What does "FSC Standard No. 29" mean for Australian Superannuation Funds? - Protecting customers through Multi-factor Authentication (MFA).

Australia's Financial Services Council (FSC) has taken a significant step towards protecting consumers from financial harm by releasing FSC Standard No. 29: Fraud and Scam Mitigation Measures for Superannuation Funds. This standard sets clear expectations for superannuation funds to adopt robust measures to mitigate fraud and scams, emphasizing the importance of multifactor authentication (MFA) in securing high-risk transactions.

What is FSC Standard No. 29?

FSC Standard No. 29 outlines comprehensive measures for superannuation funds to protect their customers from scams and fraudulent activities. The standard, effective from July 1, 2024, on a voluntary basis and mandatory from July 1, 2026, covers the following key areas:

• Creation of Mitigation Policies: Superannuation funds must establish and implement policies specifically targeting the prevention, detection, and resolution of fraud and scam incidents.
• High-Risk Transactions: Special attention is given to high-risk transactions requiring robust authentication processes.
• Customer Communication: Funds must ensure transparent communication with customers about their fraud and scam mitigation measures and the importance of these protections.

The Role of Multifactor Authentication (MFA)

Multifactor authentication is a cornerstone of FSC Standard No. 29, particularly for high-risk transactions. MFA requires at least two of the following factors to verify identity:

• Something known: A password or PIN.
• Something possessed: A hardware or software token or an SMS code.
• Something inherent: A biometric identifier, such as a fingerprint or facial recognition.

MFA significantly enhances security by ensuring that only legitimate users can access accounts or authorize transactions, even if some data has been compromised. To prevent unauthorized access and fraudulent activity, MFA is essential for high-risk transactions, such as changes to key contact details or bank account information.

‍

‍

How Authsignal Can Help

Authsignal is a drop-in identity and authentication platform that enables enterprises, including superannuation funds, to integrate advanced security measures like MFA seamlessly. Here's how Authsignal can help superannuation funds comply with FSC Standard No. 29:

1. Rapid Integration: Authsignal's solution can be integrated quickly into any existing identity stack via a single API or OpenID Connect (OIDC), allowing superannuation funds to implement MFA without extensive development work.
2. Flexible and Risk-Based Authentication: Authsignal provides a flexible MFA service that adapts to various risk levels, ensuring that superannuation funds can apply appropriate security measures based on transaction risk.
3. No-Code Rules Engine: Authsignal's powerful no-code rules and policy engine allows fraud and product teams to swiftly deploy and manage fraud mitigation policies, reducing the time and effort required to maintain compliance with FSC Standard No. 29.
4. Comprehensive Customer Journey Observability: Authsignal offers complete visibility of customer actions through detailed audit trail reporting dashboards for effectively monitoring and responding to potential fraud and scam events.
5. Diverse Multifactor Authentication support: Authsignal supports a wide range of use cases by offering SMS OTP, Whatsapp OTP, passkeys, passwordless authentication, biometric authentication, and more. This provides superannuation funds with various options to secure their customers' accounts.
6. Enhanced Customer Experience: Authsignal's MFA solutions are created to minimize customer friction, enhance customer experience, and elevate high-security standards, thereby boosting overall customer satisfaction and trust.

Built to integrate with any identity stack through a single API or OpenID Connect (OIDC). Our system works with various identity platforms/stacks, including AWS Cognito, Auth0, Azure B2C, Duende IdentityServer, ForgeRock, etc.

‍

Read More: What is Passwordless Authentication? 

Also read: Essential Eight Updates: The rise of phishing-resistant MFA

Moving Forward with Confidence

With scammers becoming increasingly sophisticated, the superannuation industry must stay ahead of the curve in fraud prevention. FSC Standard No. 29 provides a robust framework for superannuation funds to protect their customers' retirement savings, and Authsignal offers the tools needed to meet these stringent requirements effectively.

By integrating Authsignal's authentication solutions help, superannuation funds can ensure they comply with FSC Standard No. 29 and provide their customers with the highest level of security and frictionless user experience. Implementing these measures early demonstrates a commitment to safeguarding customers' financial futures.