BSP orders banks to establish 'effective' reporting system

On the heels of incidents involving at least two Philippine banks this month, the Bangko Sentral ng Pilipinas (BSP) is now requiring lenders to adopt an "effective" reporting system.

"The Monetary Board approved the issuance of a Circular setting forth BSP's expectation on banks to establish an effective reporting system that will enable them to comply with the Bangko Sentral reporting standards," the BSP said in an emailed statement on Wednesday. A copy of the circular was not immediately available.

The central bank said that lenders must ensure that reports submitted to the BSP are "complete, accurate, consistent, reliable, and timely." The circular will be fully implemented starting January 1, 2018.

"This should be done independent of any validation process that the BSP may conduct prior to accepting a report as compliant with the standards," it said.

This entails the establishment of a governance process over the bank's reporting system, according to the BSP.

"These include written policies and procedures as well as defined processes for periodic review, enhancements, and reporting it to its Board and Senior Management," it said.

"This should be supported by a management information system and technology infrastructure that is commensurate to the bank's level of activity and complexity," it said.

Earlier this month, some 1.5 million clients of the Bank of the Philippine Islands (BPI) were affected by double-posting of transactions that caused errors in the records of outstanding balances.

A week later, clients of BDO Unibank Inc. reported unauthorized withdrawals from their accounts. They were later found to be victims of skimming.

The following week, Security Bank Corp. said it had encountered delays in its electronic system, compelling it to perform maintenance activities to address the issue.

"For the remaining months of 2017, banks are expected to make the necessary changes to their systems and processes to comply with the requirements of the Circular," the BSP said.

In the same statement, the BSP said it will be imposing strict penalties on banks that would be guilty of violating the circular.

"In addition to rationalizing the monetary penalties currently being imposed on banks, non-monetary sanctions for habitual incurrence of reporting violations as determined through a demerit system were also introduced," it said.

"Formal corrective measures may also be required to be undertaken by the bank should there be significant deficiencies noted during the assessment of its reporting system," it added.

On Wednesday, Security Bank President and CEO Alfonso L. Salcedo Jr. told GMA News Online the bank is addressing technical concerns. "This is something we are working on even without a BSP mandate," he said.

The BSP created in June a new division to focus on cybersecurity issues hounding the banking industry.

"We created a new division focused particularly on cyber security issues to strengthen our capacity in dealing with this," BSP Deputy Governor Nestor Espenilla Jr. told reporters at that time. — VDS, GMA News