The Banking Ombudsman says almost a third of its annual investigations related to scams, in which victims' average losses were $57,000.
This news comes from the Banking Ombudsman's annual report, issued on Tuesday.
The Ombudsman, Nicola Sladden, found complaints about scams were increasing at a worrying rate.
"The Banking Ombudsman Scheme’s annual report shows customer complaints about scams rose 43% on the previous year, making up 625 of the 3,513 complaints received in 2022-23. Nearly a third [32%] of all complaints formally investigated were about scams, and the average loss was $57,000. Phishing and investment scams predominated," Sladden said.
Sladden said there had been an increase in sophisticated, unauthorised payment scam cases in which customers were duped into entering their banking credentials into fake websites.
Sladden said introducing confirmation of payee technology, or name and account number checking, would be a game-changer.
Confirmation of payee lets a customer check whether the name of the recipient's account matches the name and account details provided by the customer.
One high-profile scam which is estimated to have cost victims millions, saw payments made to ASB accounts in New Zealand when the payments were meant to go to a Citibank account for a faked term deposit scheme.
On Friday, the New Zealand Banking Association (NZBA), which represents the banking sector, said it would “instigate” an industry-wide confirmation of payee account checking service.
Sladden said she supported the urgent implementation of this fraud detection system.
Critics of the banking sector say New Zealand banks have taken too long to bring in confirmation of payee and left systemic gaps for scammers to exploit.
Confirmation of payee was introduced in the United Kingdom in 2020, and large UK banks Lloyds said it had helped to reduce bank transfer scams by 31% within the first few months.
Parliament’s Finance and Expenditure Committee recommended banks bring in confirmation of payee in a report published in August. It also recommended banks look at a voluntary scheme to reimburse victims who are tricked into making payments to scammers, called authorised payment scams.
At present NZ banks do not routinely reimburse people who have authorised a payment to scammers, although some were offering partial settlements and requiring customers to sign non-disclosure agreements.
Consumer NZ said NZ banks needed to move quickly to bring in confirmation of payee, and should from now reimburse authorised payment scam victims, because the banks had admitted they could do more to protect their customers by introducing confirmation of payee.
Sladden said there was currently no contractual or legislative requirement for a bank to check whether the name of the recipient’s account matches the name and account details provided by the customer.
She said there had been an increase in sophisticated unauthorised payment scam cases in which customers were duped into entering their banking credentials into fake websites.
"In one of the cases highlighted in our annual report, the customer genuinely believed she was giving payment authorisation codes to the bank, and there was nothing suspicious about the website that would have alerted a reasonable customer to the fact it was a fake.
"We did not consider she had acted negligently or breached the terms and conditions of her account by entering her details and the codes from her bank into the fake website.”
Sladden said the bank’s text and email warnings in this case were not sufficiently explicit.
The bank had reimbursed the customer for the full amount lost, nearly $30,000.
One anti-scam centre to bust them all?
Sladden said the continual emergence of new and more sophisticated scams was a key factor in the rise of complaints.
She said the banking sector, along with other organisations, must take a more coordinated and unified approach to the problem, pointing to Singapore's lauded national anti-scam centre.
"The Singaporeans have shown how beneficial such an approach can be. Their recently established anti-scam centre, made up of representatives from 80 stakeholders, has disrupted scams with great success through skillful intelligence-gathering and the clever use of technology."
As part of the banking industry's Friday announcement, the NZBA said the industry supported a national anti-scam centre, would remove hyperlinks from text messages and would work together to freeze mule accounts, used to siphon stolen money from victims.
The Ombudsman has estimated financial losses for scams in excess of $200 million, but we don't really know the size of the issue.
A recent poll by Horizons found New Zealanders were experiencing a "major crime wave via their banks".
Horizon found fraud and theft via bank accounts and cards was running at twice the rate of losses via cybercrime, where internet devices were accessed without permission.
In the past 12 months, 10% said they had experienced fraud or theft involving a bank account, while 13% said they have had someone use a bank card, credit card, cheque or other document without permission to commit fraud or steal from them.
A further 7% said they had been a victim of cybercrime, with a device accessed without permission.
Horizon polling showed 80% of fraud victims had lost up to $5000, 54% said they lost up to $500. The majority, 83%, said banks should do checks to make sure names and account numbers match. Horizon said 43% of the respondents felt they were being let down by their banks.
The survey also found that 73% of Kiwis believed banks should fully compensate scam victims if they should have spotted that the transaction was suspicious. Horizon polled more than 1000 people.
An August Horizon poll found New Zealanders were experiencing fraud or theft from their bank accounts at the rate of 5,200 cases per week.
The Government's Computer Emergency Response Team's latest quarterly report said 1,950 incidents had been reported to it, with 409 cyber security incidents where a financial loss was reported.
Cert NZ said direct financial losses totalled $4.2 million in the second quarter of 2023, a 27% decrease compared to last quarter. It said 57% of those cyber incidents saw financial losses below $500, 13 reported losses of $100,000 or more.
*The chart below comes from the Banking Ombudsman's annual report.