The Anti-Financial Account Scamming Act — AFASA — (Republic Act No. 12010) is the Philippines’ comprehensive response to the fast-growing problem of digital financial scams: phishing, vishing, account takeovers, fraudulent online selling, money mules and other schemes that drain consumers’ accounts and damage trust in digital finance.

Enacted on 20 July 2024, AFASA creates new criminal offences, places duties on financial institutions and relevant service providers, and sets out enforcement and victim-remedy mechanisms intended to both deter scammers and protect victims.

Below is a practical guide to what AFASA does, who it affects, how it changes responsibilities for banks and e-money issuers, and what compliance and operational steps organisations should take.

What AFASA Does? It's Scope and Purpose

AFASA targets the misuse of financial accounts and related instruments in the commission of scams and fraud. It covers:

Traditional bank accounts and savings.
E-wallets, prepaid accounts, online payment accounts and other digital financial wallets.
Transactions effected through these financial accounts, including fund transfers and cash-in/cash-out operations.

Its stated objectives are to define and criminalise financial account scamming that provides enforcement tools (like freezing, tracing, preservation of funds, cooperation duties, and more) as well as restitution and remedy mechanisms for victims.

Key Definitions

Financial account scamming: Using deception, manipulation or technical means to cause the transfer of funds out of another person’s financial account, or to cause the misuse of accounts for laundering scam proceeds. (The Act’s text gives detailed legal definitions)

Money mule: A person who receives scam proceeds into their account and transfers them onward on behalf of scammers. AFASA treats money-mule activity as an actionable offence when it is knowingly or recklessly involved in scam proceeds movement.

Covered institutions: Banks, e-money issuers, payment service providers, cash agents and other institutions that hold or process financial accounts. These entities are assigned specific duties under AFASA.

Main offences and penalties (high level)

AFASA criminalises a range of behaviours, including:

Conduct that produces unauthorised transfers or withdrawals from another person’s account through deception or fraudulent means.
Operating or facilitating money-mule networks.
Conspiracy, aiding, abetting or assisting scammers (including knowingly providing accounts for misuse).

Penalties depend on the nature of the offence and can include imprisonment and fines. AFASA also allows for administrative actions against institutions that fail to observe required safeguards.

Below is the list of penalties and enforcements involved in AFASA Act:

Section 4(a) – Money Muling Activities

This provision penalizes those involved in “money muling,” including individuals who use, borrow, sell, rent, or lend financial accounts for the benefit of another person. It also applies to anyone opening an account under a false name or using another person’s identity or documents, and those who recruit or induce others to do any of these activities.
Violators face imprisonment of 6 to 8 years, or a fine between ₱100,000 and ₱500,000, or both, as decided by the court. If the offense involves acts under items (1) to (4) above, the court must also order the closure of the financial account and forfeiture in line with Article 45 of the Revised Penal Code.

Section 4(b) – Social Engineering Schemes

This covers individuals who, through deception or fraud, obtain sensitive personal or identifying information of another person, leading to unauthorized access or control of the victim’s financial account. Acts include impersonating institutional representatives or using electronic communications to mislead victims.
The penalty is imprisonment from 10 to 12 years, or a fine between ₱500,000 and ₱1,000,000, or both. If the victim is a senior citizen, the imprisonment increases to 12 to 14 years, and the fine rises to ₱1,000,000 to ₱2,000,000, or both.

Section 4(c) – Economic Sabotage

Economic sabotage occurs when offenses under Section 4(a) or 4(b) are committed under aggravated circumstances — such as by three or more conspirators, against at least three victims, using mass emails to 50 or more people, or involving human trafficking.
This grave offense is punishable by life imprisonment, or a fine from ₱1,000,000 to ₱5,000,000, or both.

Section 5 – Other Offenses

This section penalizes individuals who aid, abet, or attempt to commit the offenses listed under Section 4. It also includes those who open, buy, or sell financial accounts under fictitious names.
Such offenders face 4 to 6 years of imprisonment, or a fine between ₱100,000 and ₱200,000, or both. Furthermore, if the offense involves opening, buying, or selling accounts (items c or d), the court will order the closure of the account involved.

Section 16(e) – False Reports (Related to Section 11)

A person who deliberately files false or baseless reports that cause another individual’s funds to be temporarily held under Section 11 will be penalized.
The punishment is imprisonment from 1 to 5 years, or a fine from ₱50,000 to ₱200,000, or both.

Section 16(f) – Obstruction of BSP Inquiry (Related to Section 12)

Any person who intentionally obstructs, delays, or frustrates an investigation or inquiry conducted by the Bangko Sentral ng Pilipinas (BSP) under Section 12 is subject to sanctions.
This carries 1 to 5 years imprisonment, or a fine from ₱50,000 to ₱200,000, or both.

Section 16(g) – Unauthorized Disclosure (Related to Section 15)

An official, employee, or agent of any institution or government body who unlawfully discloses information obtained during a BSP inquiry or investigation will be penalized.
The offense is punishable by 1 to 5 years imprisonment, or a fine between ₱50,000 and ₱200,000, or both.

