The Australian Securities and Investment Commission (ASIC) is to review liability issues in online crime and phishing in a move that will be closely watched by banks worldwide.
The association has called for submissions to review the Electronic Funds Transfer Code of Conduct (EFT Code) - a voluntary industry code of practice covering all forms of consumer electronic payments transactions.
Banks in Australia currently reimburse customers who fall victim to online scams that steal data including passwords and personal details.
But the consultation paper calls for industry feedback on whether account holders should be liable for unauthorised transaction losses when customers' equipment does not meet "minimum" security requirements.
ASIC consumer protection executive director Greg Tanzer says rapid growth in the use of the Internet as a transaction channel has stimulated an accompanying growth in Internet fraud, including the use of deception-based phishing and the installation of malicious code on users' equipment.
"Whether account holders should be required to bear any liability for losses resulting from these types of fraud, is one of the important issues to be addressed by the review, and the matter is discussed in detail in the consultation paper," he adds.
The paper states that some "industry representatives" have proposed that users could potentially be made liable under the EFT Code for the full amount of losses from malicious code compromises of account access data unless they have "minimum" or "adequate" equipment security.
Media reports in Australia have stated that a number of banks in the coutry have been lobbying ASIC to introduce rules that would allow online fraud costs to consumers. But both Asic and the Australian Bankers Association have denied the reports.
Read ASIC's consultation paper here:
Download the document now 1.3 mb (Adobe Acrobat Document)