How to Draft a Complaint-Affidavit for Online Scams: Required Allegations and Attachments

Required Allegations, Best Practices, and a Complete Attachment Checklist

1) What a Complaint-Affidavit is (and why it matters in online scam cases)

A Complaint-Affidavit is a sworn narrative of facts executed by the victim (the complainant) and filed to begin a criminal case—commonly at the Office of the City/Provincial Prosecutor for preliminary investigation, or initially with law enforcement (PNP/ACG, NBI Cybercrime Division) for case build-up.

Online scam cases frequently fail at the first hurdle (probable cause) not because the victim is wrong, but because the complaint-affidavit:

  • does not allege facts that match the legal elements of the crime, and/or
  • lacks organized, authenticable evidence (especially for chats, screenshots, e-wallet transfers, and platform data).

A strong complaint-affidavit is not about dramatic language—it is about precision: who did what, when, where, how, what was represented, what was relied upon, and what damage resulted.

2) Choosing the correct criminal theory: the usual laws used for “online scams”

Online scams are not a single crime. The same incident may support multiple charges depending on what happened and what evidence exists.

A. Revised Penal Code (RPC) — Estafa (Swindling) (most common)

Often used for:

  • “Online seller took my money and never delivered”
  • “Investment/crypto/vulnerability scheme took my funds”
  • “Recruitment fee scam”
  • “Reservation/downpayment scam”

Typical legal core: deceit + damage. The affidavit must show false pretenses or fraudulent acts that caused the victim to part with money/property, resulting in loss.

B. RA 10175 — Cybercrime Prevention Act of 2012

Common cybercrime angles for scams include:

  • Computer-related fraud (where ICT is used as part of the fraudulent scheme)
  • Computer-related identity theft (impersonation; use of another person’s identifying information)
  • Plus an important concept: if a traditional crime (like estafa) is committed through and with the use of ICT, it is generally treated as a cybercrime-related offense for coverage and (in many situations) harsher penalty treatment.

Practical effect: allegations should clearly describe the use of computers/phones, internet platforms, accounts, pages, messaging apps, emails, links, digital wallets, online transfers, and how these were used to commit the scam.

C. RA 8484 — Access Devices Regulation Act (specialized)

Used when scams involve:

  • credit/debit card misuse, skimming, card-not-present fraud,
  • unauthorized use of access devices.

D. RA 8792 — E-Commerce Act (supporting framework)

Often cited to reinforce recognition/admissibility concepts for electronic data messages/documents and online transactions, alongside court rules on electronic evidence.

E. Other laws sometimes implicated (case-dependent)

  • Identity-related conduct, falsification angles (depending on facts)
  • Anti-Money Laundering considerations for “money mule” flows (often investigative, not the victim’s primary charge)
  • Data Privacy Act concerns can appear, but are not automatically “the scam case” unless the conduct fits its prohibitions and the evidence supports it.

Drafting principle: do not force every possible law into one affidavit. Select charges that the facts and attachments can actually support.

3) What prosecutors look for: “required allegations” in practice

A prosecutor assessing probable cause is essentially checking:

  1. Identification of parties
  2. Jurisdiction/venue facts
  3. A clear narrative establishing each element of the offense
  4. Proof of injury/damage (loss)
  5. Competent attachments supporting the narrative
  6. Sworn execution and proper formatting

The complaint-affidavit should therefore contain these required allegation blocks:

A. Identity and capacity of the complainant

Include:

  • full name, age, civil status, citizenship, address
  • a clear statement that the complainant is the victim and has personal knowledge
  • if filing for a company or another person: authority and relationship (attach SPA/board resolution, if applicable)

B. Identity of the respondent (accused) — even if unknown

If known: full name, aliases, address, phone, bank/e-wallet identifiers. If unknown: it is common to file against “John/Jane Doe” described by:

  • usernames/handles
  • profile links
  • phone numbers used
  • bank/e-wallet account names and numbers
  • courier details used
  • any IDs sent
  • any other identifiers

Required practical allegation: how the respondent is linked to the transaction (e.g., “the account that instructed payment,” “the number that received GCash,” “the bank account named X,” “the FB page that made the offer”).