Section 16(h) – Corporate or Juridical Persons

If a juridical entity, such as a corporation, commits any of the punishable acts, the fine imposed shall be double the amount applicable to individuals, but not exceeding ₱10,000,000. The corporate liability does not exempt the responsible officers from facing individual criminal charges.

Section 16(i) – Government Officials and Employees

Government employees or officials found guilty of offenses under Sections 4 or 5 face additional sanctions. Apart from the penalties prescribed, they shall also suffer perpetual absolute disqualification from holding any appointive or elective public office in the government or any of its agencies or instrumentalities.

What banks and PSPs must do for AFASA Compliance? New Obligations For Financial Institutions

AFASA significantly increases the operational and legal responsibilities of covered institutions. Key duties include:

Enhanced due diligence & onboarding controls: Strengthened name screening, KYC and transaction monitoring specifically tailored to detect account-based scamming patterns.
Hold and preservation of disputed funds: If an account is the subject of a verified scam, institutions may be required to place holds and preserve funds while investigations proceed. Mishandling such funds can create liability.
Mandatory reporting and cooperation: Prompt reporting to designated government authorities and cooperation with law enforcement and scam-response units is required. AFASA contemplates a cross-agency approach.
Customer reimbursement rules: AFASA introduces clearer pathways for victim restitution where the institution’s lapses contributed to loss — meaning banks may be required to reimburse victims in prescribed circumstances. This is a major shift toward consumer protection.

These obligations mean that institutions must not only prevent fraud but also be ready to demonstrate they followed required procedures when an incident occurs.

ZIGRAM provides the most comprehensive “Complete AML System” with our risk app ecosystem for due diligence, name screening, transaction monitoring, risk rating, and much more. Book a free demo here to be 100% AFASA AML Compliance.

Enforcement architecture & support structures

AFASA creates or empowers specific enforcement and coordination mechanisms. The law contemplates:

Law enforcement units with authority to trace, freeze and preserve scam proceeds.
Mechanisms to coordinate between the Bangko Sentral ng Pilipinas (BSP), Anti-Cybercrime units, prosecutors and industry bodies.
Legislative support for establishing central scam-response centres (proposals and companion bills have been discussed to set up specialized scam prevention centres).

Practical impact on banks, e-money issuers and Fintechs

Operational changes: Expect more stringent onboarding checks, behavioural analytics, real-time transaction monitoring for scam signatures (vishing patterns, rapid outgoing transfers to known mule accounts) and formal escalation workflows.
Customer service & dispute handling: Faster and better documented dispute resolution processes; consistent preservation of evidence and audit trails will be critical.
Liability exposure: Institutions may face restitution obligations, regulatory fines, and reputational harm if they fail to implement AFASA-required safeguards.

What to implement now? Compliance checklist For AFASA

1) Map all product flows (bank, e-wallet, P2P transfers) and identify scam exposure points.

2) Upgrade identity proofing and ongoing KYC rules to detect synthetic and mule accounts.

3) Deploy or tune transaction monitoring rules for scam indicators (small deposits followed by rapid outflows, multiple cash-outs, inconsistent geolocation patterns).

4) Establish a rapid-response freeze & notification playbook to preserve funds and evidence.

5) Train front-line staff and call-centre agents to identify scam reports and follow legal hold procedures.

6) Formalise reporting lines to BSP and national law enforcement; draft templates for evidence submission.

7) Review terms of service and customer reimbursement policies to align with AFASA’s requirements.

Challenges and Open Issues For AFASA Compliance

Attribution & evidence: Tying scam transactions to organised groups and proving intent remains operationally hard. AFASA gives powers, but investigators still need strong digital forensic tools (like PreScreening.io, Transact Comply, Due Diliger and Entity Hero).
False positives vs customer experience: Aggressive holds can frustrate legitimate customers which is why institutions must balance fraud prevention with service continuity. Use tools powered by AI for faster onboarding and periodic monitoring that gives compliance and higher customer retention.
Cross-border enforcement: Scammers typically operate across jurisdictions; institutions must arm themselves with tools that have local as well as global database and cooperation with foreign law enforcement remains essential.

Where to read the AFASA Law & Guidance?

The full text of Republic Act No. 12010 (AFASA) is available on Philippine law repositories. For legal details and exact language consult the statute. (Lawphil)
The Bangko Sentral ng Pilipinas and industry legal briefings (banking-industry booklets and IRRs) provide practical interpretation and operational guidance. (Bureau of the Treasury)

Conclusion

AFASA represents a major policy pivot in the Philippines: criminalising account-based scamming more clearly, assigning responsibilities to financial institutions, and giving authorities stronger tools to preserve and trace illicit funds.

For banks, fintechs and payment providers, AFASA means operational work — stronger KYC, sharper transaction analytics, formalised hold and reporting workflows, and a renewed emphasis on customer restitution. Done well, these steps will reduce scams and build public trust in digital finance; done poorly, they will bring legal and reputational risk. Organizations should act now to align people, processes and technology with AFASA’s expectations.