We take your security seriously

Safeguarding your interests and money is a priority for us. We have security measures to keep your privacy and investments as secure as possible. We also strive to update you on ways you can protect yourself.

WAYS WE PROTECT YOU

Two-factor authentication 
On top of your log-in credentials, a security token will also be provided which allows you to authorise transactions.

Secure, encrypted pages 
The "closed lock" icon on our online banking site means that information transmitted from your computer to our systems are encrypted.

Every transaction is secure 
Transactions that you perform through OCBC online banking is secured with a one-time password generated from your security token or an SMS sent to your mobile phone.

Network Security 
All of our banking systems sit behind firewalls that prevent intruders from getting unauthorised access to the system.

GENERAL SECURITY TIPS

Steps to protect yourself from unwanted scammers

  • Do not reveal the following information to anyone:

    • OTP generated by the 2FA token or sent to you via SMS

    • Serial number of your 2FA token

    • Your log-in credentials

    • Your personal, financial, bank account of credit/debit card information to strangers or little known or suspicious websites

  • Do not allow others to keep, use or tamper with your 2nd factor authentication (2FA) security token. Please keep your token secure at all times

  • Check your bank account information, balance and transactions frequently and report any discrepancies

  • Be on the alert for suspicious emails and websites (which may contain malicious software) or mobile messages, purporting to be from the Bank. You should report these immediately by contacting us

  • We will not make unsolicited requests for your personal, financial, bank account or credit/debit card information, or unsolicited requests that require you to log in and verify your account validity, through e-mail, mobile messages or on phone unless you have initiated the contact. Under no circumstances will the Bank ask you to reveal your PIN/Password

  • Update us immediately when there is a change in your contact details such as mobile phone number and e-mail address so that you continue to receive SMS alerts or e-mail notifications for online banking transactions and activities

  • Please inform us immediately if:

    • You are aware of any suspected fraud, including any compromise or loss of your security device or security details; or

    • You receive SMS or e-mail alerts for transactions which you did not perform; or

    • You are alerted on change of daily withdrawal limit or add beneficiary for transfer to an account which you do not know of or did not perform

    • You notice any unusual/unauthorised transactions. You also have the right to do the following under such circumstances:

      1. Suspend your access to OCBC online banking services

      2. Cancel the relevant services

      3. Request for a new set of OCBC online banking log-in credentials

      4. Obtain information from the Bank regarding your online transactions


Online Banking PIN/Password

Personal Banking

  • Your PIN should be:

    • Six-digits long. Do not repeat any digit more than once

    • A unique number. It should not be drawn from your telephone number, birthday or other services you might have

    • Kept confidential

    • PINs must be changed regularly, or when you suspect it has been compromised or impaired

Business Banking

  • Password should be 8 to 12 characters:

    • It must contain at least 2 letters and 2 numerals

    • Characters cannot be repeated more than twice

    • First two characters must be different from your User ID

    • Password and Organisation ID cannot be identical

    • Password cannot be identical to the previous 10 passwords that you have used

    • Example of a password: velocity01#

      Password is case sensitive, for example "Velocity01#" is a different password from "velocity01#"


OUR GUARANTEE
(FOR PERSONAL BANKING)

In the unlikely event that you do suffer from online fraud, we guarantee a full refund of any money that has been fraudulently transferred out of your account via our Internet and Mobile Banking service, subject to our Terms and conditions governing Electronic Banking Services.

Our guarantee protects you if you have played your part in protecting yourself from fraud by adopting the following measures:

  • You have kept your hardware token secure at all times;

  • You have not shared your security details with anyone (these include your Access Code, PIN and security token);

  • You have equipped your computer or mobile device with the latest operating system security patches, anti-virus, anti-malware and firewall software. The installed software should be regularly updated to the latest version and run with latest signatures;

  • You have followed our recommendations on Safeguarding Your Internet Banking Access and complied with all your obligations under the Terms and conditions governing Electronic Banking Services and the Terms and conditions governing Deposit Accounts;

  • You have updated us immediately when there is a change in your contact details, such as mobile number and e-mail address, for the purposes of receiving SMS alerts or e-mail notifications for online banking transactions and activities;

  • You have updated us immediately when you change your mobile number for receiving One-time Password (OTP) via SMS; and

  • You inform us immediately if:

    • You are aware of any suspected fraud, including any compromise or loss of your security device or security details; or

    • You receive SMS or e-mail alerts for transactions which you did not perform; or

    • You are alerted on change of daily withdrawal limit or add beneficiary for transfer to an account which you do not know of or did not perform, and you furnish us with all information requested by us and provide your full co-operation.

