Online fraud moves fast. If money was sent to a scammer’s bank account, e-wallet, QR code, or payment link in the Philippines, the most important thing is to act within minutes or hours—not days. You generally have two urgent tracks: first, report the disputed transaction to your own bank or e-wallet and ask for temporary holding of funds; second, file a cybercrime or fraud complaint so law enforcement can trace accounts, preserve digital evidence, and, in proper cases, refer the matter for a formal freeze order.
What “freezing a scammer’s bank account” means in the Philippines
In practice, people use “freeze order” to mean several different things. They are not the same.
| Remedy | Who can trigger it | Who issues or acts on it | Usual effect |
|---|---|---|---|
| Temporary holding of disputed funds under the Anti-Financial Account Scamming Act | Victim’s complaint, bank fraud system, or bank-to-bank request | Bank, e-wallet, payment service provider, or other BSP-supervised institution | Holds the disputed funds so they cannot be withdrawn during the holding period |
| Coordinated verification | Source bank, receiving bank, payment system participants, and account owners | Banks/e-wallets involved in the transaction chain | Traces and validates whether the transaction appears fraudulent |
| AMLC/Court of Appeals freeze order | Anti-Money Laundering Council, through a verified ex parte petition | Court of Appeals | Freezes monetary instruments or property linked to unlawful activity or money laundering |
| Cybercrime preservation order or warrant | Law enforcement, DOJ, or authorized authority | Court or authorized agency depending on the order | Preserves computer data, subscriber data, traffic data, or electronic evidence |
A private victim usually does not personally file a Court of Appeals freeze order. What the victim can do is build the record: report to the bank immediately, obtain a case reference number, file a sworn complaint with cybercrime authorities, and ask the investigator to pursue the proper referrals to the Bangko Sentral ng Pilipinas (BSP), Anti-Money Laundering Council (AMLC), or prosecutors.
Legal basis for reporting online fraud and holding funds
The main Philippine laws usually involved are:
Republic Act No. 12010, or the Anti-Financial Account Scamming Act (AFASA) of 2024. This law covers financial account scams involving bank accounts, e-wallets, and other financial accounts. It penalizes money muling, social engineering schemes, and related offenses. It also authorizes institutions to temporarily hold disputed funds for a period set by BSP rules, not exceeding 30 calendar days unless extended by a court. (Supreme Court E-Library)
BSP Circular No. 1215, Series of 2025. This implements AFASA’s rules on temporary holding of disputed funds and coordinated verification. Under the circular, an initial holding may be for not more than five calendar days, and it may be extended by not more than 25 additional calendar days, for a total of 30 calendar days unless a court extends it. (Bureau of the Treasury)
Republic Act No. 10175, or the Cybercrime Prevention Act of 2012. Online scams may fall under computer-related fraud, computer-related identity theft, or ordinary crimes committed through information and communications technology. The law also recognizes preservation of computer data and the role of the NBI and PNP cybercrime units. (Supreme Court E-Library)
Article 315 of the Revised Penal Code, on estafa or swindling. Many online scams are charged as estafa when the victim was deceived into sending money, buying a fake product, investing in a fake scheme, or relying on false pretenses.
Republic Act No. 8484, or the Access Devices Regulation Act of 1998, as amended by RA 11449, when the fraud involves credit cards, debit cards, account credentials, access devices, or unauthorized use of account information. Section 9 of RA 8484 lists acts such as using an unauthorized access device, trafficking in unauthorized access devices, and obtaining money through an access device with intent to defraud. (Lawphil)
Republic Act No. 9160, or the Anti-Money Laundering Act of 2001, as amended. If scam proceeds are moved through mule accounts, layered through several accounts, or linked to predicate crimes, AMLC may petition the Court of Appeals for a freeze order.
Republic Act No. 11765, or the Financial Products and Services Consumer Protection Act. This matters when your complaint includes bank or e-wallet handling, unauthorized transactions, consumer protection failures, or escalation to BSP’s consumer assistance channels. BSP Circular No. 1214 also recognizes financial regulators as competent authorities in certain AFASA-related matters.
What to do in the first 24 hours after discovering online fraud
1. Secure your own accounts first
Before writing long emails or posting online, stop further loss.
Do these immediately:
- Change passwords for your bank, e-wallet, email, and social media accounts.
- Disable online banking or lock the card if the app allows it.
- Remove linked cards from suspicious merchant apps.
- Call your bank or e-wallet fraud hotline.
- Do not delete messages, emails, OTPs, or transaction notifications.
- Do not negotiate further with the scammer or send “unlocking,” “tax,” “verification,” or “refund processing” fees.
If the scam involved a remote-access app, screen sharing, or “customer support” that asked you to install software, disconnect the device from the internet and use another device to contact the bank.
