The Bangko Sentral ng Pilipinas said Wednesday it ordered Bank of the Philippine Islands to submit a timeline and updates on the reversal of double-debit transactions that affected accountholders on Dec. 30 and 31, 2022.
It said in a statement it was closely coordinating with BPI on the matter.
“The bank already identified the root cause of the operational error and committed to reverse the erroneous transactions and restore mobile and internet banking services the soonest possible,” the BSP said.
It said it instructed “BPI to submit a timeline and updates on the reversal of its erroneous transactions.”
BPI clients said in social media posts they lost money in their accounts, and they failed to access the bank’s website and mobile app.
The bank said in an advisory on Facebook Wednesday morning that it was expecting a reversal of the double transactions as soon as possible.
“Following the double posting of ATM, CAM deposits, POS and e-commerce debit transactions from Dec. 30 to 31, 2022, please be informed that we expect correction of the duplicate transactions within the day,” BPI said.
It said given the high volume of inquiries on online banking channels, “you may experience intermittent access to our web and mobile app platforms.”
The bank also assured depositors, “your account is safe and secure.”
A bank depositor complained that both mobile app and website of BPI were down, and there was a known double debit glitch. “Who is doing crisis management and change management in this God forsaken bank?” he asked.
Another Facebook user also asked BPI to also address “the double posting around Jan. 1 onwards?”
The Bangko Sentral said it was working to strengthen banks’ cyber resilience through industry-wide initiatives to protect consumers amid increasing digital payments. It completed the Advanced SupTech Engine for Risk-Based Compliance, which will be deployed among selected BSP-supervised financial institutions.
ASTERisC* is a unified regulatory and supervisory technology solution that streamlines and automates regulatory supervision, reporting, and compliance assessment of financial institutions’ cybersecurity risk management.
The plan is seen to improve the regulatory and supervisory environment for cybersecurity. It will also serve as the primary framework for policies and strategies to strengthen cyber defense in the financial services industry.
The regulator said it was planning to issue stronger regulations on banks’ cyber defense after hacking incidents in December 2021.
The BSP announced it also teamed up with the Bankers Association of the Philippines and the Bank Marketing Association of the Philippines to roll out the “Check-Protect-Report” information drive to combat online scams.
“Check” is about being careful when sharing information as legitimate banks and financial institutions will only ask for personal data when they are contacted by their clients. “Protect” means safeguarding and not sharing personal data to senders of random text messages or emails, while “Report” enjoins financial consumers to urgently inform their banks or financial institutions about suspicious transactions.
The communication campaign aims to equip Filipino financial consumers with the information needed to protect themselves against online scams.
“Amid the rise in digital transactions, the CPR campaign encapsulates what we encourage the public to cultivate as a habit. It is expected to enhance financial consumer welfare, further strengthen confidence in the use of electronic payments, and therefore promote growth,” BSP Governor Felipe Medalla said.
Medalla said bolstering public trust in the payment system supports the BSP’s goals under the Digital Payments Transformation Roadmap, which aims to digitalize half of the volume of retail payments and onboard 70 percent of Filipino adults to the formal financial system by 2023.