C. Jurisdiction/venue facts (Philippine context)

State facts that anchor where the case may be filed, such as:

  • where the complainant was when the money was sent / chats occurred
  • where the complainant received the fraudulent communications
  • where the respondent’s account/bank/e-wallet is maintained (if known)
  • where the transaction occurred (online platform used; location of delivery attempt, if any)

For cybercrime-related offenses, venue/jurisdiction can be broader than purely physical crimes, so it is useful to allege where the complainant accessed the platform and where the damage/loss was felt.

D. The chronological narrative (the backbone)

The narrative should read like an audit trail:

  • first contact (date/time/platform)
  • offer/representation (exact words or substance)
  • negotiations (price, item/service/investment terms)
  • instructions to pay (who told you, where, and how)
  • payment (amount, method, account details, timestamps, reference numbers)
  • post-payment conduct (excuses, delays, blocking, deletion, refusal)
  • attempts to resolve (demands, calls, messages)
  • ultimate loss (no delivery/no refund; additional payments; other damages)

Drafting rule: include exact dates, amounts, platform names, account numbers, reference IDs. Avoid vague phrases like “sometime last month” unless unavoidable.

E. Allegations that match the elements of the crime (must be fact-based)

For Estafa (common “online selling” scam pattern)

Your affidavit must factually show:

  1. Deceit / fraudulent representation

    • What exactly was promised or represented as true?
    • Was it false at the time it was made?
    • Was it made to induce payment?

  2. Reliance

    • Why did you believe it? (profile history, proofs sent, assurances, “reservation required,” etc.)
    • What convinced you to part with money?

  3. Delivery of money/property

    • How and when payment was made; attach proof.

  4. Damage/prejudice

    • The loss amount and that nothing of value was received (or what was received was not as represented).

Important: Prosecutors tend to dismiss complaints that read like a pure “breach of contract” dispute. The affidavit must highlight deceit at the start (or fraudulent acts), not merely failure to deliver.

For Computer-related fraud (RA 10175 angle)

Allege facts showing:

  • the scam was executed through ICT (social media, email, messaging apps, online marketplaces, links, e-wallet systems), and
  • the respondent used these systems as part of a fraudulent scheme resulting in loss.
For Identity theft / impersonation (if applicable)

Allege facts showing:

  • the respondent used another person’s identity (name, photos, ID details, brand/persona), or fabricated a persona,
  • for the purpose of gaining trust and obtaining money or access.
For access device/card-related cases (if applicable)

Allege facts showing:

  • unauthorized use of the card/access device or credentials,
  • resulting charges/withdrawals/transactions not authorized.

F. “Demand” and “non-refund/non-delivery” allegations (helpful, sometimes crucial)

Include:

  • that a demand for delivery/refund was made (attach demand message/letter)
  • respondent refused, ignored, blocked, or became unreachable
  • partial refunds/empty promises (if any)

4) Evidence for online scams: how to make digital proof usable

In online scam cases, digital evidence is everything—but it must be presented and preserved in a way that can be evaluated.

A. The “3-layer evidence” method (best practice)

  1. Human-readable printouts (for the prosecutor’s folder)
  2. Soft copies (USB/drive) containing original files (screenshots, screen recordings, PDFs, exported chat logs)
  3. Source-trace details (device used, account URLs, timestamps, transaction IDs)

B. Screenshots are not enough if they are untraceable

Screenshots should be paired with:

  • URLs/profile links
  • visible timestamps
  • visible chat headers (account name, handle, number)
  • visible transaction reference numbers
  • the device and app context (what app, what account was logged in)

C. Preserve the data properly

  • Do not delete chats.
  • Avoid reinstalling apps or factory-resetting the phone containing evidence.
  • Save copies in multiple places.
  • If possible, capture screen recordings scrolling the conversation to show continuity.
  • Keep the original device available; investigators may later request it for forensic extraction.

D. Organize annexes so the story is self-proving

A prosecutor should be able to follow:

  • Narrative paragraph #8 → Annex “H” (chat screenshot)
  • Narrative paragraph #12 → Annex “K” (GCash receipt)
  • Narrative paragraph #15 → Annex “M” (proof of blocking/unreachable)

5) Mandatory and recommended attachments (complete checklist)

Below is a practical, prosecutor-ready attachment list. Not every item is available in every case; include what exists.

