Contact us at 6579 6777 immediately to report any suspicious activities or transactions relating your Hong Leong Finance accounts. Learn how to avoid becoming a scam victim.
Contact us at 6579 6777 immediately to report any suspicious activities or transactions relating your Hong Leong Finance accounts. Learn how to avoid becoming a scam victim.

Let’s Work Together To Protect Your Account

Guidelines On Shared Responsibility Framework

The Guidelines on Shared Responsibility Framework (“SRF”), issued by the Monetary Authority of Singapore (“MAS”) and Infocomm Media Development Authority of Singapore (“IMDA”) and took effect on 16 December 2024, set out the roles and accountabilities of account users, responsible financial institutions (“FI”) and telecommunications companies (“Telco”) in mitigating the risk of seemingly authorised transactions.

The Guidelines on SRF clarify the allocation of responsibility for losses arising from a defined scope of phishing scams under the SRF, and the operation workflow for consumers to report such scams.

Through the SRF, Hong Leong Finance Ltd (“HLF”) is committed to working with you to protect your account(s) with us by implementing appropriate measures when you perform digital transactions through our HLF Digital app. HLF would also like to strongly encourage you, as an account holder, to be aware of your responsibilities and adopt practices to safeguard your protected account(s) from seemingly authorised or unauthorised transactions.

Our Responsibilities To Protect Your Account(s)

  • Cooling-off period: We shall impose a 12-hour cooling-off period for the following scenarios:

    • Activation of digital security token
    • Logging in using a new device
    • Performing high-risk activities (add Payee, increase transaction limit for out-going transactions, disable transaction notifications and change in contact details such as mobile number and email address)
  • Real-time alerts: We shall send real-time alerts for all high-risk activities that you have performed.
  • Real-time notification for outgoing transactions: We shall send real-time notifications for all outgoing transactions that you have performed.
  • 24/7 reporting channel: We shall provide a 24/7 reporting channel for you to report any suspected scams.
  • Kill Switch: We shall provide a Kill Switch function if you need to immediately block mobile and online access to your account(s) if you suspect that your account(s) have been compromised.
  • Real-time fraud surveillance: We shall roll out a Real-time Fraud Monitoring system to detect and manage suspected cases of funds being transferred via seemingly authorised or unauthorised transactions.

Your Responsibilities To Protect Your Account(s)

Stay alert and follow these tips to protect your account(s):

  • Sign up for HLF Digital App to monitor your accounts regularly for suspicious transactions.
  • Never share personal or account-related details or follow instructions for fund transfers from unverified sources or government officials.
  • Use a strong password (avoid using your full or partial NRIC numbers) as User ID or password for your account access.
  • Beware of promises of quick or easy money - if it seems too good to be true, it likely is.
  • Avoid clicking on suspicious links or downloading apps from unknown origins.
  • Verify identities before engaging with unknown individuals.
  • Understand the risks and implications when performing high-risk activities (add Payee, increase transaction limit for outgoing transactions, disable transaction notifications and change in contact details such as mobile number and email address).
  • Activate Kill Switch if you suspect that your account(s) have been compromised.

If you suspect a scam or that you have been scammed, you are advised to:

  • Call the 24/7 ScamShield Helpline (1799) to check.
  • Report to the Police immediately.
  • Call our Customer Service Hotline 6579 6777.

Let’s do our part together to prevent scams.

FAQs And More Information

A list of SRF FAQs can be found below. You can also read more about HLF Digital Safeguard for more information on how to protect your account.

For more details of the SRF, please refer to https://www.mas.gov.sg/regulation/guidelines/guidelines-on-shared-responsibility-framework

 
 

Key Terms Defined under the SRF

What is an Account Holder?

An Account Holder means any person in whose name a payment account has been opened or to whom a payment account has been issued, and includes a joint account holder and a supplementary credit card holder.

What is an Account User?

An Account User means:

  1. any account holder; or
  2. any person who is authorised in a manner in accordance with the account agreement, by the responsible FI and any account holder of a protected account, to initiate, execute or both initiate and execute payment transactions using the protected account.

What is a Fabricated Digital Platform?

A Fabricated Digital Platform resembles legitimate digital platforms operated by an FI or the impersonated entity, or any party related to the FI or impersonated entity.

What are High-risk activities?

High-risk activities include, but are not limited to:

  1. adding of payees to the account holder’s payment profile;
  2. increasing the transaction limits for outgoing payment transactions from the payment account;
  3. disabling transaction notifications that the responsible FI will send upon completion of a payment transaction; and
  4. change in the account holder’s contact information including mobile number, email address and mailing address.

