Annual Review 2022–23

6,048 complaints received
5,354 complaints closed
59% resolved at Registration and Referral stage

Stage at which scams complaints closed

Stage  

2022–23 

At Registration  

3,133 

At Case Management  

1,585 

At Rules Review  

260 

Preliminary Assessment  

182 

Decision  

194 

 

Top three scam complaint products (received)

Product

Total

Personal transaction accounts

3,469

Credit cards

834

Electronic banking

634

 

Time taken to close scams complaints

Time  

2022–23

Closed in 0–30 days 

2,218 

Closed in 31–60 days 

1,113 

Closed in 61–180 days 

1,575 

Closed in 181–365 days 

361 

Closed in in more than 365 days 

87 

 

Key insights

  • AFCA continues to see a significant volume of complaints involving scams.
  • Consumers who fall victim to scams suffer financially and emotionally, and the outcomes can be devastating.
  • As scams continue to evolve, AFCA is working closely with industry, regulators and governments to keep our approaches to this dynamic space aligned, and to ensure we help consumers and financial firms resolve complaints efficiently and fairly.
  • As we evolve our understanding and approach, definitions of scam and fraud will become clearer. Currently, AFCA classifies all types of scams and fraud as scams.

From 1 July 2022 to 30 June 2023, AFCA received 6,048 scam-related complaints and closed 5,354. Most of the complaints (59%) were closed at the Registration and Referral stage. At the Case Management stage, we closed 1,585, or 30%. Around 5% of scam complaints, or 260, were closed at the Rules Review stage. We closed just over 3%, or 182, at the Preliminary Assessment stage. The Decision stage saw 194 complaints, or 4% of the total, closed.

The main products relating to scam complaints were personal transaction accounts (3,469 complaints) and then credit cards (834). We received 146 complaints relating to business transaction accounts.

Scams are often perpetuated by sophisticated international organised crime syndicates. In the past, most scams involved the unauthorised removal of funds from consumers’ bank or credit card accounts without their knowledge. We continue to see the scammers behind such unauthorised transactions adapt to new products and technologies. Separately, there has been growth in scam transactions where consumers are persuaded by scammers to authorise payments. Typically, authorised scams involve investments, romance and buyer/seller transactions. The most common type of scam continues to involve investments – particularly in cryptocurrencies.

Complaints to AFCA tend to be a lag indicator of trends in different types of scams, given the time it can take for consumers to realise they’ve been scammed and to complain about it. However, some scams we have been seeing point to increased sophistication and evolution of scams. Specifically, AFCA is seeing increasing numbers of ‘phishing’ and identity spoofing scams. A typical example would involve a consumer responding to an SMS purporting to be from their bank, clicking on a link to a fake bank site and being asked to enter their internet banking details.

Consumers are also falling victim to scammers who have collected data about them from various sources. Recent examples include scammers fraudulently collecting information about a person and loading it into a digital wallet on the scammer’s phone.

Young businesswoman waiting for taxi in Sydney

Case study – Digital wallets

Background

The complainant received a text message stating she had an outstanding toll road invoice. She clicked on a link that took her to what she thought was the legitimate toll road operator’s website. Then she entered her credit card details to pay the invoice. 

The website was fake and was used to harvest the complainant’s credit card details and a one-time password (OTP), which the complainant thought was needed to authorise the toll payment. This enabled the scammer to load the credit card as a digital card onto their own mobile phone. 

Shortly after, the scammer used their mobile phone to make 16 transactions of $1,000 each at well-known retail stores. No further PIN or pass code was required to make the disputed transactions. The complainant reported the disputed transactions to her financial firm the following day.

The financial firm said the complainant had authorised the disputed transactions because, by allowing the scammer to add the credit card details to the digital wallet, she must have disclosed the OTP. 

Findings and outcome

The ombudsman found the disputed transactions were unauthorised. This meant the liability provisions of the ePayments Code (the Code) applied. Under clause 10.2 of the Code, a card holder is not liable for unauthorised transactions that are made using an ‘identifier’ without a ‘pass code’ or a ‘device’. 

A digital card is an ‘identifier’ and the disputed transactions did not require a pass code or device. The mobile phone onto which the digital card was loaded was not a device as defined by the Code. Therefore, under clause 10.2 of the Code, the financial firm was liable for the disputed transactions.

The financial firm said the complainant breached the pass code security requirements of the Code, which requires card holders not to disclose pass codes that are needed to perform transactions (clause 12.1). The financial firm said the complainant must have disclosed the OTP to enable the credit card to be added to the digital wallet. 

The ombudsman found the complainant did not knowingly disclose the OTP to the third party. She thought she was engaging with a legitimate website to authorise a payment. The OTP was not a pass code needed to ‘perform a transaction’. The Code distinguishes between pass codes needed to perform transactions and pass codes needed to authenticate users (which the OTP arguably did). A card holder is only liable if they disclose pass codes needed to perform transactions.

Sorry, we’re currently offline.

Would you like to end your chat with AFCA?

Please bear in mind that your conversation will not be saved.

AFCA chat service terms and conditions

Welcome to our live chat help service.

Please be advised we cannot provide you with financial or legal advice. However, we may be able to refer you to a community legal centre or financial counselling service if you need help.

Our live chat is operated by Genesys Cloud on behalf of AFCA. Any personal information provided in this chat will be captured by both organisations in accordance with their privacy policies, available at www.afca.org.au/privacy and www.genesys.com/company/legal/privacy-policy

Offline

We provide consumers and small businesses with fair, free and independent dispute resolution for financial complaints.

Please enter your details to start your chat with an AFCA representative.

Please enter your name
Please enter a valid email address
Please enter a valid phone number

We provide consumers and small businesses with fair, free and independent dispute resolution for financial complaints.

Welcome to our live chat help service.

An agent should be with you shortly.