Previously, the CDSA and CMA set a higher threshold of actual knowledge for an accused to be prosecuted by the authorities. A CDSA offence was only made out if the accused knew or had reasonable grounds to believe that they were facilitating others to benefit from criminal conduct. Meanwhile, a CMA offence was only made out if the accused knowingly disclosed account credentials for wrongful gain or unlawful purposes, or knew that such disclosure would be likely to cause wrongful loss.
Ignorance was a convenient excuse for the accused, since the authorities had to prove beyond reasonable doubt that the accused knowingly committed the alleged offences. This was one of the reasons why less than 8% of suspected money mules involved in a series of phishing scams targeting a Singapore bank’s customers could be charged in court. The limited prosecution contrasts with the substantial losses of around S$14 million suffered by hundreds of bank customers.
Also, the authorities could only react to the consequences of online criminal activities. For example, if a website gave rise to a reasonable suspicion that it was being used to con people into an investment scam, the authorities could only take action if someone did suffer losses to the scam and reported the website to the authorities. Since it is relatively easy to create and disseminate scam content online, such delays in taking action put more people at risk, which the OCHA amendments seek to overcome.