Australian Banking Association (ABA) chief executive David Bell has slammed misleading reports that member banks have been lobbying the Australian Securities and Investment Commission (ASIC) to make customers liable for Internet banking fraud.
A mix of incorrect media reports and vendor hype has created the fiasco which forced the ABA to issue a strongly worded rebuttal yesterday.
The reports claim banks have been lobbying ASIC to make customers responsible for ensuring their PCs are secure and this includes making them liable for Internet fraud if they do not install minimal security measures.
Responding the claims, the ABA issued a statement that makes it clear the financial services industry hasn't been engaged in any ASIC lobbying and does not support moves to hand responsibility for Internet fraud over to the customer.
On Friday ASIC called for submissions to review the Electronic Funds Transfer Code of Conduct (EFT Code), specifically liability issues surrounding the growth and sophistication of Internet fraud and regulation of alternative payment outlets.
At the time ASIC consumer protection executive director, Greg Tanzer, said "whether account holders should be required to bear any liability for losses resulting from these types of fraud (malicious code and phishing) is one of the important issue to be addressed by the review, and the matter is discussed in detail in the consultation paper."
Media reports incorrectly stated that Australian banks, either independently or through lawyers, have been lobbying ASIC regarding the changes to liability in a bid to tackle Internet banking fraud.
Refutting the reports, ASIC came out in support of the ABA yesterday by publicly declaring it is unaware of any lobbying by the financial services industry.
There certainly hasn't been any submissions on this issue made to ASIC, according to ABA's Bell.
"I have spoken to ASIC today who say they are unaware of any ABA member lobbying them on this aspect of the EFT Code review," he said.
The Commonwealth Bank was even more direct labelling the claims as "totally false".
A bank spokesperson said there has been no submissions or any support for a mandate to make users liable.
"We have a policy to protect our customers' funds by providing the best (updated) security," he said.
Adding to the furore, an IT security provider TrustDefender issued a press release on the back of the incorrect reports.