Joseph Azil Buena

Senate Deputy Minority Leader Risa Hontiveros on Nov. 14 filed Senate Resolution No. 1234 and urged the chamber to investigate numerous incidents of unauthorized deductions and transactions, and other irregularities experienced among users of mobile financial services.

Photo Courtesy of PTV/ABS-CBN News.

Hontiveros said that, through the probe, the Senate must review and ensure the improvement and implementation of regulations governing the financial technology or ‘fintech’ sector.

“There is, as of yet, no legislative framework yet in place to ensure stability and transparency, build public trust, and promote inclusion vis-à-vis this class of services," Hontiveros stated in the resolution.

Hontiveros stressed mobile financial services have become “a part of daily life for millions of Filipinos” and also a “driver of economic growth and financial inclusion,” posing the need for measures to protect and secure fintech users’ safety and privacy.

She also claimed GCash, a leading fintech service, alone has an estimated 76 million users who posted PHP 6 trillion worth of transactions in 2022, almost equal to the Philippines’ 2025 national budget.

"Kailangan natin aksyunan ang daing ng mga kababayan nating biktima ng scam o hacking sa mobile financial services, na tila walang mahingan ng tulong sa pagbawi ng natangay nilang pera. We must implement a system that enhances regulatory oversight over the fintech sector, so Filipinos can trust that their hard-earned money is safe - even online," Hontiveros said in a Facebook post.

This follows after GCash users over the weekend reported unauthorized transactions with the ‘Send Ang Pao’ feature of the application, deducting thousands from e-wallets in quick succession and transferred to unknown accounts.

G-Xchange Inc., the operator of GCash, has since said in a statement that the incidents are a part of an ‘on-going system reconciliation process,’ with the Department of Information and Communications Technology (DICT) supporting the occurrence of ‘an internal issue’ rather than external hacking.

In the resolution, Hontiveros also cited similar incidents in 2023 when multiple accounts were compromised with ‘phishing attacks’ ran through online gambling platforms.

Hontiveros also pointed to warnings of the DICT cybercrime unit about recent phishing attempts through text messages allegedly coming from GCash and PayMaya, another fintech giant.

The senator said these messages were supposedly sent using a International Mobile Subscriber Identity (IMSI) catcher, which monitors and intercept mobile data traffic by posing as a cell site.