2. Report to your bank or e-wallet and ask for temporary holding
Your first formal report should usually be to the source financial institution—the bank or e-wallet from which the money left.
Use clear wording:
“I am reporting a disputed transaction caused by online fraud/social engineering. Please treat this as a fraud complaint under RA 12010 or AFASA, initiate temporary holding of disputed funds if still possible, and start coordinated verification with the receiving institution.”
Provide:
- Your full name and account number or registered mobile number.
- Date and exact time of transfer.
- Amount.
- Transaction reference number.
- Destination bank/e-wallet, account name, account number, mobile number, QR code, or merchant ID.
- Screenshots of the scam conversation and payment confirmation.
- Brief explanation of why the transaction was fraudulent.
- Police/NBI/PNP report, if already available.
Under BSP rules, complaint-initiated holding may start from a complaint filed by the source account owner through the institution’s 24/7 fraud reporting channel. The source institution must verify transaction details, identify disputed funds, and coordinate with receiving institutions. (Bureau of the Treasury)
3. Submit supporting documents within the initial holding period
This is where many victims lose time. The initial holding is short: generally not more than five calendar days. To support an extension, the source account owner should submit documents such as a sworn complaint, affidavit, police report, or other supporting evidence within the initial holding period, unless the applicable industry protocol provides otherwise. (Bureau of the Treasury)
Prepare these as soon as possible:
- Government-issued ID.
- Written narrative of what happened.
- Transaction receipts and reference numbers.
- Screenshots showing the scammer’s profile, messages, number, email, website, QR code, or payment instructions.
- Proof that the account or page was fake, if available.
- Bank complaint reference number.
- Police blotter, PNP-ACG report, NBI complaint sheet, or sworn affidavit.
4. File a cybercrime or fraud complaint
For online fraud, the most common reporting channels are:
| Office | Best for | Practical notes |
|---|---|---|
| PNP Anti-Cybercrime Group (PNP-ACG) | Online selling scams, phishing, hacked accounts, cyber-enabled estafa, fake pages, romance scams, investment scams | Bring screenshots, transaction records, IDs, and your bank complaint reference |
| NBI Cybercrime Division (NBI-CCD) | Computer crimes, larger fraud schemes, identity theft, account takeover, cyber-forensic needs | NBI’s citizen charter lists no fee for filing/requesting investigative assistance and shows an initial complaint and interview process at the CCD. (National Bureau of Investigation) |
| CICC / Hotline 1326 / eGov reporting | Initial anti-scam reporting, suspicious links, quick reporting channel | The government launched Hotline 1326 as an official anti-scam reporting channel, and scam reports may also be submitted through the eGov app. (Philippine Information Agency) |
| DOJ Office of Cybercrime | Prosecutorial coordination, preservation requests, cybercrime policy and international cooperation | Under RA 10175 IRR, the DOJ Office of Cybercrime coordinates cybercrime enforcement and may act on complaints/referrals. (Supreme Court E-Library) |
A barangay blotter or local police blotter may help create a record, but it is usually not enough for tracing bank accounts or building a cybercrime case. For online fraud, go to PNP-ACG, NBI-CCD, or the appropriate cybercrime desk whenever possible.
How to request a bank freeze or temporary holding of funds
Use the correct language depending on where you are in the process.
If you are talking to your bank or e-wallet
Ask for:
- “Temporary holding of disputed funds under AFASA”
- “Coordinated verification with the receiving financial institution”
- “Fraud investigation and tracing of the disputed transaction chain”
- “Written acknowledgment and case reference number”
- “Escalation to the receiving institution if funds were transferred out”
Do not simply ask, “Please freeze the scammer’s account.” Frontline support may reject that as something only a court can order. What you need first is an AFASA fraud complaint and temporary holding request.
If you are talking to PNP, NBI, or CICC
Ask that your complaint include:
- The receiving bank or e-wallet account details.
- A request to preserve digital evidence.
- A request to coordinate with the bank/e-wallet.
- A request to refer the matter to BSP, AMLC, or the proper authority if the facts show money muling, social engineering, or money laundering.
BSP Circular No. 1214 allows a competent authority—such as PNP, NBI, DOJ, AMLC, CICC, or authorized financial regulators—to request inquiry into financial accounts through BSP’s Consumer Account Protection Office (CAPO). The request must be in writing, under oath, and supported by documents such as affidavits, transaction logs, business records, photos, videos, forensic reports, or other evidence.
If a formal AMLC freeze order is needed
A formal freeze order under the Anti-Money Laundering Act is different from a bank’s temporary hold.