A. Identity and standing

  • Government-issued ID of complainant (with signature)
  • Proof of address (optional but helpful)
  • If filing on behalf of another: SPA/authorization, company documents (SEC, board resolution)

B. Platform and account identification

  • Screenshot of respondent’s profile/page showing:

    • name/handle
    • profile URL
    • visible identifiers (phone/email if shown)

  • Screenshots of the post/listing/ad offering the item/service/investment

  • Any IDs or documents the respondent sent (even if fake)

C. Communications (core)

  • Complete chat thread screenshots (include key parts and surrounding context)
  • Emails with full headers if possible (or at least full email content showing sender and date/time)
  • SMS screenshots showing the number and message timestamps
  • Call logs (if relevant)

Recommended: a short “Chat Index” sheet: Date → Topic → Annex reference.

D. Payment proof (core)

  • Bank transfer confirmation slips
  • Online banking transaction receipts
  • E-wallet (GCash/Maya/etc.) receipts and transaction history screenshots
  • Bills payment confirmations
  • Deposit slips (if over-the-counter)
  • Screenshots showing recipient account name/number and transaction reference IDs
  • Bank/e-wallet statements covering the period (if available)

E. Delivery/fulfillment proof (for “online selling” scams)

  • Courier booking screenshots
  • Tracking pages showing no shipment / cancelled / fake tracking
  • Messages admitting delay or making excuses
  • Photos of what was promised vs. what was received (if misrepresentation rather than nondelivery)

F. Loss/damage computation

  • A one-page table summarizing:

    • date paid
    • amount
    • method
    • reference number
    • recipient account
    • purpose
    • total loss

G. Demand and post-scam behavior

  • Demand letter or demand messages (with proof sent)
  • Proof of blocking, account deactivation, refusal to respond
  • Any partial refund attempts (and whether reversed)

H. Witness corroboration (if any)

  • Witness affidavits (e.g., a person present when calls were made, or someone who saw the transaction happen, or co-victims)
  • Affidavit of the person who took screenshots if not the complainant (rare but can happen)

I. Soft-copy evidence package

  • USB/drive containing:

    • original screenshots (not just printed)
    • exported chat logs where possible
    • screen recordings
    • PDFs of receipts/statements
    • a simple folder structure: “Annex A, Annex B…”

6) The structure of a Philippines-style Complaint-Affidavit (with drafting notes)

A typical format used in prosecutors’ offices:

  1. Caption Republic of the Philippines Office of the City/Provincial Prosecutor City/Province

  2. Title Complaint-Affidavit (for Estafa and/or violations of relevant laws)

  3. Parties

    • Complainant (personal circumstances)
    • Respondent (personal circumstances or identifiers)

  4. Statement of Facts (numbered paragraphs)

    • chronological, detailed, cross-referenced to annexes

  5. Offenses Charged / Legal Basis

    • short, element-matching discussion tied to facts (not a long treatise)
    • show how each element is met by specific paragraphs and annexes

  6. Prayer

    • request that respondent be found liable and prosecuted
    • request other relief within prosecutorial context (e.g., inclusion of “John Doe” pending identification)

  7. Verification / Oath (Jurat)

    • signed and sworn before the proper officer

Drafting style rules that matter:

  • Use numbered paragraphs.
  • Refer to evidence as “Annex ‘A’,” “Annex ‘B’,” etc.
  • Keep legal conclusions minimal; let facts prove the elements.
  • Avoid insults, speculation, and irrelevant backstory.

7) Model “required allegations” by common online scam scenario

Scenario 1: Online seller scam (pay first, no delivery)

Must allege:

  • the listing/offer and representations (item exists, available, ready to ship)
  • inducement to pay (reservation fee, urgency, “last stock”)
  • payment details and proof
  • failure to ship/deliver and excuses
  • demand and refusal/blocking
  • amount of loss

Attachments usually decisive:

  • listing screenshots
  • chat instructions to pay
  • payment receipts
  • proof of non-delivery/blocking

Scenario 2: “Investment” / “double your money” / trading scheme

Must allege:

