Falling Victim to Scams – How to Detect and Safeguard Your Interests

Falling Victim to Scams – How to Detect and Safeguard Your Interests

Since the start of 2021 Australians have lost over $220 million from financial scams. Of the total losses reported to Scamwatch for all of 2021, investment scams were the largest culprit, accounting for over half of the total amount lost. Investment scams have arguably become more prevalent during the COVID-19 pandemic. The frequent lockdowns have confined people to their home and spending more time online than usual. The dire economic effects have likewise made victims more susceptible to the allure of financial opportunities which promise high returns and with little to no risk at all. Ideally, the best recourse is to prevent serious financial loss by detecting a potential scam early on. However, this is not always possible. We explore some of the key indicators when it comes to detecting a potential scam and the recourse available should you fall victim to one.

Detect and protect yourself against a scam

Scams are becoming much more sophisticated and persuasive. In particular, investment scams typically engage individuals or businesses by the promises of quick and easy payouts or guaranteed returns. Most online investments scams involve high-risk transactions, which are dealings that carry a high degree of loss. Trading in cryptocurrencies such as Bitcoin attracts a high degree of risk as cryptocurrency is not treated as ‘money’ or a ‘financial product’ and victims are afforded less protection if they invest and it turns out to be a scam. The majority of cryptocurrency exchanges are also based in foreign countries, thus making the recovery of lost funds all the more difficult.

Scammers have been quick to capitalise on the hype of trading in cryptocurrencies and the unregulated blockchain environment. These cryptocurrency scams are becoming more sophisticated and convincing making it very difficult to identify legitimate cryptocurrency investments from scams. Potential investors are typically enticed by a phone call, email, advertisement, or post on social media that are often endorsed by celebrities, offering big returns from cryptocurrency trading. Once the potential investor is contacted by the scammer or directed to their website, the scammer will usually offer to make an investment on their behalf, provide details or an app or website through which they can invest.

The scammer may then claim to either trade on the investor’s behalf or coach them through making trades themselves. The investors will appear to make profits which are accessible on a webpage, or seemingly credible trading platform such as MetaTrader. However, the data is entirely fabricated and will show the investor profiting or losing in order to persuade them to invest more funds. When the investor tries to withdraw their funds, scammers will either cease all contact or demand further payment before funds can be released.

Simple steps can be taken to protect yourself against a potential investment scam, including:

  • Ask questions and request information to verify the legitimacy of the company, such as whether the investing prospectus is registered with ASIC, does the company have an Australian financial services licence, and who owns the company.
  • Conduct your own research on the company including checking that the company is not on any scam alerts issued by ASIC.
  • Make sure your privacy settings are up to date on your social media accounts.
  • Obtain independent expert advice before you invest.

Obligations of banks and financial institutions


Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act)

The AML/CTF Act imposes reporting obligations on entities that provide ‘designated services’ such as the provision of financial services (Reporting Entities). These obligations extend to adopting anti-money laundering and counter-terrorism financing programs in order to minimise the risk of engaging in transactions that involve money laundering or the financing of terrorism.

Reporting Entities have an obligation to make a suspicious matter report to the Australian Transaction Reports and Analysis Centre (AUSTRAC) if, at any time while dealing with a customer, the reporting entity forms a reasonable suspicion that the matter may be related to tax evasion, the proceeds of crime or relevant to the investigation of, or prosecution of a person for, an offence against a law of the Commonwealth, State or Territory.[1]  Additional reporting obligations include an obligation to report transactions in excess of $10,000,[2] and report any money transferred via an international funds transfer instruction.[3] Penalties for non-compliance with the AML/CTF Act can be substantial, including penalties of up to $22 million.

National Consumer Credit Protection Act 2009 (NCCP Act)

The NCCP Act does not provide any direct obligations to protect consumers against fraudulent conduct by a third party. However, it imposes obligations on lenders (those who hold an Australian Credit Licence) and contains the National Credit Code, which regulates credit lending conduct.

Lenders have an obligation to assess the suitability of the consumer to service a loan facility.[4] This assessment includes the requirement to make reasonable inquiries about the consumer’s financial situation and to take reasonable steps to verify their financial situation.[5] There may be circumstances where a consumer, who falls victim to a scam, requires additional funding to facilitate an investment opportunity without awareness of the potential scam. Thus, it is important for lenders to ensure they adequately assess the consumer’s financial position and make reasonable enquiries as necessary before providing any loan facility. The maximum penalty for breach of this obligation is currently $1.11 million.

Duty to exercise reasonable care and skill

The relationship between a bank and customer is a contractual one and it is well settled that the duties of a bank towards its customer lie in contract alone.[6] The existence of such duties will depend upon the implications necessary to the efficacy of the bank-customer relationship and any specific terms of that relationship. Liability for negligence on the part of a bank will usually arise from the contract and not a liability in tort.[7] A bank will typically owe its customer a contractual duty to exercise reasonable care and skill when providing a financial service or product. This duty has been held to include an obligation to make reasonable enquiries in appropriate circumstances. For example, a bank may have a duty to clarify a customer’s wishes when it is alerted to the fact that a customer’s interest could be prejudiced by certain transactions.[8] In fact, courts have been willing to impose fiduciary obligations on a bank where it has created an expectation in a customer to act in their best interest when providing transactional advice as an advisor.[9]

The Financial Ombudsman Service Australia (FOS) has also demonstrated a willingness to impose a duty of care on banks in respect of protecting customers against known fraud. In 2016 the FOS issued a determination that held a bank was partially liable for the financial loss incurred by an investor for allowing money to be sent to an offshore ‘boiler room’ known by the bank to be a scam.[10] In that case, the bank’s fraud system had initially detected the suspicious transfer and placed a block on the transactions. However, the bank removed the block when the investor confirmed the transactions, unbeknown to them that they were fraudulent. The FOS placed greater weight on the fact that the bank was put on notice by ASIC of the exact fraud and decided to remove the block anyway. The bank was held liable for 75% of the total losses in the sum of $235,539.06.

