ARTICLE
23 November 2024

How to Respond to Unauthorised Bank Account Access and Fund Theft

L
LegalVision

Contributor

LegalVision logo
LegalVision, a commercial law firm founded in 2012, combines legal expertise, technology, and operational skills to revolutionize legal services in Australia, New Zealand, and the UK. Beginning as an online legal documents business, LegalVision transitioned to an incorporated legal practice in 2014, and in 2019 introduced a membership model offering unlimited access to lawyers. Expanding internationally in 2021 and 2022, LegalVision aims to provide cost-effective, quality legal services to businesses globally.
Enable real-time transaction alerts, use multi-factor authentication and maintain regular account monitoring.
Australia Government, Public Sector

In Short

  • Act immediately to secure your account, contact your bank and update login credentials to limit further risk.
  • Use preventive measures like multi-factor authentication, transaction notifications and reduced payment limits to minimise future incidents.
  • Gather evidence and report unauthorised access promptly to your bank, police and relevant authorities to maximise recovery chances.

Tips for Businesses 

Enable real-time transaction alerts, use multi-factor authentication and maintain regular account monitoring to detect unauthorised access quickly. Limit online purchases to low-limit cards, and always update bank contact information for prompt communication about suspicious activity. Keep documentation ready for swift reporting if an incident occurs.

Discovering unauthorised access to your personal or business bank account and fund theft can be deeply unsettling. In our increasingly digital world, these incidents are unfortunately becoming more common. This article will cover immediate actions you can take to:

  • secure your account;
  • prevent future fund theft;
  • report the incident; and
  • legally recover your privacy and funds.

Immediate Action

When you discover unauthorised transactions or suspect your bank account has been compromised, time is of the essence. Swift action can significantly improve your chances of recovering stolen funds and minimising further damage.

To regain control of your account, you should:

  1. freeze the affected accounts and connected cards;
  2. contact your bank immediately about the unauthorised transaction and make sure you receive a reference number;
  3. change your login credentials, including passwords, PIN codes and security questions; and
  4. enable two-factor authentication on your accounts.

Additionally, you should make sure that all of your important passwords are unique and difficult to guess. This means that you should not include any personal information, such as your name, in your passwords.

However, the good news is that you may be able to recover your money back from the bank if:

  • there was fraud or negligence by an employee, agent of the bank or another third party;
  • a forged, expired, faulty or cancelled PIN/password or card was used; or
  • the transaction happened after you informed the bank that your card was lost, stolen or had been misused, or that someone else may know your PIN/password.

You are less likely to get your money back if you:

  • acted fraudulently;
  • did not keep your PIN or password secret; or
  • unreasonably delayed telling your bank that your card was lost, or stolen or that someone may know your PIN.

2024 Key Data and Privacy Developments

The Australian Government is changing the law to protect consumer privacy after a series of high-profile data breaches and to bring the law into line with the safer and more protective laws in other regions. This fact sheet outlines what is expected in 2024.

Download Now

Prevention Strategies

To prevent your bank account and funds from being compromised in the future, you should:

  • turn on transaction notifications for all transactions over the value of $0 for each card or account you have;
  • actively monitor your accounts' transaction history;
  • use a second credit card for online purchases that have a low transaction limit, so if it is accessed without authorisation, any potential loss is capped;
  • consider reducing your payment limits;
  • keep your account details up to date so your bank can contact you if it notices suspicious activity on your account; and
  • enable multi-factor authentication, a security measure that requires two or more proofs of identity to grant you access.

Reporting the Incident

Before reporting unauthorised bank account access or fund theft, make sure to gather all necessary transaction records, bank statements and documentation. When reporting, you should:

  • contact your bank immediately and insist they follow up your report in writing;
  • keep a clear timeline of events;
  • file a police report with your local police department as well as any specialised cybercrime units, providing them with detailed information about the incident, including:
    • dates;
    • amounts stolen; and
    • any details about the perpetrators if known;
  • report to the Australian Cyber Security Centre (ACSC). Though the ACSC does not investigate individual cyber crimes, they play a vital role in analysing common threats and coordinating responses; and
  • notify the Australian Financial Complaints Authority (AFCA) who can facilitate a dispute resolution process with your bank if needed, ensuring your rights as a customer are protected throughout the investigation and recovery process.

Your Legal Rights and Obligations

Generally, your legal rights and obligations when there has been unauthorised access to your bank account and stolen funds are covered by the following regimes:

  • ePayments Code: This provides key protections for consumers regarding electronic payment transactions, including unauthorised access to bank accounts. It requires banks to compensate customers for unauthorised transactions as long as they have not contributed to the loss.
  • Banking Code of Practice: This also covers unauthorised transactions, requiring banks to promptly and efficiently investigate and resolve any reported incidents. Relevant sections include obligations around monitoring accounts for suspicious activity and providing assistance to customers who have fallen victim to theft or fraud.
  • Australian Consumer Law (ACL): The ACL provides nationwide safeguards, while state-specific legislation offers additional protections. These laws prohibit unfair practices, mandate fair contract terms and establish dispute resolution mechanisms to assist consumers who have suffered financial loss.

Together, these codes and laws establish a framework to help people respond to and recover from unauthorised access to their bank accounts.

Key Takeaways

Having your bank accounts accessed by an unauthorised person and potentially losing funds can be a complicated and harrowing experience. However, by following the processes of prevention and reporting outlined above, you should be able to secure your bank accounts and keep your privacy and money safe. Additionally, you should take immediate action when you discover unauthorised transactions or account compromises, including:

  • freezing your accounts;
  • contacting the bank;
  • changing your login credentials; and
  • enabling two-factor authentication.

The ePayments Code and Banking Code of Practice provide key protections for consumers, requiring banks to compensate for unauthorised transactions and promptly investigate incidents. Australian consumer protection laws, including the Australian Consumer Law, also apply and offer additional safeguards against unfair practices and assistance for recovering financial losses.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More