Information about how to protect your bank accounts and what to do about mistaken or unauthorised payments.
You have six years to complain to Australian Financial Complaints Authority (AFCA) about a dispute with your bank about an unauthorised payment from when you first became aware of the payment, if you haven’t complained directly to your bank.
You have two years to apply to AFCA about a dispute regarding an unauthorised payment, if you have complained directly to your bank.
There are a number of steps you can take to protect your bank accounts:
For more information, see Protect yourself – Securing your accounts on the Australia Cyber Security Centre website.
Your bank account is compromised if your login details have been shared without your knowledge or permission, even if no unauthorised payments have been made yet. If you think your account has been compromised, you should:
If you have paid money to a wrong bank account, by putting in the wrong BSB or account number or choosing the wrong payee, you can contact your bank or credit union to see if they can get the money back for you. It’s important to notify your bank or credit union as soon as you make the mistake. This is called a mistaken internet payment.
A mistaken internet payment does not include entering the wrong BPAY number. There is a different process to resolve mistaken BPAY payments. You can contact your bank or credit union for more information.
Almost all banks and credit unions, and even some other organisations, are subscribers to the ePayment Code. Under the ePayment Code, what your bank can do will depend on:
You can confirm if your bank or credit union is a subscriber by:
For more information, see ePayments code on the ASIC website.
If you are trying to recover money that you sent to the wrong account and your bank or credit union is not a subscriber to the ePayment Code, you should contact your bank to get their rules and policies in dealing with mistaken payments.
For more information, see the factsheet Mistaken internet payments on the Australian Financial Complaints Authority (AFCA) website.
There is no time limit to report a mistaken payment, however, the procedure changes depending on the amount of time from the date of the payment to the date that you report the payment. It’s important to report the mistake as soon as possible.
If you report the mistake:
For more information, see the fact sheet Reversing Bank Transactions on the Financial Rights Legal Centre website.
If you have satisfied the bank or credit union that you made a mistaken internet payment but there is not enough money left in the intended recipient's account to pay you back, the bank or credit union must make reasonable efforts to recover the money for you. Reasonable efforts can include arranging a repayment by instalment plan with the unintended recipient.
If your bank is refusing to reverse the transaction, you should complain directly to the bank.
For help on how to make a complaint to your bank, see Internal dispute resolution tips on the AFCA website.
If you are unhappy with the banks response to your complaint, you can make a further complaint to AFCA.
You have two years to apply to AFCA about a dispute regarding an unauthorised payment, from when the bank responded to your complaint. In special circumstances, AFCA may accept a complaint outside of this time limit.
Generally, you can’t complain to AFCA about fees, charges or interests rates.
For more information, see Banking deposits and payments products and issues on the AFCA website.
If money is incorrectly transferred into your account, you should notify your bank.
You should not spend or withdraw the money transferred into your account by mistake because you will have to pay it back.
For more information, see the factsheet Mistaken internet payments on the AFCA website.
An unauthorised payment is a transaction that you didn’t perform or didn’t agree to someone else performing for you.
You should check your bank account statements regularly for unauthorised payments.
If there has been an unauthorised transaction on your account, you should report this transaction to your bank or credit union as soon as possible.
You may be able to get your money back from an unauthorised transaction if:
You must report the unauthorised transaction as soon as possible. Banks or credit unions can consider any unreasonable delay in reporting when deciding your responsibility for the loss.
If your bank or credit union is unhelpful, you can complain to the Australian Financial Complaints Authority (AFCA).
For more information, see Make a complaint on the AFCA website.
Banks are not responsible for identifying and blocking every scam or fraudulent transaction.
In limited circumstances, your bank may be responsible for the money you lost to a scam. This will depend on whether the bank was aware of the scam, and what role the bank played in the unauthorised payment. Some situations may include where:
For more information, see the fact sheet Scams on the Financial Rights Legal Centre website.
If your bank or credit union is unhelpful, you can complain to the Australian Financial Complaints Authority (AFCA).
For more information, see Make a complaint on the AFCA website.
If you think that your bank acted unfairly or played a role in the unauthorised payment, you should get legal advice.
For more information, see Unauthorised and mistaken transactions on the Moneysmart website.
We use cookies to give you the best possible experience on our website. By clicking OK, you agree to our cookie policy.
Share with
Facebook
Twitter
LinkedIn