Asia’s diverse anti-scam policies reflect local contexts, Anurag Mohapatra writes, highlighting the need for trust, coordination, and accountability.
The global scam landscape is undergoing a quiet but powerful transformation. Regulatory models are hardening at both ends: on one side, the UK’s Payment Systems Regulator (PSR) mandates reimbursement and assigns liability to receiving banks; on the other, Australia encourages shared responsibility across banks, telcos, and consumers without requiring compensation. As countries worldwide adapt, these two models are shaping how regulators and countries define their scam frameworks.
Against this backdrop, Asia stands out as a diverse testbed for regulatory experimentation. The region faces a surge in faster, organised, and increasingly transnational scams—from phishing texts in Singapore to large-scale investment scams from Myanmar’s border zones. The impact has been staggering: in 2024, financial losses from scams in Hong Kong surged by 89% in two years to HKD 9.15 billion (USD 1.1 billion), to MYR 54 billion (USD 12.7 billion) in Malaysia, and to over SGD 1.1 billion (USD 853 million) in Singapore. China investigated over 67,000 telecom and online fraud cases in 2024, while Thailand dismantled multiple scam compounds, rescuing over 7,000 victims.
In response, 2024–2025 has seen a sharp uptick in anti-scam initiatives. More than ever, there has been increased coordination across sectors—regulators, banks, telecom authorities, and private tech firms. Countries are experimenting with various interventions, from voluntary charters and mandatory kill switches to scam education campaigns and biometric verification tools.
Yet how they assign liability—who pays when scams succeed—varies dramatically. Some, like Thailand and the Philippines, embrace shared or institutional liability. Others, like Singapore and Malaysia, prioritise enforcement and prevention without mandating reimbursement. What is emerging across Asia is not one cohesive policy but a spectrum of evolving models, each reflecting local politics, regulatory maturity, and consumer pressure.
From London to Sydney: A Spectrum of Scam Response
Below is a simplified map placing countries along the continuum between the UK’s reimbursement-heavy model and Australia’s prevention-first, liability-light approach.
Source: NICE Actimize
Four Clusters: Asia’s Emerging Anti-Scam Models
Asia groups countries into four clusters based on how they assign liability and structure their scam response. Clustering helps identify who pays when scams succeed, and what systemic tools and accountability frameworks are in place.
Cluster A – Mandating Reimbursement: These countries are building or enforcing frameworks for reimbursing scam victims, including authorised fraud. Some use shared liability models, while others impose reimbursement if institutional duties are breached.
Cluster B – Shared Responsibility, Limited Reimbursement: These countries place institutional duties on banks and telcos but offer no mandatory or universal reimbursement for scam victims. Reimbursement may occur if duties are breached (as in phishing cases) or as a goodwill gesture.
Cluster C – Prevention-First, Limited Redress: These nations focus heavily on fraud prevention through technology, enforcement, and consumer education, but do not offer formal reimbursement pathways for victims.
Cluster D—Minimal Frameworks, High Scam Activity: These jurisdictions have high scam activity and limited regulatory infrastructure.
Cluster A – Mandating Reimbursement
Thailand, through its April 2025 amendments to the Royal Decree on Measures for the Prevention and Suppression of Technology Crimes. It is the only Asian state that mandates by decree shared liability among banks, telcos, and platforms, empowering courts to penalise non-compliance and establish reimbursement obligations.However, the Bank of Thailand (BOT) is still currently in the process of developing detailed regulatory guidelines to operationalise this framework.
The Philippines made regulatory progress with the AFASA law in 2023, and by 2024 began developing industry-wide data-sharing platforms. However, reimbursement remains optional, and there is no defined liability standard for receiving banks. However, the Bangko Sentral ng Pilipinas (BSP) can sanction institutions post-incident for failing to fulfil prescribed fraud prevention and due-diligence obligations. Even though the Philippines leads with conditional liability, the regulations are directionally strong and UK-like in principle.
While Hong Kong does not currently mandate reimbursement for scam victims, it is actively considering introducing a shared responsibility framework. Its existing Anti-Scam Charter functions as a voluntary industry code, with broad bank participation and close coordination with law enforcement. While not legally binding, the Charter shares similarities with the UK’s CRM Code in spirit, emphasising consumer protection, data-sharing, and preventive best practices. Ahead of a public consultation expected later this year, and strong institutional engagement on consumer protection, Hong Kong is positioned as a transitional jurisdiction moving toward formal liability and reimbursement standards.
Cluster B – Shared Responsibility, Limited Reimbursement
In Singapore, the Shared Responsibility Framework (SRF) has been effective since December 2024. The SRF mandates reimbursement for phishing scams involving unauthorised transactions, unless the bank or telco can demonstrate preventive compliance. However, the framework does not cover authorised push payment (APP) fraud, such as investment or romance scams. Liability for receiving institutions is clearly defined within the scope of phishing-related cases, and the policy is expected to enhance redress in those specific situations.