The AMLC may file a verified ex parte petition with the Court of Appeals. “Ex parte” means the petition may be heard initially without notifying the account holder, because advance notice could allow funds to be withdrawn. The Court of Appeals may issue a freeze order if it finds probable cause that the money or property is related to unlawful activity. The current framework provides an initial 20-day freeze period, a summary hearing within that period, and possible extension up to a total period not exceeding six months. (Supreme Court E-Library)
In 2025, the Supreme Court also recognized that freeze orders may cover related and materially linked accounts, subject to safeguards protecting account holders from overbroad freezing. (Supreme Court of the Philippines)
Documents to prepare
| Document | Why it matters |
|---|---|
| Valid government ID | Confirms you are the source account owner or authorized representative |
| Bank/e-wallet statement | Shows the debit and transaction trail |
| Transaction receipt/reference number | Allows banks to trace the transfer |
| Screenshot of scam conversation | Shows deception, false representation, account details, and timeline |
| Screenshot of profile/page/website/listing | Helps identify fake sellers, fake investment pages, phishing sites, or impersonators |
| URL, email headers, mobile number, QR code, merchant ID | Helps cybercrime investigators trace digital infrastructure |
| Sworn affidavit or complaint-affidavit | Often needed for formal investigation and extended holding |
| Police/NBI/PNP complaint record | Supports bank escalation and law enforcement action |
| Authorization or SPA | Needed if someone files for you |
| Passport/ACR card or foreign ID | Useful for foreigners or non-resident complainants |
For Filipinos abroad and foreigners outside the Philippines, a complaint-affidavit may need to be notarized before a Philippine Embassy or Consulate, or executed before a local notary and apostilled if it will be used in the Philippines. If you are authorizing a relative or lawyer in the Philippines to file documents or follow up, prepare a Special Power of Attorney that is properly notarized, consularized, or apostilled depending on where it is signed.
Typical timelines and what to expect
| Step | Typical timing | Reality check |
|---|---|---|
| Report to bank/e-wallet fraud channel | Immediately | Best done within minutes or hours |
| Initial temporary holding | Up to 5 calendar days | Only works if funds or equivalent amount can still be held |
| Extended temporary holding | Up to 25 more calendar days | Usually requires supporting documents and further verification |
| Total temporary holding under BSP rules | Up to 30 calendar days | Further holding needs court action |
| NBI-CCD initial complaint processing | Citizen charter shows roughly 1 hour and 10 minutes for initial steps | Actual time may vary depending on queue, completeness, and case complexity. (National Bureau of Investigation) |
| Cybercrime investigation | Weeks to months | Faster if evidence and bank records are complete |
| Court of Appeals AMLC freeze order | Initial 20 days, extendible up to 6 months | Initiated by AMLC, not directly by the private complainant |
If the funds have already moved to several accounts, a temporary hold may still be useful because coordinated verification can trace the transaction chain. But recovery becomes harder once funds are withdrawn in cash, converted to crypto, used for purchases, or moved outside the Philippine financial system.
Common scenarios
“I voluntarily sent money to a fake seller. Can the bank still hold the funds?”
Yes, report it anyway. Banks sometimes distinguish between “unauthorized transactions” and “authorized but scam-induced transfers.” AFASA is important because it expressly recognizes disputed transactions involving social engineering schemes and allows coordinated verification even when the account owner was deceived into initiating the transfer.
“The receiving account is a mule account. What happens to the account owner?”
Under AFASA, money muling includes using, borrowing, allowing the use of, buying, renting, selling, lending, or recruiting others to use financial accounts to receive, transfer, or withdraw proceeds known to be derived from crimes or social engineering schemes.
A mule account owner may claim they were also deceived, recruited, threatened, or trafficked. Investigators will look at account activity, withdrawals, repeated transactions, communications, and whether the person benefited.
“The bank refuses to tell me the scammer’s full account details.”
That is common. Banks are usually careful because of bank secrecy, data privacy, and internal security rules. Under AFASA, however, information may be shared during coordinated verification and through authorized inquiries by competent authorities. The information may go to the bank, BSP, PNP, NBI, CICC, DOJ, AMLC, or prosecutors—not necessarily directly to the victim. (Supreme Court E-Library)
“Can I recover the money automatically if the account is held?”
Not automatically. A hold prevents withdrawal while the transaction is verified. Under BSP rules, if the coordinated verification supports that the funds are disputed, the holding institution may debit the equivalent amount from the beneficiary account and return it to the source account owner. If the transaction is substantiated as legitimate, the hold must be lifted and funds released to the beneficiary account owner. (Bureau of the Treasury)
“What if the scammer emptied the account?”
