This article is also available in Tagalog: BDO Itinangging Binago Nila Ang Kanilang Online Banking Terms Dahil sa ‘Nagoyo’ Scam
By Shiela Bertillo
Editor’s Update: BDO’s response:
“Liability clause is a regular compliance in the banking industry. This has been part of the normal compliance for a long time. There was no added clause to due to the recent incident. BDO made exceptions and shouldered the losses not caused by the clients to maintain good customer relationship even if the Bank is not legally liable.“
Original article follows:
Following the BDO Unibank Inc. hacking incident, where a certain “Mark D. Nagoyo” stole money ranging from P25,000 thousand to P50,000 pesos per account, BDO has denied changing its terms and conditions for online banking stating that these have long been in place.
Priorly, Jefff Ricafrente shared in a tweet a line in the bank’s electronic banking terms and conditions which states that BDO “shall not be liable for any loss or damage” regarding the use of their online banking services from hacking or any other security breaches “with or without your participation.”
The updated terms implies that the bank doesn’t have to compensate online hacking victims even if it’s their fault and not of the customer.
However, the BDO denies that they just updated these terms, saying that “there is no added clause due to the recent incident.”
Long-time tech writer Art Samaniego also replied to Ricafrente’s tweet, stating that the clause has been there since 2017.
“Liability clause is a regular compliance in the banking industry and part of normal compliance for a long time,” BDO said in a statement.
Still, Joey Salceda, Chairperson of House Ways and Means, confounded BDO’s other policy requiring “Nagoyo” scam victims to sign waivers that they will not press charges against the bank for them to be reimbursed of the amounts stolen from their bank accounts.
“This is not acceptable. I request the Bangko Sentral ng Pilipinas to look into whether we can take legal or administrative action against banks forcing clients to sign quitclaims in exchange for their own money,” Salceda said in a statement.
He said these “quitclaims” aim to absolve BDO of legal responsibility in systemic failures in its online banking services.
“If it’s the bank’s fault, and it appears that there may have indeed been a breach of security systems, then the bank should not be able to squeeze itself out of its responsibility,” he added.
Salceda also “strongly urge” the Bangko Sentral ng Pilipinas (BSP) to check the annual IT profiles and periodic reports of the bank to check “whether the banks were able to accurately reflect the strength of their cybersecurity profiles.” He also emphasized that there are penalties for that as well.
Moreover, prior to these terms update, BSP Governor Benjamin Diokno stated that BDO Unibank and UnionBank could face sanctions over the hacking incident.
However, the Filipino crypto community shared their sentiments regarding the hacking incident as well as the UnionBank and cryptocurrency taking blame. According to Luis Buenaventura II, founder of cryptocurrency exchanger BloomX, country manager of gaming firm Yield Guild Games and a regular BitPinas Contributor, neither crypto nor UnionBank should be blamed for this mishap. (Read more: Crypto Community Reacted to BDO Hacking Incident)
In a statement released on December 12, BDO acknowledged the “sophisticated fraud technique” and assured their account holders that they have already implemented additional security measures. Furthermore, the bank said it will reimburse their customers’ losses.
The BSP also said that BDP has given the assurance that victims of the hack will be duly reimbursed. Governor Diokno, said the BSP will make sure the affected depositors get their money back as soon as possible.
This article is published on BitPinas: BDO Denies Changing Online Banking Terms Due to ‘Nagoyo’ Scam