When the State Bank of Vietnam enforced biometric verification requirements in 2024, banks across the country launched a massive re-verification effort covering nearly 200 million accounts.
The exercise revealed that more than 86 million accounts could not be matched to a real person. By September 2025, those accounts were shut down.
Trusting Social, a US-founded fintech company that developed fraud detection and identity verification systems in Vietnam, witnessed the transition firsthand.
“We spent years in Vietnam building systems that had to work for real people, on basic phones, in rural areas, with documents that weren't always perfect,” Nguyen Nguyen, founder and chief executive officer of Trusting Social, said in a statement.
“That experience taught us what fails in production and what doesn't. When the Philippines mandate came, we already knew what to watch out for,” he added.
Fraud shifts
According to Trusting Social, Vietnam’s mandate exposed how criminal groups had long exploited weak identity verification systems.
The State Bank of Vietnam reported a 59 percent decline in fraud and theft cases involving individuals and a 52 percent reduction in accounts receiving illicit funds within months of implementation.
However, the transition also exposed weaknesses in institutions that implemented only basic compliance measures. Two weeks after enforcement began, only two Vietnamese banks had achieved biometric registration rates exceeding 20 percent.
In May 2025, Vietnamese police dismantled a 14-member syndicate accused of laundering $39 million over seven months using AI-generated facial scans to bypass biometric checks.
Across deployments involving eight major Vietnamese banks, Trusting Social said its fraud prevention systems blocked more than $4.3 billion in attempted mule account transactions within one year.
“Our experience in Vietnam showed us that when banks get stronger, fraudsters move to whoever is weakest,” Nguyen said.
“The institutions that built properly protected their customers and ones that didn't become the new target,” he added.
PH transition
Trusting Social said the Philippines now faces similar structural risks.
The Bangko Sentral ng Pilipinas (BSP) received around 70,000 fraud complaints in 2024, while the Cybercrime Investigation and Coordinating Center recorded 10,004 cybercrime complaints during the same year — three times higher than 2023 levels. Reported losses reached nearly P198 million.
Many vulnerable accounts, the company noted, were opened offline without verification against a live individual.
BSP Circular 1213 requires financial institutions to phase out SMS and email one-time passwords for high-risk transactions by June 30, 2026.
Institutions that fail to comply with AFASA standards may also face direct liability for customer losses.
“Every institution we work with wants to get this right,” said Johnny Escaler, chief executive officer of Trusting Social Philippines.
“The banks that got this right in Vietnam stopped looking at the requirements and focused on how to make sure customers never have to think about fraud again,” he added.
Escaler said stronger digital safeguards could also help restore public confidence in online banking services.
“There are Filipinos who stopped using digital banking after being scammed, there are more who never started,” he said.
“Every institution that builds this well is an institution that gives those people a reason to come back.”
Beyond compliance
Trusting Social said Vietnam’s reforms did not end with one regulatory mandate.
Within 18 months, Vietnamese regulators expanded biometric verification requirements to corporate accounts, card issuance, and e-wallets.
In the Philippines, the BSP issued a draft circular in March 2026 encouraging server-side biometric authentication, where identities are verified against bank-held records instead of relying solely on customer devices.
Nguyen said the evolving regulations show fraud prevention requires continuous improvement rather than one-time compliance efforts.
“What the Philippines has that others didn't is a head start: the data, the experience, the proof of what works,” Nguyen said. —Ed: Corrie S. Narisma