HOW WE CAN HELP

Should you become a victim of an unauthorised transaction, please inform us immediately. You can report to us by contacting one of our branches during their opening hours or call us at:

Personal Banking

Call 6363 3333 (24-hour)
Calling from overseas? Call +65 6363 3333

Premier Banking

Call 1800 Premier (1800 773 6437)
Calling from overseas? Call +65 6530 5930

Business Banking

Call +65 6538 1111
Calling from overseas? Call +65 6530 5930

Upon receiving your report, we will get back to you within 7 working days
Depending on the complexity of the claims, we will inform you if we require more time for investigations.
Malware

What is Malware?

Malware are malicious programs that targets customers' computers/mobile devices in order to steal their login credentials, for example your online banking access code, PIN and One-Time Password (OTP) or Organisation ID, User ID and Password. Once your computer is infected, a cybercriminal will be able to conduct fraudulent money transfers from your account.


How Malware is spread

Cybercriminals send emails with attachments that may appear to originate from trusted companies. Malware could be hidden in the attachments in emails and in the disguise of invoices or accounting documents.

A malware may also direct you to a fake webpage that looks like OCBC Bank's login page. It may prompt you to enter any of your log-in credentials or OTP from your security token.


How to avoid getting infected

By having an up-to-date anti-virus software on your computer or mobile device, you could greatly reduce your risk of getting infected. For more information on safeguarding measures, refer to Security for PC/Mac and Security for Mobile.


Phishing Scams

What is a phishing scam?

Phishing is a form of social engineering used by cybercriminals to convince you to install malicious software that leads to stealing your personal information.


How phishing works

Phishing attacks typically use emails or malicious websites to solicit personal information by posing as legitimate companies or trustworthy organisations.

For example, an attacker may send email seemingly from a reputable credit card company or financial institution that requests account information, often suggesting that there is a problem. When users respond with the requested information, attackers use it to gain access to the accounts.

Phishing attacks tend to intensify on significant current and seasonal events such as:

  • Natural disasters
  • Epidemics and health scares
  • Economic concerns
  • Major political elections
  • Holidays

How to avoid such scams

  • Ensure that emails are authentic before acting on them:

    • Do not download or open any attachments from emails you find suspicious, even if they came from someone you know
    • Delete emails that come from unknown sources
    • Do not respond to emails asking for confidential information, e.g. your financial or personal information. Phishers like to use scare tactics and may threaten to disable an account or delay services until you update certain information
    • Do not use links in an email or instant message to connect to the Bank's website unless you are certain they are authentic. Instead, open your browser and type the URL directly into the address bar
  • Protect your computer with firewall, spam filters, anti-virus and anti-spyware software. Ensure you are getting the most up-to-date software and update them regularly to ensure that you are protected against new viruses and spyware

  • For specific safeguarding measures on phishing scams, refer to Security for PC/Mac and Security for Mobile


Safeguarding your online banking experience

To ensure that your online security and account information are not compromised via your computer, please adopt the following OCBC Online Banking security measures:

  • Personally enter the domain name of the bank in your browser to log onto OCBC Online Banking service
  • Before entering your log-in credentials, always ensure that the website you are visiting belongs to OCBC Bank:
    Personal Banking: https://internet.ocbc.com/internet-banking or
    Business Banking: https://velocity.ocbc.com/login.html
  • Do not display your account information in a manner that is visible to others
  • Log off the online session when the session is no longer required. Enable your computer's screen saver with password protection or lock your computer screen when it is not in use. Do not leave your computer unattended
  • Do not install software or run programs of unknown origin
  • Do not open, run or install any attachments or click on any links in suspicious or unsolicited emails
  • Do not use public computers or any devices which cannot be trusted or which you are unsure if safe to use
  • Do not connect to unsecured or publicly available Wifi, to access online banking or perform financial transactions
  • Do not allow your web browser to store or retain your log-in credentials Remove file and printer sharing in computers, especially when connected to the internet
Usage of OCBC Internet Banking Services

