Funding Societies eyes profitability in 2024 amid bleak lending environment

In The Top Up this week, we analyze Funding Societies’ latest financials and a framework that makes banks liable for phishing scams in Singapore. [Read from your browser]( The Top Up 💵 Welcome to The Top Up! Delivered every fortnight via email and through the Tech in Asia website, this free newsletter breaks down the biggest stories and trends in fintech. If you’re not a subscriber, get access by [registering here](. IN FOCUS In today's newsletter, we look at: - Funding Societies’ [revenue jump]( in 2022 - A new proposal in Singapore to make banks and telcos more accountable for the rise in phishing attacks - How a 14-year-old company offering point-of-sale solutions bootstrapped its way to a revenue of [“high seven figures”]( --------------------------------------------------------------- Hello {NAME} If good news out of the regional digital lending space appears to be slowing to a trickle these days, that’s because it is. With US interest rates at their highest in 22 years, rising inflation, and an uncertain economic outlook, digital lending platforms in Southeast Asia are taking signals from global banks. Some are already seeing non-performing loans creep up. That said, Singapore-headquartered Funding Societies recorded an 84% revenue jump in 2022 amid growing losses, as my colleague Budi discusses in this week’s Big Story. The firm's revenue growth is expected to slow down in 2023 as it cherry-picks its SME customers. However, it expects to become profitable in the fourth quarter of 2024, CFO Frank Stevenaar said. In addition to a credit crunch, financial firms in Singapore may soon face increased responsibilities in mitigating the risks of phishing scams. Last week, the Monetary Authority of Singapore and the Infocomm Media Development Authority proposed that financial institutions should bear a share of the losses incurred by their customers in phishing scams, if found to fall short in their duties to mitigate these risks. I discuss some implications of the move in this week’s Hot Take. -- Melissa  --------------------------------------------------------------- THE BIG STORY [Funding Societies posts 84% revenue jump in 2022 as losses grow]( The Singapore-based digital lending platform is eyeing profitability in Q4 2024.  --------------------------------------------------------------- THE HOT TAKE A slippery slope of blame Here’s what happened: - Last week, the Monetary Authority of Singapore (MAS) and the Infocomm Media Development Authority published a [“shared responsibility framework”]( for digital phishing scams. - Under the proposed framework, financial institutions and telcos will have to shoulder the monetary losses incurred by scam victims if they are found to have breached their duties in mitigating these cyberattacks. - The rules apply to all full banks and major payment institutions that issue payment accounts where users can store money. These are meant to incentivize players to ensure that they have put necessary safeguards in place. Here’s our take: Many people in Singapore are cheering a proposal that will enhance protection for victims of phishing scams by having banks or telco firms compensate them for their financial losses. Scams in the city-state are [on the rise](. Between December 2022 and January 2023, a spate of phishing attacks cost 790 OCBC customers some [S$13.7 million (US$10 million)](. While the bank reimbursed customers in full, it noted that this was a “one-off” goodwill gesture, suggesting that it might not do so again. With the framework, financial institutions found to have failed to mitigate risks are expected to fully compensate affected customers for their financial losses. Such failures include the lack of a 24/7 reporting channel and the absence of a “kill switch” to block unauthorized account access. Only in the event that both financial firms and telcos are found to have fulfilled their duties does the customer bear any losses arising from these scams. While the framework rightly penalizes players for failing to adequately protect customers, one could argue that the proposal could create a moral hazard issue where consumers become less vigilant when faced with potential phishing links. It also opens up the table for a slippery slope argument: why not penalize the instant messaging platforms like WhatsApp or Telegram, through which many phishing links are sent? And why not extend these rules to social media channels like Meta that permit - and earn from - the malicious ads that pop up indiscriminately on their platforms? The scope of blame could go further. More importantly, the financial impact of the new framework on non-bank financial institutions could be significant. Since the rules would apply to all full banks and major payment institutions that issue payment accounts, it would also affect firms like Grab, which has [agreed to participate]( in the shared responsibility framework. Unlike large banks, risk management protocols at non-bank financial institutions often aren’t as robust. Investing and implementing added protections will be costly. [Farrah Ratnaike]( head of risk strategy and operations at GrabFin Singapore, tells Tech in Asia that Grab continues to invest in anti-scam tools and solutions to keep up with evolving tactics. OCBC, which had over [S$560 billion (US$410 billion) in assets]( as of 2022, was large enough to absorb the shocks of a US$10 million breach. But a hit of similar scale for a smaller firm will be costly - potentially even business-ending. This is not the first time the Singapore government is stepping in to assuage risks. At the height of cryptomania last year, the MAS moved to [ban the marketing or advertising]( of digital payment tokens in the city-state beyond the crypto platforms' own websites or official social media accounts. Nevertheless, Grab’s Ratnaike says the proposed framework sets a baseline for shared responsibility across the digital ecosystem and formalizes existing practices in a “structured way.” “When all types of financial institutions adopt the framework, the industry can more effectively close all vectors and avenues that fraudsters use to target consumers in Singapore,” she adds. As someone who very nearly fell victim to the [SingPost phishing scam]( I’m glad that the proposed rules enhance and prioritize protection for customers. But balancing that with protecting business interests will be a delicate act. Currency converted from Singapore dollar to US dollar: US$1=S$1.37.  --------------------------------------------------------------- NEWS YOU SHOULD KNOW Also check out Tech in Asia’s coverage of the fintech scene [here](. 1️⃣ [Escrowpay gets $4m series A boost, regulatory approval in India]( The firm, which takes the process of escrow payments online, has processed over US$1.8 billion worth of transactions. 2️⃣ [EBay founder-backed VC secures $350m funding]( Flourish Ventures will use the funds to double down on fintech investments in Africa, Asia, Latin America, and the US. 3️⃣ [YouTrip raises $50m as travel bounces back]( The round was led by Lightspeed and brings the startup’s total funding to date to over US$100 million. 4️⃣ [OJK restricts Akulaku’s BNPL services]( The firm has allegedly violated the supervisory obligations required by the agency for buy now, pay later offerings.  --------------------------------------------------------------- FYI [How EPOS bootstrapped its way to a 7-figure revenue]( After 14 years, the point-of-sale and martech provider has over 6,000 clients. But it has steered clear of regional expansion - with good reason.  --------------------------------------------------------------- That’s it for this edition - we hope you liked it! Do also check out previous issues of the newsletter [here](. Not your cup of tea? You can unsubscribe from this newsletter by going to your “edit profile” page and choosing that option in our preferences center. In the meantime, if you have any feedback or ideas, feel free to get in touch with Terence, our editor-in-chief, at terence@techinasia.com. See you in a fortnight! P.S. Don't miss out on the biggest tech news and analysis. Add newsletter@techinasia.com to your address book, contacts, or safe sender list. Or simply move us into your inbox. Too many emails? Switch to a different frequency or get new content through our [preference center]( or [unsubscribe](. You can also break our hearts and remove yourself from all Tech in Asia emails over [here](  Copyright © 2023 Tech in Asia, All rights reserved. 63 Robinson Road, Singapore 068894