Industry codes and practices

ASIC ePayments Code (EP Code)

Most banks and financial institutions are subscribed to the EP Code (Subscribers) which regulates electronic payment facilities such as BPAY. The EP Code is administered by ASIC and requires Subscribers to investigate and report unauthorised transactions.

Clause 17 requires Subscribers to have an effective and convenient process for users to report unauthorised transactions, loss, theft or misuse of a device, or breach of pass code security. In addition, clause 38.2 of the EP Code requires Subscribers to have an effective complaints procedure to resolve complaints from users about an unauthorised transaction and the Subscribers must make reasonable efforts to obtain from the user a vast range of information including:

  • The details of the transaction to be investigated including a description;
  • The date and time;
  • The amount; and
  • The type and location of electronic equipment used.

Australian Banking Code of Practice (ABCP)

In addition, the ABCP provides a set of industry standards that are to be upheld by banks when they provide financial services to customers. Clause 17.1 sets out the bank’s obligation to exercise care and skill of a diligent and prudent banker when considering a new loan, or an increase in a loan limit. Clause 30 outlines the measures banks are required to take in order to keep accounts safe and secure.

The Banking Code Compliance Committee independently monitors the ABCP to ensure banks are meeting their obligations. However, the BCCC is unable to award compensation for breach of the ABCP.

Other legal rights

Australian Consumer Law (ACL)

Under the ACL, it is unlawful to make false representations and engage in conduct that is misleading or deceptive. In addition, it is unlawful to engage in unconscionable conduct, which means that scams targeted to a particular group of vulnerable consumers, such as those suffering from a special disadvantage, may breach the ACL.

Consumers have the option of commencing a claim against the scammer directly for breach of the ACL. Scammers will thus be exposed to damages, monetary penalties, and any other orders the court sees fit to remedy the loss or damage suffered as a result of the breach.

What to do if you fall victim to a scam

If you suspect you have fallen victim to a scam, the first step is to immediately report the scam to your bank or financial institution. The bank may be able to stop any fraudulent or unauthorised transactions and immediately close your account. If you fall victim to an investment scam it is also important to immediately cease sending any funds to the alleged scammer even if it is to ‘withdraw funds’.

We outline below a summary of some additional options and recovery action which may be available to you:

  1. Make a complaint through the Australian Financial Complaints Authority (AFCA).
  • Complaints can only be made by individuals, partnerships, eligible corporate trustees, small businesses, not-for-profit organisations, strata corporations or eligible group insurance policy holder.
  • The complaint must be about a financial firm that is an AFCA member.
  • Claims for direct financial loss arising from all other claims (excluding superannuation complaints) submitted on or after 1 January 2021 are capped at $542,500 and the amount of compensation that can be awarded is capped at $1,085,000.
  • https://www.afca.org.au/make-a-complaint;
  1. Make a consumer complaint to the Australian Competition & Consumer Commission or NSW Fair Trading.
  • You can report the scam to Scamwatch to alert ASIC of a potential scam.


  1. Report the scammer to the police.
  • There are number of fraud related charges covered under the Crimes Act 1900 and the maximum penalty for committing the crime in NSW is 10 years imprisonment.
  • Directors of companies can be held criminally liable for fraudulent activity including omitting certain entries, destroying books, publishing false statements, cheating and defrauding.
  • However, criminal prosecution of the scammer may be difficult to achieve, particularly with cryptocurrency scams, where most servers are located in foreign countries and the decentralised arena makes attributing criminal responsibility problematic.
  1. Commence a claim against the scammer and/or the financial institution.
  • Civil claims are available either against the scammer or financial institution in appropriate circumstances for breach of an applicable law.
  • When commencing claims against a scammer, it is important to appreciate that the fleeting nature of most scammers will make commencing legal action quite challenging.
  • However civil remedies are more likely to maximise financial recovery and it is important to seek legal advice to explore the most appropriate cause of action.

Key Takeaways

Falling victim to a scam can be an incredibly stressful experience and the framework of legal recourse can be difficult to navigate.

If you believe that you have fallen victim to a scam below are some brief takeaways to consider:

  • Act fast. Contact your bank or financial institution to discover the fraud and ask if they can block a payment or request a recall of funds.
  • Report the scam to the relevant regulatory authorities.
  • Cease all payments to the scammer, even if it is to ‘withdraw funds’.
  • Research the company before signing up to an investment opportunity online, including on scam alert sites such as Scamwatch.gov.au and Moneysmart.gov.au.
  • Seek independent expert advice before undertaking an investment opportunity, entering into a contractual arrangement or commencing any legal proceedings.

If you wish to obtain advice about a particular matter, please contact our office on 02 9391 3000.

[1] Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) s 41.

[2] Ibid s 43.

[3] Ibid s 45.

[4] National Consumer Credit Protection Act 2009 (Cth) s 128.

[5] Ibid s 130.

[6] National Australia Bank Ltd v Nemur Varity Pty Ltd (2002) 4 VR 252.

[7] Ryan v Bank of New South Wales [1978] VR 555 per McGarvie J at 579.

[8] Selangor United Rubber Estates Ltd v Cradock (No 3) [1968] 1 WLR 1555; Karak Rubber Co Ltd v Burden (No 2) [1972] 1 WLR 602.

[9] The Commonwealth Bank v Smith (1991) 102 ALR 453.

[10] FOS Determination: Case Number 404469 dated 18 April 2016.

Our Lawyers