What is a Payment Transaction?

A Payment Transaction means the placing, transfer or withdrawal of money, whether for the purpose of paying for goods or services or for any other purpose, and regardless of whether the intended recipient of the money is entitled to the money, where the placing, transfer or withdrawal of money is initiated through electronic means and where the money is received through electronic means.

What is a Protected Account?

Protected Accounts refer to any payment account that:

  1. is held in the name of one or more persons, all of whom are either individuals or sole proprietors;
  2. is capable of having a balance of more than S$1,000 (or equivalent amount expressed in any other currency) at any one time, or is a credit facility;
  3. is capable of being used for electronic payment transactions; and
  4. where issued by a relevant payment service provider is a payment account that stores specified e-money.

What is a seemingly authorised transaction?

A seemingly authorised transaction, in relation to any protected account, means any payment transaction which fulfills limbs (a) to (d):

  1. perpetrated through the impersonation of a legitimate business or government entity, eg FIs, non-banks and government agencies (“impersonated entity”);
  2. the scammer, pretending to be the impersonated entity, uses a digital messaging platform (eg. SMS, email, WhatsApp, social media platforms) to obtain the account user’s account credentials*;
  3. the account user enters his account credentials on a fabricated digital platform (eg. website, application) (“fraudulently obtained credentials”); and
  4. the fraudulently obtained credentials are used to perform transactions that the account user did not intend to be performed.

Note: Account credentials include an access code as defined under the E-Payments User Protection Guidelines (EUPG), and the user identification (user ID).

What is an SMS?

An SMS means a text message sent using an electronic service to an end-user on a mobile telephone through a telecommunication service, and excludes text messages sent over social media platforms and those that rely on Over-The-Top (“OTT”) applications such as WhatsApp, iMessage, and Rich Communication Services (“RCS”).

What is a Sender ID SMS?

A Sender ID SMS means an SMS with an alphanumeric sender identification.

What are your duties as an Account Holder and Account User?

Please refer to E-Payments User Protection Guidelines for more details.

What are our duties to you?

Please refer to E-Payments User Protection Guidelines for more details.

 
 

Losses in the context of seemingly authorised transaction

To determine whether HLF would be responsible for your losses in the context of a seemingly authorised transaction, HLF would first assess whether we have adhered to all the duties as stated in E-Payments User Protection Guidelines.

In addition, HLF would be expected to flag out any “rapidly-drained account” scenario which is defined as:

A protected account is considered to be rapidly drained of a material sum if:

  1. the protected account has an account balance of S$50,000 or more immediately prior to the seemingly authorised transaction; and
  2. more than 50% of such an account balance is transferred out within the last 24 hours.

Note: For the avoidance of doubt, this excludes recurring standing instructions, recurring GIRO/eGIRO deductions, bill payments to billing organisations maintained by HLF (save for payment of bills for credit cards issued by other FIs), debit card transactions, and intrabank transfers to the account holder’s other account(s) within HLF.

For a “rapidly-drained account” scenario, HLF will:

  1. block the online banking payment transaction that crosses the threshold, and all subsequent online banking payment transactions to the scammer until it is able to obtain further verification from the account holder; or
  2. send notification to the account holder, and block or hold for at least 24 hours: (i) the online banking payment transaction that crosses the threshold; and (ii) all subsequent online banking payment transactions to the scammer.
 
 

To manage your claims lodged with HLF, we shall adopt the following operational workflow:

  1. Claim Stage

    • HLF is the first and overall point of contact with you.
    • HLF will assess if your claim falls within the SRF’s scope (“relevant claim”).
    • HLF will inform a responsible Telco where applicable.

  2. Investigation Stage

    • HLF will conduct the investigation, together with a responsible Telco (where applicable) for your claim.

  3. Outcome Stage

    • HLF will inform you of the investigation outcome.

  4. Recourse Stage

    You may pursue further action through avenues of recourse such as the Financial Industry Disputes Resolution Centre Ltd (“FIDReC”) or IMDA, if you are not satisfied at the Outcome Stage.

    We will explain the operational workflow to you when you report the seemingly authorised transaction to us. We will also inform you of the timeline for our investigation.

 
 

Credit your account with losses

We will credit your account with the losses as soon as possible if we concluded that you are not liable for any loss arising from the unauthorised transaction(s).

Note: You will be liable for your loss if it was due to your recklessness, i.e you did not carry out your responsibilities as stated in “What are your duties as an Account Holder and Account User?”