Still file the report. Even if no funds remain, the bank and investigators may identify the receiving account, subsequent accounts, withdrawal points, device information, linked mobile numbers, and other evidence. RA 10175 also provides mechanisms for preservation of computer data, and law enforcement can pursue subpoenas, warrants, and prosecution when evidence supports it. (Supreme Court E-Library)
Common mistakes that weaken online fraud reports
Avoid these:
- Waiting several days before calling the bank.
- Reporting only to Facebook, Shopee, Lazada, Telegram, WhatsApp, or the marketplace, but not to the bank or authorities.
- Sending cropped screenshots without date, time, URL, profile name, or payment instructions.
- Deleting chat threads after taking screenshots.
- Filing a police blotter but not following through with a sworn complaint.
- Refusing to submit an affidavit because the bank “already has screenshots.”
- Posting the scammer’s account details publicly in a way that alerts the mule account holder before funds can be traced.
- Paying a “recovery agent” who claims they can hack the bank or force AMLC to release funds.
- Believing fake AMLC or bank emails asking for processing fees. AMLC has warned the public about scammers spoofing AMLC email addresses and asking victims to pay for supposed services. (Anti-Money Laundering Council)
Frequently Asked Questions
Can I personally request the Court of Appeals to freeze the scammer’s bank account?
Usually no. A formal AMLA freeze order is sought by AMLC through a verified ex parte petition before the Court of Appeals. As the victim, your practical role is to file complete reports with your bank and law enforcement so the case can be referred to AMLC or the proper authority when warranted.
What should I tell my bank after being scammed online?
Tell the bank: “I am reporting a disputed transaction due to online fraud/social engineering. Please initiate temporary holding under RA 12010 or AFASA and coordinated verification with the receiving institution.” Then give the transaction reference number, amount, date, time, receiving account, and screenshots.
How long can a bank or e-wallet hold disputed funds?
Under BSP Circular No. 1215, temporary holding is generally up to 30 calendar days in total: an initial period of not more than five calendar days, plus a possible extension of not more than 25 calendar days. A longer hold requires action by a court of competent jurisdiction. (Bureau of the Treasury)
Is a police blotter enough for GCash, Maya, or a bank fraud report?
A blotter may help, but it is often not enough. Banks and investigators usually need transaction records, screenshots, proof of account ownership, a detailed narrative, and sometimes a sworn complaint-affidavit or formal PNP/NBI complaint.
Can foreigners report online fraud in the Philippines?
Yes, especially if the victim is in the Philippines, the money went through a Philippine bank/e-wallet, or the financial account involved is maintained with an institution operating in the Philippines. AFASA covers certain offenses where damage is caused to a person in the Philippines or where the financial account is maintained with an institution operating in the Philippines. (Bureau of the Treasury)
What if I sent money to a crypto scam?
Report to your bank/e-wallet first if the on-ramp payment came from a Philippine account. Then file with PNP-ACG, NBI-CCD, or CICC. Crypto cases need fast preservation of wallet addresses, transaction hashes, exchange names, usernames, emails, and chat records. Recovery is harder if assets move to non-custodial wallets or foreign exchanges, but early reporting can still help trace and preserve evidence.
Can the bank be liable if it fails to hold funds?
Under AFASA and BSP rules, an institution that fails to temporarily hold disputed funds when required may be liable for loss or damage, including restitution to the account owner. Improper holding beyond the allowable period can also expose the institution to administrative action. (Supreme Court E-Library)
Will reporting online fraud guarantee I get my money back?
No. Recovery depends on whether funds remain in the system, how quickly the report was made, whether the transaction can be traced, whether the receiving account owner can justify the transaction, and whether the legal basis for return, hold, freeze, or forfeiture is established.
What if the receiving account owner says the transaction was legitimate?
The beneficiary account owner may challenge the hold and submit documents showing the purpose of the transaction, relationship of the parties, source of funds, or other proof of legitimacy. If substantiated, the bank must lift the hold and release the funds even before the holding period expires. (Bureau of the Treasury)
Key Takeaways
- Report online fraud to your bank or e-wallet immediately and ask for temporary holding of disputed funds under AFASA.
- The initial hold is short—generally up to five calendar days—so submit supporting documents quickly.
- A bank temporary hold is different from a formal Court of Appeals freeze order, which is pursued by AMLC.
- File with PNP-ACG, NBI-CCD, CICC, or the proper cybercrime authority, especially if you need account tracing, preservation of evidence, or prosecution.
- Keep full screenshots, transaction references, account details, URLs, emails, QR codes, and chat histories.
- Bank secrecy and data privacy may prevent the bank from giving you the scammer’s full details directly, but authorized agencies can obtain and share information through legal channels.
- Fast reporting gives the best chance of holding funds before they are withdrawn, transferred, or laundered.