Your usage of OCBC Internet Banking Services is subject at all times to:

Personal Banking



Business Banking

Things to look out for

Malware present on a PC/Mac

Watch out for these warning signs:

  • The URL showing on the login page is different from the official page:
    Personal Banking: https://internet.ocbc.com/internet-banking/ or
    Business Banking: https://velocity.ocbc.com/login.html

  • The login screen looks different. The legitimate OCBC login process consists of two steps:
    Personal Banking
    First step: Access code and PIN
    Second step: Enter one-time password (OTP)
    Business Banking
    First step: Organisation ID, User ID and password
    Second step: Enter one-time password (OTP)

  • You are prompted repeatedly for your log-in credentials even though you have entered the log-in credentials correctly

  • A delayed pop-up screen that says the system is not available and repeatedly asks you to enter OTP or use your security token to generate an OTP

  • You are prompted to authorise transactions which you have not initiated using OTP generated through your security token. For example: While trying to login, you are prompted to enter a 6-digit number shown on your computer screen into your security token. Then you are asked to press the 'Sign' button on the token and key in the OTP generated from the security token into the computer screen

  • Your PIN/Password should be masked when you type it in

  • You receive SMS messages on OTP or transactions which you did not initiate

  • A redirection to a third-party website, which may feature a hotline number or an unsolicited request

  • You receive a call purportedly from a staff in OCBC asking you to verbally reveal your Access Code/Organisation ID, PIN/Password, OTP or security token details


Symptoms of phishing scams on a PC/MAC

  • When you mouse over the embedded URLs in an email message, the hyperlinked address is different from the Bank's official URL

  • An email message that contains poor spelling and grammar

  • The message is making big promises and the offer seems too good to be true

  • The message is making unrealistic threats, e.g. the phisher use intimidation to scare victims into giving up confidential or personal information

  • You receive a message notifiying you of transactions that you did not perform

  • When a message asks for confidential or personal information. The Bank does not make unsolicited request for your information via email or phones


What you can do

If your PC/MAC has been comprimised, take a screenshot or picture of the suspicious content and give us a call at:

Personal Banking

Call 6363 3333 (24-hour)
Calling from overseas? Call +65 6363 3333

Premier Banking

Call 1800 Premier (1800 773 6437)
Calling from overseas? Call +65 6530 5930

Business Banking

Call +65 6538 1111
Calling from overseas? Call +65 6530 5930

Safeguarding your mobile banking experience

To ensure that your online security and account information are not compromised via your mobile device, please adopt the following safeguarding measures:

  • Only access and use our Mobile Banking Services on mobile phones/devices installed with the latest operating system and anti-virus software
  • Do not access OCBC Mobile Banking using 'jail-broken' or 'rooted' mobile phones (e.g. where the operating system has been tampered with) as it increases the risk of malicious software infectionSecure your mobile device with a password, pin or relevant mechanism to prevent unauthorised use
  • Take extra caution in safeguarding your mobile device, which may be more prone to being misplaced/lost/stolen than your computer
  • Only click on hyperlinks from messages and emails if they are from a trusted source
  • Only download mobile apps (including OCBC Mobile Banking app and OCBC Business Mobile Banking app) from official sources such as the Apple App Store or Google Play Store
  • Always install the latest updates for your device from legitimate sources (Play Store or App Store). New updates are sometimes used to fix bugs and address security vulnerabilities
  • Be aware of what the mobile app does and what information it may access on your mobile phone/device
  • If you are using your mobile phone to access OCBC Mobile Banking OneTouch™ & OCBC Business Mobile Banking OneTouch™ service or receive SMS One-Time Password as your 2FA to access online banking, please notify us immediately in the event of loss/theft of your mobile device, and/or if you suspect there is unauthorised access to your account
  • Do not allow your mobile device to store or retain your log-in credentials
Things to look out for

