BSP Signs Deals for Faster Scam Investigations

The Bangko Sentral ng Pilipinas (BSP) has signed separate information-sharing agreements with the National Bureau of Investigation (NBI), the Cybercrime Investigation and Coordinating Center (CICC), and the Securities and Exchange Commission (SEC), granting law enforcers lawful access to confidential financial account data for scam investigations. The agreements, formalized on February 20, 2026 at the BSP headquarters in Manila, mark a significant step in the Philippines’ campaign against the surge of digital financial fraud.

The pacts operationalize Republic Act No. 12010, or the Anti-Financial Account Scamming Act (AFASA), signed into law on July 20, 2024. BSP officials said the arrangements will allow quicker case-building and fund tracing, while preserving long-standing bank secrecy and data privacy safeguards.

A Legal Framework for Faster Investigations

Under the agreements, the BSP may share relevant financial account information—through its Consumer Account Protection Office—with the NBI, CICC and SEC, provided that requests comply with due process requirements and existing data privacy laws.

The information exchange is limited to scam-related investigations under AFASA and does not dismantle bank secrecy rules. Instead, authorities describe it as a calibrated response to increasingly sophisticated fraud schemes that exploit digital banking channels.

“Its success will not be measured by the document itself, but by its execution — by investigations strengthened, cases resolved, risks mitigated, and harm prevented,” BSP General Counsel Roberto L. Figueroa said during the signing.

The framework ensures that any disclosure of sensitive bank records is supported by lawful authorization. In effect, it builds a structured corridor between regulators and investigators—allowing information to pass when legally justified, while keeping safeguards firmly in place.

Rising Tide of Cyber-Enabled Fraud

The urgency behind the move is underscored by complaint data. The CICC recorded 18,000 complaints in 2025 alone, with 22.2 percent involving online threats. More than 1,000 cases directly affected citizens’ finances, including over 100 cases of sophisticated credit card fraud and an increasing number of bank account takeovers.

“We also recorded more than 100 cases of sophisticated credit card fraud and a growing number of direct bank account takeovers,” CICC Executive Director Undersecretary Renato Paraiso said.

For many households, the losses are not abstract figures. A single scam ranging from the equivalent of a few thousand pesos to larger sums can derail a family’s monthly budget—money often meant for groceries, remittances, tuition or loan payments. As digital payments become commonplace, from neighborhood store purchases to mobile fund transfers, vulnerabilities have multiplied alongside convenience.

New Compliance Rules for Banks and E-Wallets

The agreements dovetail with implementing rules under BSP Circular No. 1214, which requires BSP-supervised financial institutions to tighten authentication standards.

• Institutions must limit reliance on one-time passwords (OTPs) sent via SMS or email.
• They are required to adopt stronger multi-factor authentication (MFA) systems by June 2026.

The reforms aim to close gaps frequently exploited by fraudsters, particularly in phishing attacks and account takeovers. By strengthening identity verification, regulators hope to reduce unauthorized access before it occurs, rather than merely responding after funds disappear.

Balancing Enforcement and Privacy

BSP officials have emphasized that the agreements do not dilute privacy protections enshrined in Philippine banking laws. Instead, they create defined procedures for cooperation.

“The BSP remains firmly committed to working with the CICC, NBI, and SEC to ensure that AFASA is implemented with discipline, integrity, and fidelity to the law. Through sustained coordination and mutual trust, we will reinforce the resilience of our financial system and better protect the Filipino public from those who seek to exploit it,” said BSP Deputy Governor Elmore Capule.

The central bank has also signaled that AFASA’s scope may not be sufficient to address other forms of financial crime and has expressed support for broader reforms to the country’s bank secrecy framework. For now, however, the focus remains squarely on fraud involving bank and electronic wallet accounts.

Nationwide Impact

The agreements apply across the Philippine archipelago, affecting banks, digital payment platforms and consumers in both urban and rural communities. As mobile wallets and online banking penetrate deeper into everyday commerce, trust in the system becomes critical.

For ordinary account holders, the initiative promises faster investigations and, potentially, improved chances of recovering stolen funds. For financial institutions, it raises compliance expectations while reinforcing their role as frontline defenders in a rapidly evolving cyber threat landscape.

The documents signed in Manila may be administrative in nature, but officials argue that their real value will be measured in fewer drained accounts and more resolved cases. In a financial system growing ever more digital, the agreements are designed to ensure that speed and innovation are matched by accountability and protection.