HSBCnet News November/December 2018

Did you know that we use the information you include in your payment instructions to help combat financial crime? Using payment details, such as the beneficiary address, we can help detect potential money laundering, fraud, and other financial crime activity.

What do I need to do?

We strongly recommend that you include a current and complete beneficiary address in the ‘Beneficiary details’ section of HSBCnet payment screens to help us correctly identify legitimate payments. The beneficiary address should include the full address of the place of business or, if an individual, their residential address. PO Boxes and virtual offices make it difficult to correctly identify the beneficiary and these types of addresses should be avoided.

Please also review your General/Restricted templates, Forward-dated payments, and Standing Instructions on HSBCnet to make sure that you’re including accurate beneficiary address information.

Find out more

For more information on how HSBC is combatting financial crime, visit https://www.hsbc.com/tag/tackling-financial-crime.

If you have questions about including beneficiary information in your payments on HSBCnet, please contact your local HSBCnet Support Centre.

Have you logged on to HSBCnet recently?

Last updated: 16 January 2018

As part of HSBC’s security measures, users who have not logged on to HSBCnet within a 6 month period are subject to automatic suspension. It’s important to make sure you regularly log on to HSBCnet to avoid having your access suspended.

If you find that the system has suspended your access, please contact your HSBCnet System Administrator(s) who will be able to reactivate your user profile. If you don’t have a System Administrator available, please contact your local HSBCnet Support Centre for further assistance.

Reminder about regulatory requirements for payments to/from Europe

Last updated: 2 August 2018

In accordance with the European Union’s Wire Transfer Regulation 2 (WTR2), HSBC is required to obtain detailed payee and payer information for all payments made to or from accounts within the European Economic Area (EEA).

What information do I need to include in payments to/from Europe?

WTR2 establishes the information of the Payer (also known as the Ordering Party) and the Payee (also known as the beneficiary) that must accompany a transfer of funds, in any currency that is paid by, to or through a bank in the EEA.

If you are creating a payment on your own behalf, no additional Payer information is required. The Ordering Party field is mandatory if you are creating payments on behalf of another entity or your customer. For payments where Ordering Party fields are displayed on HSBCnet payment screens, please enter the following mandatory information:

Ordering Party name
Ordering Party address (including city, state & country)

For Beneficiary details, please enter the following mandatory information (where fields are provided on HSBCnet):

Beneficiary name
Beneficiary account number
Beneficiary address (including state and country)

What payment types are impacted?

You’re required to include the payer/payee information for all payments. Please follow our recommended guidelines for payment initiation to ensure compliance to the regulation.

What happens if my payment doesn’t include the required information?

All payment service providers in the EEA, including HSBC, are required by law to monitor all incoming payments to make sure they include all mandatory information. If your payment includes incomplete or meaningless information, it may be rejected or held by any bank in the payment processing chain.

Find out more

For additional information on how to provide required payment information on HSBCnet, please contact your local HSBCnet Support Centre.

Security tip: Holiday fraud watch

Last updated: 19 November 2018

During the upcoming holiday period, fraudulent activity across electronic bank delivery channels, such as HSBCnet, may increase as online criminals attempt to exploit extended holiday periods within corporations and their banks.

At this time, please be extra vigilant in your online activity to make sure that you remain protected. If you experience any of the following events, a fraudulent attack may be underway:

When logging on to HSBCnet, you are presented with a message saying that HSBCnet is unavailable AFTER you have entered your username and security credentials. Alternately, the error message might give a set time that HSBCnet will return e.g. 15 minutes.
You are presented with a security check/verification screen that requires you to wait.
You are prompted repeatedly to re-enter your username, password or security code.
You see any screens that you think are unusual or are missing information.

If you experience any of these events, please contact your local HSBCnet support team immediately via the Customer Support link in the HSBCnet log on box.

Important reminder:

HSBC will never request information that could be used to make a payment (such as token details other than the serial number on the back, account numbers, passwords, etc). Also, under no circumstances will HSBC ever ask you to ask you to divulge any of your security details over the phone, by text message or via email.

In addition, please be wary of any requests from your beneficiaries (via email, phone or otherwise) to change their banking details. The request may be an attempt to divert payment funds to a fraudulent account. For more information on this type of fraud, please review the information available here.

For further information on how to protect yourself from fraudulent attacks, please select the Security Alerts and Tips link in the HSBCnet log on box.

Malware: are you protected?

Last updated: 1 May 2018

The increasing digitisation of industry plays a vital role in business growth - but it also brings risk. Some of the risks to your organisation include: data loss, financial loss, hardware damage, and paralysis of business activity.

What is malware?

Malware can hide inside innocuous-looking software (trojans), or spread between machines without relying on user interaction (worms). It can be custom-designed to evade defences and execute specific tasks.

What do I need to know?

It’s important to be vigilant in your online activity to make sure that you remain protected.
Malware is usually delivered via email ‘phishing’ or fraudulent links. Malicious apps and USB memory sticks can also compromise smartphones and computers respectively. Malware can stay hidden for months until activated.

Internet banking users might be redirected to fake sites which record their log on data to enable financial theft.

What do malware attacks look like?

With criminals constantly devising new ways to steal information and money, malware attacks can present themselves in ever-changing ways. We’ve put together a list of potential ways that you may experience a malware attack.

A fraud attack may be underway if you’re:

told that HSBCnet is unavailable AFTER you have entered your log on details.
requested to use the yellow button on your security device during log on.
presented with a “Please Wait” screen when accessing HSBCnet.
prompted repeatedly to re-enter your username, password or security code.
asked to enter your personal information – ie. your phone number, date of birth, etc.
presented screens that look different than the screens you’re familiar with.
experiencing slower than normal response times when accessing HSBCnet.

If you suspect you have been the victim of fraud, contact your HSBC representative immediately.

We want to help you build your cybercrime knowledge and help you stay safe online. Learn more about how to defend your organisation against malware by reading the factsheets available in the HSBCnet Help Centre.

Information on HSBCnet service maintenance windows

Last updated: 19 November 2018

calendar_icon Below is a calendar of our planned maintenance windows for the next three months during which there will be a full HSBCnet maintenance period to accommodate maintenance work.*

At times it is necessary to schedule non-regular maintenance windows to perform special types of maintenance. Notification of both planned and unplanned maintenance windows will also be posted to the HSBCnet Service Updates section.

Full maintenance window begins	Full maintenance window ends
Saturday, 1 December 2018 at 15:00 GMT	Sunday, 2 December 2018 at 04:00 GMT
Saturday, 19 January 2019 at 18:00 GMT	Sunday, 20 January 2019 at 04:00 GMT
Saturday, 16 February 2019 at 18:00 GMT	Sunday, 17 February 2019 at 04:00 GMT
Saturday, 9 March 2019 at 15:00 GMT	Sunday, 10 March 2019 at 04:00 GMT

*Maintenance window dates, beginnings and ends may be subject to change (with notice) to accommodate maintenance requirements.

The schedule for upcoming HSBCnet maintenance is also available via the links below:

Note: in the week prior to a service maintenance period, a Service Update banner confirming the maintenance window will be available post-logon in HSBCnet. Please review this information in advance of any planned maintenance period to confirm the date and time.

Action required

Important updates and reminders

Recent and upcoming enhancements

Help us protect your money – provide a beneficiary address in your payments

Have you logged on to HSBCnet recently?

Reminder about regulatory requirements for payments to/from Europe

Protect yourself online

Security tip: Holiday fraud watch

Malware: are you protected?

Information on HSBCnet service maintenance windows