Signs of malware presence on mobile devices

  • Unfamiliar screen pop-ups. These may ask you to install unknown apps or to grant special permission to specific apps

  • Shown a fake overlay login page which asks for your banking log-in credentials or credit card information

  • Abnormal battery drainage due to malware uitilising the system resources

  • Experience serious performance problems as the malware is actively running in the background

  • Experience dropped calls or strange disruptions during a conversation due to interference of mobile malware

  • Unusual phone/data bills as a result of malware sending SMS text messages to premium-rated number

  • Unusual change in the look-and-feel of your smartphone (such as new icons or applications)

  • Your smartphone shuts down abruptly or gets locked up with the screen displaying the message 'System update in progress' even after it has force-restarted


Signs of phishing scams on mobile devices

  • When any hyperlinks provided in the message do not match our official pages:
    Personal Bankinghttps://internet.ocbc.com/internet-banking/
    Business Banking: https://velocity.ocbc.com/login.html

  • The message in an email contains poor spelling and grammar

  • The message is making big promises and the offer seems too good to be true

  • The message is making unrealistic threats, e.g. the phisher use intimidation to scare victims into giving up confidential or personal information

  • You receive notifications of transactions that you did not perform

  • When a message asks for confidential or personal information. The Bank does not make unsolicited request for your information via email or phones


What you can do
If your mobile device has been compromised, take a picture of the suspicious screen or remove the battery (where possible) or disable all data connectivity or give us a call at:

Personal Banking

Call 6363 3333 (24-hour)
Calling from overseas? Call +65 6363 3333

Premier Banking

Call 1800 Premier (1800 773 6437)
Calling from overseas? Call +65 6530 5930

Business Banking

Call +65 6538 1111
Calling from overseas? Call +65 6530 5930
E-payments User Protection Guidelines

As the banking industry constantly strives to make e-payments solutions simpler and more secure to use, The Monetary Authority of Singapore has issued the E-Payments User Protection Guidelines (“Guidelines”) which spells out the roles and responsibilities of banks and our customers when making e-payments.

Please be aware of your responsibility as an account holder and adopt safe banking measures to protect your bank accounts from unauthorised or erroneous transactions.

Please read the highlights of the guidelines below to understand the Bank’s as well as your rights and obligations as an account holder under the guidelines which will take effect on 30 June 2019.

What are my responsibilities in protecting my bank account?

  • Practise good security hygiene by changing your online banking PIN/password periodically and do not share with anyone

  • Keep your* contact details (such as mobile number and email address) up to date with OCBC so that we can send you transaction alerts by SMS or email

  • Choose to receive transaction notifications for outgoing transactions

  • Monitor your* transaction alerts and account statements for any unauthorised and erroneous transactions

    *in the case of sole proprietors, the person appointed at the point of application/mainenance

Do not:

  • Disclose your banking credentials such as Online Banking Access code, PIN or One-Time Password (OTP), Organisation ID, User ID or Password, credit/debit/ATM card details to any third party, for any purpose including to initiate or execute any payment transaction involving your account

  • Disclose your access code/password in a recognisable way on any payment account, authentication device, or any container for the payment account

  • Store or keep a record of your access code, PIN/Password, card details in a way that allows any third party to easily misuse them

  • Do not click on the weblinks in SMSes or emails to access our websites as these may be phishing attempts. Please always type our URL : https://www.ocbc.com/login (Individuals) or https://velocity.ocbc.com (Sole Proprietors) into the browser’s address bar or use our Mobile Banking/Business Mobile Banking apps

Do:

  • Only download the OCBC Mobile Banking app or OCBC Business Mobile Banking app from the official app stores (Apple App store or Google Play Store)

  • Update your device’s browser to the latest version available

  • Patch your device’s operating systems with regular security updates provided by the operating system provider

  • Install and maintain the latest anti-virus software on your device

  • Change your PIN/password regularly

  • Use strong password (such as a mixture of letters, numbers and symbols)

  • Do not use a PIN/password which can be easily guessed

  • Check carefully the e-payment instruction and details of the recipient (such as name, account number, mobile number, email address or unique entity number) before executing or confirming any e-payment transaction

  • Read carefully any notifications sent by the Bank. If you are asked to perform or authorise transactions that you are not aware of, do not do so

  • Report to the Bank immediately if you notice any unauthorised/erroneous transaction

What are my responsibilities in making e-payments?