Malaysia strengthened its anti-scam ecosystem with the launch of the National Fraud Portal and enhancements to the NSRC in 2024. Reimbursement remains limited and discretionary, but coordination with receiving institutions has improved significantly—BNM reported in its 2024 annual report MYR 399 million in blocked scam attempts.
Taiwan enacted the Fraud Crime Hazard Prevention Act (FCHPA) in July 2024, a significant step toward holding institutions accountable for scams. The act mandates shared responsibility for scam prevention among banks, telecom firms, and digital platforms and also introduces mechanisms for victim protection, including a mediation process for scam compensation. However, reimbursement is not mandated, and authorised fraud cases, such as APP scams, are not uniformly covered. The framework signals a movement toward shared responsibility and is directionally aligned with models like the UK’s CRM Code.
Cluster C – Prevention-First, Limited Redress
China has deployed substantial enforcement resources against scams, particularly telecom and online fraud. Its Anti-Telecom and Online Fraud Law (effective December 2022) mandates cross-sector participation in scam prevention, including SIM registration and internet identity verification. The National Anti-Fraud Center app aims to warn users of scam risks. However, there is no formal reimbursement framework for victims of scams—recovery depends on law enforcement action and seizure of criminal proceeds.
Vietnam has focused on telecom-level interventions, including SIM card limits, AI-based scam message filtering, and the development of a centralised fraud number database. Public awareness campaigns also form a key part of its prevention-first model. That said, there are no regulatory provisions for reimbursing scam victims, and banks are not held liable even when scams are reported. Victims bear the loss unless criminal cases result in fund recovery.
Indonesia takes a compliance-first approach, requiring banks to align fraud controls with national KYC, identity, and telecom databases. These efforts support scam detection but do not include victim redress policies. There are no legal mandates or regulatory guidelines requiring banks to reimburse scam victims, even in clear APP scam scenarios.
Japan emphasises technological deterrence and frontline intervention, including biometric ATMs and teller training to question suspicious transactions, primarily involving elderly clients. However, Japan lacks any regulatory liability regime for authorised scams. Reimbursement is discretionary and extremely limited, typically provided as goodwill in select cases (e.g., elderly victims). There is no mandatory redress mechanism or receiving bank accountability for APP fraud.
India has not enacted any regulation addressing APP scams. Its 1930 helpline and national fund-freezing network enable banks and law enforcement to intercept fraudulent transfers in flight, but there is no liability or reimbursement requirement for scam losses once funds are withdrawn. The RBI’s limited liability guidelines apply only to unauthorised fraud, not scams. Fund recovery rates remain modest—around 11% in several state-level reports—and reimbursement is not offered unless funds are intercepted in time.
South Korea has adopted a prevention-first approach, marked by sophisticated fraud detection systems (FDS), fund-freezing powers, and inter-agency coordination involving the Financial Supervisory Service (FSS), police, and telecom authorities. In 2024, it also introduced a voluntary “responsibility-sharing” scheme for banks to compensate victims of non-face-to-face financial fraud like voice phishing, although authorised payment fraud, i.e., payments initiated by a customer even under false pretense are excluded. In 2024, only about 10 out of 20,000 reported scam cases received compensation, highlighting the continued dominance of prevention measures over reimbursement.
Cluster D – Minimal Frameworks, High Scam Activity
Myanmar is known as a hub for scam operations, with compounds near border regions trafficking victims to conduct romance and investment scams. The government has engaged in joint raids with China and Thailand, deporting thousands of foreign nationals in 2024–2025. However, there are no formal consumer protection or reimbursement frameworks, and domestic enforcement remains fragmented.
Cambodia has taken steps to dismantle scam centres, particularly in Sihanoukville, but lacks systemic regulation. Cambodia has increased co-operation with international law enforcement and neighboring governments but there are no established victim compensation schemes or clear legal responsibilities for financial institutions.
One Problem, Many Paths
Asia’s fight against scams is marked by urgency—but not uniformity. From Thailand’s legally mandated reimbursement for scams to China’s prevention-first approach, countries are tackling the same problem with vastly different tools. The four clusters outlined in this article illustrate a clear policy spectrum.
No precise, comparable cross-country data on claim resolution times, victim reimbursement rates, or consumer satisfaction with redress mechanisms exist. Until such data is consistently collected and reported, assessments of effectiveness must be made cautiously and with an understanding of local contexts.
As fraud evolves, so must the frameworks designed to counter it. Whether Asia will converge toward a single model or continue to innovate locally remains uncertain. However, one truth is clear: tackling scams effectively requires more than detection—it demands trust, coordination, and accountability built into the financial system.
—
By Anurag Mohapatra, Fraud Expert and Director of Product Marketing, NICE Actimize.
