iscover
iscover 
The Australian Securities and Investments Commission (ASIC) has sued HSBC Bank Australia Limited (HSBC Australia/HSBC) for failing to “adequately protect customers scammed out of millions of dollars”.
In documents filed by ASIC in the federal court today, the regulator alleged that HSBC did not have the proper controls in place to prevent and detect unauthorised payments, and failed to comply with obligations to investigate customer reports of unauthorised transactions within specified timeframes.
It was also alleged that the bank did not promptly reinstate their banking services in a timely manner.
ASIC further alleged that there were significant escalations in reports of unauthorised transactions by the bank’s customers from mid-2023, often occurring after scammers had gained access to their accounts by impersonating HSBC staff members.
HSBC Bank received around 950 reports of unauthorised transactions between January 2020 and August 2024, which has reportedly resulted in customer losses of around $23 million.
According to ASIC, around $16 million of this happened in the six months from October 2023 to March 2024.
Sarah Court, ASIC’s deputy chair, stated: “We allege HSBC Australia’s failings were widespread and systemic, and the bank failed to protect its customers.”
“We allege that from at least January 2023, HSBC Australia was aware of the risks of unauthorised transactions occurring and that there were gaps in their fraud controls. This resulted in some customers getting scammed out of $90,000 or more.
“We allege HSBC Australia compounded the problem by failing to comply with its obligations under the ePayments Code and let its customers down when they needed their help the most, on average taking 145 days to investigate customers’ reports that they had been scammed.
“We are also concerned that HSBC Australia failed to promptly restore customers’ full access to their bank accounts, on average taking 95 days to do so. One customer did not have full access restored for 542 days,” Court added.
Due to HSBC Bank’s alleged failures to provide an adequate system to prevent and detect unauthorised payments, ASIC contended that the bank has failed to do all the things necessary to ensure that:
• the financial services covered by its Australian financial services licence were provided efficiently, honestly and fairly in contravention of its obligations under s 912A(1)(a) of the Corporations Act 2001 (Cth); and;
• the credit activities authorised by its credit licence were engaged in efficiently, honestly and fairly in contravention of its obligations under s 47(1)(a) of the National Consumer Credit Protection Act 2009 (Cth).
Court further stated that scammers are always looking for new ways to exploit people.
“Customers can lose their life savings in an instant. Scammers do not discriminate.
“All banks need to pull their weight in the fight against scams. We will not hesitate to take court action where we consider banks fail to comply with their obligations to protect their customers.”
ASIC is seeking declarations of contraventions, pecuniary penalties, adverse publicity orders, and costs.
ISCOVER 