  • Provide accurate contact information for the Bank to send transaction notifications;

  • Protect your login credentials and access to your protected accounts; login credentials include Login ID, access code, PIN/password, OTP or other credentials that are used to authenticate your identity;

  • Enable and monitor transaction notifications and report unauthorised transactions as soon as possible;

  • Provide information on unauthorised transactions as requested by the Bank to support investigations; and

  • Make a police report if the Bank requests such a report to be made to facilitate claims investigation

Transaction alert notifications

The default alert threshold for local ATM or debit/credit cards transaction is S$1,000. You may choose to change the threshold to your preferred setting. If you set it at a higher threshold than S$1,000, it will mean that you will not be notified of any transaction below S$1,000. This may have an impact on your liability for losses arising from unauthorised transactions.

For outgoing online banking e-payments, the Bank will send transaction alerts by SMS/Email/in-app notification, depending on your option setting, starting from S$0.01.

Where you have set thresholds for transaction notifications previously, those thresholds will continue to apply. Otherwise, the default threshold set by the Bank will apply.

Please refer to Question 7 below for the types of notifications available based on the Guidelines.

Unauthorised Transactions

Should you become a victim of an unauthorised transaction, please inform us immediately. You can report to us by contacting one of our branches during their opening hours or call us at:

Personal Banking

Call 6363 3333 (24-hour)
Calling from overseas? Call +65 6363 3333

Premier Banking

Call 1800 Premier (1800 773 6437)
Calling from overseas? Call +65 6530 5930

Business Banking

Call +65 6538 1111

Give full information of the unauthorised transaction such as payee details including bank name, payee name, account number, transaction date and time, amount, sender and your account details.

Make a police report if you have encountered a fraud or scam. We may request that you file a police report to facilitate our investigation.

What will the Bank do after you report an unauthorised transaction?

After receiving the information required to facilitate the investigation, the Bank will complete an investigation of any relevant claim within 21 business days for straightforward cases or 45 business days for complex cases.

Complex cases may include cases where any party to the unauthorised transaction is residing overseas or where the Bank has not received sufficient information from you (as the account holder and in the case of sole proprietors, the person appointed at point of application/maintenance) to complete the investigation. The Bank will update you of the outcome of our investigation. If it has been assessed that you are not liable for any loss from the unauthorised transaction, the Bank will credit your account as soon as our assessment is complete.

Should you disagree with our assessment of liability, you may proceed with other forms of dispute resolution including mediation at FIDReC.

Please note that transactions arising from frauds or scams are not in scope within the Guidelines. For erroneous/unauthorised transactions on credit cards, charge cards or debit cards, the dispute resolution process established under the respective card scheme will apply.

Erroneous Transactions

If you have sent an erroneous transaction, please inform us immediately. You can report to us by calling us at the following hotlines or visiting our branch during their opening hours.

Personal Banking

Call 6363 3333 (24-hour)
Calling from overseas? Call +65 6363 3333

Premier Banking

Call 1800 Premier (1800 773 6437)
Calling from overseas? Call +65 6530 5930

Business Banking

Call +65 6538 1111

Complete a GIRO/FAST/PAYNOW funds recall form or IFT/Telegraphic Transfer/MEPS funds recall form. You may be advised to file a police report.

Give full information of the erroneous transaction such as recipient’s unique identifier, including account number, identification number, name or other credentials entered by you and the date, time, amount and purpose of the transaction.

What will the Bank do after you report an erroneous transaction?

