The country's high online activity has made it a hotspot for scammers, especially when it involves shopping. A report from the 2023 Asia Scam Report, published last November, said that the Philippines has received a 35.9% scam rate throughout Asia.

Jason Brasileño, head of fraud strategy at GoTyme Bank, explains the typical process of getting scammed. It begins with someone who sees they find interesting online. If the seller is a scammer, they will entice the potential buy/victim with offers that seems to be too-good, probably with discounts or bundles--and this often includes a condition the money be sent immediately or include a down payment to secure the item. Buyer complies and they become fraud victims when the item doesn't arrive. 

“Scammers often even either send a picture of the item being picked up, or acknowledge payment and promise to facilitate delivery, or send some code shortly,” Brasileño said. “After this they become unreachable and oftentimes blocks the fraud victim, and can no longer be contacted.” 

Brasileño explained that if the money is deposited in a GoTyme account, the scammer immediately does any of the following: withdraws the cash, transfers it to an external bank account or some other e-wallet, move it to another GoTyme account, upon which the money is then exfiltrated. “It can sometimes happen in multiple layers before money is taken out."

If the scam did involve sending money in a GoTyme account. The victim, whether a GoTyme customer or not, is urged to report to GoTyme’s Customer Service (CS). 

Brasileño said: “The complainant must manage expectations as not all lost money can be returned. We’re not an insurance company but we try our best to help the complainant recover the money. The complainant must first file a report with their sending bank, which will notify GoTyme of the transaction. The sending bank will then send us debit notice to return the money provided funds are still intact and a criminal case concluded.” 

He emphasizes that GoTyme does not disclose personal information—even those of scammers—to complainants. 

“We only disclose this to authorities, provided there is sufficient subpoena or warrant to disclose information that is duly signed by a judge of the Philippine court,” he says. 

The most that GoTyme can do is put the account either on debit hold or both debit/credit hold. “We do this if, first, there is a corresponding police report from complainant; second, there is direct communication from sending bank informing us of the suspicious transaction; or third, flagged by our fraud rules,” Brasileño said, adding that there are instances when a combination of any of these may happen. 

After this, the bank files a Suspicious Activity Report (SAR) to the bank’s Compliance team, which then files a Suspicious Transaction Report (STR) to the Bangko Sentral ng Pilipinas (BSP) for regulatory reporting. 

Elmore Capule, BSP senior assistant governor and general counsel, said that although the country already has cybercrime laws, the SIM registration law, and the Financial Consumer Protection Act, these do “not…guarantee [consumer protection] because [fraud] is constantly evolving.” 

Currently, cybercrime laws are designed more to protect systems of financial institutions, while the provisions in the Financial Consumer Protection Act are regulatory in nature rather than penal. These legal gaps give scammers plenty of elbow room to target individual account holders—instead of the e-wallet or systems or banks themselves—and often get away with it. 

Besides online market scams, attempted fraud generally comes in the form of phishing attacks, which try to get users to give sensitive personal information that scammers can use to take money from someone’s bank or e-wallet account. This can be done through email, through calls (known as vishing), or through text messages (known as smishing). 

On a larger scale, the existing “Know Your Customer” procedures for anti-money laundering can waver when financial institutions go digital. The PNP ACG found some e-wallet and even bank accounts to be “fictitious”—so that even when they track down the scammer’s transactions, it could lead to an account registered using invented identification documents.  

Law enforcement can also run into a dead end when fraudsters and money mules transfer money into bank accounts, given that the Philippines has some of the strictest bank secrecy laws in the world.  

All these have driven home the urgency of legislation against digital fraud through the Anti-Financial Account Scamming Act (AFASA), a version of which had been passed by the House of Representatives in May last year. The AFASA will provide a regulatory framework that penalizes scammers and entails safeguard measures to protect Filipinos and their financial accounts. Under AFASA, the central bank and law enforcement partners would also have real power to actually investigate bank deposits and other accounts of fraudsters that try to hide behind the curtain of bank secrecy. 

GoTyme urges vigilance and awareness 

GoTyme Bank takes these matters seriously and has always urged its customers to exercise online caution and remain vigilant when it comes to safeguarding their financial resources. It shares regular reminders on its app and on social media on how to prevent scams: Ultimately, customers have the biggest responsibility to keep their account secure, be careful in accessing their account in public, update their device’s security settings, and do online shopping securely.

GoTyme also shares information on what to do in the event of a scam. 

Nate Clarke, GoTyme president and CEO, assures the public that the bank will always remain on top of the situation. “We closely monitor these developments and we can follow the money trail,” he says. “We work closely with the PNP to hold criminals liable after a customer has filed a police report.” 

Albert Tinio, GoTyme co-CEO, has always reminded GoTyme customers and the general public that the fight against scams is a multipronged one: “[It] is a concerted fight of the banks, the public, and government.  Every party has to do its part.” 

GoTyme has partnered with Scam Watch Pilipinas, the national citizen arm to educate Filipinos nationwide on cyber fraud. 

It also forged a memorandum of understanding with Gogolook, leveraging the leading anti-fraud app Whoscall, a mobile application that offers caller identification services. Whoscall identifies incoming calls, detects scam/harassment numbers, and filters spam text messages and blocking them accordingly. This strategic collaboration signifies a shared commitment to protect Filipinos from digital scams and fraud, paving the way for a safer and more confident digital journey for all.

Further, GoTyme regularly reviews its fraud rules and continually enhances them as needed.

Brasileño says, “We act quickly when sending banks forward us communication via a dedicated email channel. We also guarantee quick action via CS provided there is proper police report, and an internal escalation response when it happens. We stay true to our promise of helping our customers resolve their concerns as swiftly as we can, to the greatest extent possible.”