Australia treats scams as a personal mistake — not a consumer protection failure

When fraud losses run into billions, blaming victims is no longer enough — Preventing fraud must become a serious consumer protection obligation for banks, telcos and digital platforms, writes Amit Khan.

AUSTRALIANS ARE STILL TOLD that the best defense against fraud is to be more careful. Do not click on suspicious links. Don’t trust urgent messages. Double check bank details. This advice is not wrong. It’s not enough anymore.

With annual fraud losses exceeding AUD$2 billion, the problem is not just a story of individual carelessness. This is a story about a digital economy where ordinary people are expected to defend themselves against increasingly sophisticated fraud, while the systems around them remain disorganized, reactive, and all too ready to shift blame back to the victim.

ACCCs National Anti-Fraud Center Says annual fraud losses exceed AUD$2.18 billionof the Commonwealth Fraud Prevention Framework It is built on the idea that this is no longer just a matter of personal attention, but an issue that spans the entire ecosystem.

This should change the national conversation. All too often, scam victims are treated as if they made a stupid mistake and have to suffer the consequences.

But modern scams aren’t limited to clumsy emails and obvious typos. They are flamboyant, goal-oriented and often persuasive. They impersonate banks, government agencies, distribution services, investment firms, and even family members. They exploit trust, speed, and confusion. They thrive on digital systems built for convenience rather than security.

The “be careful online” message has become a useful shield for institutions. It allows banks, telcos and digital platforms to present fraud as a problem that starts and ends with the consumer. But these same systems carry messages, process payments, host ads, and profit from transactions that scammers take advantage of.

Therefore, frauds must now be treated primarily as consumer protection errors.

Australia already understands this logic in other areas of public life. If a product is unsafe, we don’t just tell buyers to be more careful. If a financial service is misleading, we don’t shrug our shoulders and say the customer should have read the fine print more carefully. We recognize that markets only work properly when institutions have real obligations to protect the people who use them.

The same principle should apply here.

Fraud Prevention Framework It’s a welcome sign that Canberra is moving in this direction. The Treasury says it is creating new obligations and rules for sectors heavily targeted by fraudsters, including banks, telecommunications providers and certain digital platforms. This is an important step because it recognizes a truth that should have been revealed long ago: Fraud thrives in the gaps between institutions, and these institutions need to be part of the solution.

But passing a framework is not the same as solving the problem.

The real test is whether ordinary Australians feel they are meaningfully better protected. This will depend on whether organizations face real pressure to prevent, detect, block and respond quickly to fraud. This will depend on whether victims can seek compensation without being treated as suspects. And it will depend on whether regulators are willing to hold powerful industries accountable when they fail.

A serious consumer protection response must include at least four things.

First, scam victims don’t have to jump through endless hoops just to have their voices heard. Dispute resolution must become faster, clearer and less contentious.

Second, banks, telcos, and digital platforms should be required to publish meaningful data on fraud activity and their own prevention performance. Consumers deserve to know which systems are more secure and which are not.

Third, reimbursement pathways need to be stronger and fairer. A victim should not be denied assistance just because a scam is so complex that it seems legitimate at the time.

Fourth, prevention needs to be built into the system. If platforms can target ads with remarkable precision, they can do much more to detect fraudulent ads. If banks can monitor unusual transactions for compliance and risk purposes, they can do more to stop obvious fraud in real time.

The cost of failure isn’t just financial. Victims of fraud often lose their trust, peace of mind, and trust in institutions. Some lose their savings for retirement, housing or family support. Emotional damage can last longer than money. But public debate often boils down to the same old script: People should have known better.

No. Systems should have done better.

Australia cannot continue to treat scams as private misfortunes in an increasingly complex, profitable and interconnected digital marketplace. We need to stop lecturing victims and start asking tougher questions of the institutions best positioned to prevent harm.

If fraud losses are now measured in the billions, consumer protection must stop looking like awareness advice and start looking like accountability.