The Bank will endeavour to assist to recall the funds from the recipient and update you of the outcome. Longer time may be taken for more complex cases.

Frequently asked questions on guidelines

What are the E-payment User Protection Guidelines all about?

The Guidelines are issued by MAS to protect users of electronic payments. They aim to encourage wider adoption of e-payments in Singapore.

The Guidelines establish a common baseline protection that Financial Institutions will provide to individuals and sole proprietors from losses arising from unauthorised e-payment transactions from their protected accounts.


What is a protected account?

Protected accounts as defined in the Guidelines are those that:

  • are held by either individuals or sole proprietors, including those held jointly by multiple account holders; and
  • can hold a balance of more than S$500 or equivalent at any one time (Stored value facilities like EZ-Link card and NETS Cashcard are thus not covered by the Guidelines), or is a credit facility

What e-payments do the Guidelines cover?

The guidelines cover all payments initiated through electronic means, and where funds are received through electronic means. These include online payments and transfers.


How do the Guidelines protect me?

The Guidelines set out your responsibilities as an e-payment user to adopt good security practices. These include how you should protect your device, login credentials, access codes and protected accounts.

We will provide you with transaction notifications and a reporting channel so that you may be alerted of unauthorised transactions and report them should they happen.

We will investigate claims of unauthorised transactions, with the aim of achieving a fair and reasonable resolution.

Please note that the Guidelines do not apply to scams or frauds, which will be investigated by the police.


Frequently asked questions on transaction notifications

What are these transaction notifications for?

The notifications safeguard you against unauthorised and erroneous transactions. They are to alert you of such transactions so that you may report them to us for quicker resolution.


What type of transactions will I be notified on?

Notifications will be sent by us for outgoing payments initiated through electronic means. These include online payments/transfers and debit/credit card transactions.

Some electronic transactions may not trigger notifications if they were not initiated or received through electronic means. Transactions initiated by us, such as credit card cashbacks, will not trigger notifications under the Guidelines.

The notifications you receive may also depend on your instructions to us. For instance, you may have instructed us that a notification be sent only for certain types of outgoing transactions or if a transaction is above a certain amount.


What type of transactions will I be notified on based on the guidelines

For Individuals:

Types of SMS/Email Alerts Default Enrolment Settings Default Threshold
Top-ups and NETS purchases initiated via ATM card Auto-enrolment S$1,000.00 cumulative basis
Bill Payment and funds transfers initiated via ATM card Auto-enrolment S$1,000.00
Online Banking payments and transfers Auto-enrolment S$0.01
Debit/credit card transactions* Auto-enrolment S$1,000.00
Click here for other transaction alerts available.

For Sole Proprietors:

Types of SMS/Email Alerts Default Enrolment Settings Default Threshold
Cashcard top-ups, funds transfer, Bill Payment and NETS purchases initiated via ATM card As per indicated in the Corporate ATM SMS Alert setup/maintenance form S$1,000.00 cumulative basis
Online Banking payments and transfers Auto-enrolment for all online banking users based on contact details provided S$0.01
Card transaction*
- Debit card transactions
Auto-enrolment based on the contact details provided in the Business Debit Card application S$1,000.00

*Transactions initiated by the bank, such as credit card cashbacks, will not trigger notifications under the Guidelines.

Where you have set thresholds for transaction notifications previously, those thresholds will continue to apply. Otherwise, the default threshold set by us will apply.


How will these notifications be sent

Notifications may be sent via any of these channels:

Channels Individuals Sole Proprietors
SMS Yes Yes
Email Yes Yes
In-app
(funds transfer within own accounts; bill payment)
Yes NA

Do I need to enrol for these notifications?

You are automatically enrolled for notifications of outgoing transactions initiated through electronic means. This is applicable for new and existing customers (please refer to the default threshold limit set out in Question 7).

Please update us with your* latest mobile number or email address to ensure that you receive the notifications.

* in the case of sole proprietors, the person appointed at point of application/maintenance


Will I be charged for this service?

This service is currently free.


I am receiving too many notifications. How do I stop these notifications?

