BSP orders banks to require more IDs after ‘Comelec data hack’

The Bangko Sentral ng Pilipinas (BSP) on Friday ordered all financial institutions to strengthen their know-your-customer (KYC) practices after hackers earlier this week posted online voters' personal information supposedly from the Commission on Elections database.

In its memorandum, the BSP said all BSFIs must ask for additional proof to make sure of the identity of new and existing customers.

“Customer identification procedures of BSFIs that rely on static information which may be obtained from the disclosed Comelec records should be supplemented by requests for additional proof or secondary information to establish the true identity of new and existing clients,” Deputy Governor Nestor A. Espenilla Jr. said.

Under the KYC, banks are mandated by law to take note and verify the identification of their customers.

“Relative to the reported unauthorized disclosure of voters’ registration records of the COMELEC, all BSFIs (BSP-supervised financial institutions) are enjoined to strengthen their KYC practices and exercise extra vigilance against possible misuse of said information for financial transactions,” Espenilla said in the memorandum.

This developed after a group of hackers posted online what appears to be voters' data on Thursday as a searchable database on an independent site.

As of posting time, the website has already been put down.

According to the Comelec, the stolen data cannot be used for electoral fraud.

However, the information may still potentially be used for other cybercrimes such as phishing or identity theft. —NB, GMA News