said that some banks have already migrated away from the one-time password (OTP) system or offer secure alternative authentication methods as recommended by BNM since 2019, with other banks expediting efforts to comply with the latest requirement.

Such alternative authentication method measures include secure multi-factor authentication software or hardware tokens for certain transactions, it said.

Launching BNM’s virtual financial crime exhibition yesterday, Nor Shamsiah said financial institutions have been told to migrate from the OTP system to more secure forms of authentication for online transactions.

She also said financial institutions will tighten fraud-detection regulations and triggers for blocking suspected scam transactions, introduce a “cooling-off period” for first-time registration of online banking services or secure devices; limit authentication to one device per customer; and establish a scam hotline for each bank.

In their statement, the three associations noted that tightening the banks’ fraud detection rules and triggers for the blocking of suspicious transactions may result in them sending “prompts” or notifications to customers on unusual activities.

They may also contact customers to confirm or authenticate certain transactions that are flagged as unusual activities.

While they did not provide a timeframe, they said that customers will not be able to perform any online banking transactions during the verification and cooling-off period for first time enrolment of e-banking services or secure devices.

Apart from restricting the authentication of electronic banking transactions to one mobile device or secure device per account holder, the banks will enhance changes to the single device process, such as additional verifications, to ensure that such requests have genuinely been made by the account holder.

The statement also said the banks will have a 24/7 dedicated complaint hotline for customers to report incidents or suspicions of scams or fraud.

A list of ABM member banks’ contact numbers for reporting scams or fraud may be obtained from ABM’s website, https://www.abm.org.my/directory.

In addition, the banks will make available “a convenient way” for customers to temporarily suspend banking activities for their own bank accounts swiftly if they suspect that their accounts have been compromised, such as in the event of a suspected fraud.

Customers will also be able to resume service of their accounts “after a reasonable timeframe” upon validation.

“The banking industry acknowledges that the implementation of these measures may lead to changes in customers’ online banking experiences and expectations, whereby online banking transactions could potentially take a slightly longer duration due to added security measures and checks,” the associations said.

“In view of this, we seek customers’ patience and understanding of the expected delays and inconvenience that they may face once these measures are implemented.

“These measures, however, are crucial for the added safety and security of the banks’ customers.”

In a FMT report yesterday, PKR information chief Fahmi Fadzil said 20,000 people fall victim to scams every year, with losses totalling more than RM660 million.

The Lembah Pantai MP said this works out to about 60 scam victims losing RM2 million every day.