The notifications are a safeguard against unauthorised and erroneous transactions. There is a default threshold limit set for certain types of transactions (refer to Question 7 above). Based on your payment patterns, you may wish to adjust your notification thresholds so that you receive notifications that are most relevant to you. For instance, you may wish to be notified only if the transaction is above a certain amount.


What will happen to the existing notification thresholds that I have set previously?

Your existing notification thresholds will continue to apply and you may visit the notification settings to change it anytime.


How do I customise the alert settings?

For Individuals:

You may choose to customise the alert settings via OCBC Online Banking. For those alerts with selection of threshold limit available (such as ATM/card transactions), you can change the alert threshold to your preferred setting.

For more enquiries, please call 1800 363 3333 or visit any of our OCBC branches.

For Sole Proprietors:


How do I update my mobile phone number?

To ensure you are kept informed of your account/transaction details, it is important for the bank to be updated with your current mobile phone number.

You may update your mobile phone number via the following methods:

For Individuals:

You may choose to customise the alert settings via the following methods:

For Sole Proprietors:


What should I do if I receive a notification for a transaction that I do not recognise?

This could be an unauthorised transaction and you should inform the Bank immediately. Please provide the following information to us:

  1. The bank account affected;
  2. Your identification information;
  3. The type of authentication device, access code/login credentials and device used to perform the payment transaction;
  4. The name or identity of any account user;
  5. Whether the account number, authentication device, or access code/login credentials was lost, stolen or misused and if so,

    • the date and time of the loss or misuse,
    • the date and time that the loss or misuse, was reported to you, and
    • the date, time and method that the loss or misuse, was reported to the police;
    • any access code/login credentials that is applicable to the account,
    • how the account holder or any account user recorded the access code/login credentials, and
    • whether the account holder or any account user had disclosed the access code/login credentials to anyone

Frequently asked questions of liability and reporting of erroneous/unauthorised transactions

If I report an unauthorised or erroneous transaction to my bank, when can I expect a resolution?

We should complete an investigation of any relevant claim within 21 business days for straight forward cases, and up to 45 business days for complex cases.

For erroneous/unauthorised transactions on credit cards, charge cards or debit cards, the dispute resolution process established under the respective card scheme will apply.


If I report an unauthorised transaction, am I still liable for the transaction?

You will not be liable for any loss that arises from any action or omission by us, if you have complied with your duties as an account holder. For losses due to any other independent third party other than you and us, subject to the below, you will also not be liable if the outgoing transaction value is within S$1,000.

You will, however, be liable if it is ascertained that the primary cause was recklessness on your part, such as failing to protect your access code/login credentials or access to your protected account. Your liability will be capped at the transaction limit or daily payment limit, where applicable.

In all cases, we will conduct an assessment to determine the appropriate liabilities and work towards a fair and reasonable resolution.

For transactions on credit cards, charge cards and debit cards issued in Singapore, the apportioning of liabilities is governed by the ABS Code of Consumer Banking Practice.


What should I do if I receive erroneously sent funds?

Please inform us as soon as possible. You may be facilitating criminal activities, such as money laundering and unlicensed money lending, if you knowingly receive money from strangers, dubious sources or other unverified sources. It is a criminal offence if your bank account is used to receive money linked to criminal activities or keeping erroneously sent funds.


If I have sent funds erroneously to a wrong party, what should I do to get my money back?

Please contact us immediately to log your case. Reasonable efforts will be taken by us to recover the money sent, where possible. We and the receiving bank will facilitate communication between you and the recipient to help you recover the money that was sent wrongly.


Terms and conditions

We hope that the information we provide will be useful to you. However, you are expected to be responsible for the security of your devices. We regret that we will not be able to bear any financial losses resulting from unauthorised use of your account.

Personal and Premier Banking customersYour usage of our OCBC Online Banking Service is subject at all times to our Terms and conditions governing Electronic Banking Services and the Terms and conditions governing Deposit Accounts.

Business Banking customersYour usage of our OCBC Internet Banking Service known as Velocity@ocbc is subject at all times to the Business Account terms and conditions.