  • representations about returns, safety, legitimacy, licensing claims
  • reliance (why believed; proofs sent; claims of registration)
  • fund transfers (often multiple tranches)
  • withdrawal impossibility / added “fees” / account freeze claims
  • final refusal to return principal

Attachments:

  • pitch materials
  • chat logs of promised returns
  • payment trail and demanded “fees”
  • evidence of fake credentials (if any)

Scenario 3: Phishing / account takeover leading to unauthorized transfers

Must allege:

  • how access was obtained (phishing link, OTP request, fake customer support)
  • timeline of compromise
  • unauthorized transactions (amounts, recipients, timestamps)
  • immediate steps taken (reports to bank/e-wallet, platform)
  • resulting loss

Attachments:

  • phishing messages/links (screenshots)
  • bank/e-wallet unauthorized transaction proofs
  • incident reports to bank/platform

Scenario 4: Job/recruitment fee scam

Must allege:

  • job offer representations and requirements
  • fees demanded (processing, medical, training)
  • payment details
  • absence of real employment / inability to contact / shifting excuses

Attachments:

  • job post
  • communications
  • receipts and identity of recipient accounts

8) Sample skeleton (usable as a drafting template)

COMPLAINT-AFFIDAVIT

I, [Full Name], [age], [civil status], Filipino, and residing at [address], after having been duly sworn, depose and state:

  1. Personal circumstances. I am the complainant in this case. Attached is a copy of my government-issued ID as Annex “A.”

  2. Respondent’s identifiers. The respondent is [name/alias/“John Doe”], who used the account [platform + handle] with profile link [URL], and instructed me to send payment to [bank/e-wallet name + account number + account name]. Screenshots and transaction details are attached as Annexes “B” to “D.”

  3. Initial contact and offer. On [date] at around [time], I saw/respondent posted [item/service/investment] on [platform]. The respondent represented that [specific representations]. A screenshot of the post/listing is attached as Annex “B.”

  4. Inducement and agreement. In our conversation on [date], the respondent stated [key statements] and required me to pay [amount] to [account] before [delivery/reservation/processing]. The relevant chat excerpts are attached as Annex “C.”

  5. Payment and proof. Relying on these representations, on [date/time], I sent PHP [amount] via [GCash/bank transfer] to [recipient account details], with reference number [ref no.]. Proof of payment is attached as Annex “D.”

  6. Failure to deliver / refusal to refund. Despite payment, the respondent did not deliver the [item/service] and instead [excuses/delays]. When I demanded delivery/refund on [date], the respondent [ignored/blocked/disabled account]. Proof is attached as Annex “E.”

  7. Damage. Because of the respondent’s acts, I suffered damage in the amount of PHP [total], excluding incidental expenses [if any]. A summary table is attached as Annex “F.”

  8. Criminality. The respondent’s acts constitute Estafa and related offenses, committed through the use of information and communications technology, as shown by the online platform communications and electronic fund transfers cited above.

  9. Prayer. I respectfully pray that the appropriate charges be filed against the respondent and that the respondent be prosecuted in accordance with law.

IN WITNESS WHEREOF, I have hereunto set my hand this [date] in [place].

[Signature over printed name]

SUBSCRIBED AND SWORN to before me this [date], affiant exhibiting to me [ID type/number].

9) Filing workflow in the Philippines (what happens after drafting)

A. Where to file

Common entry points:

  • Office of the City/Provincial Prosecutor (for preliminary investigation filing)
  • PNP Anti-Cybercrime Group / local police cyber units (for investigative build-up)
  • NBI Cybercrime Division (for investigative build-up and case referral)

Online scams often benefit from parallel action:

  • file the complaint-affidavit for prosecution, and
  • coordinate with law enforcement for identification, preservation requests, and possible cybercrime warrant processes.

B. Preliminary investigation (typical flow)

  • Filing of complaint-affidavit and annexes
  • Evaluation and issuance of subpoena to respondent (if identifiable/reachable)
  • Respondent’s counter-affidavit and evidence
  • Reply (optional/allowed depending on office rules)
  • Resolution (finding probable cause or dismissal)
  • If probable cause: Information filed in court (cybercrime-designated courts when applicable)

10) Common drafting errors that lead to dismissal (and how to avoid them)

  1. No deceit alleged—only “did not deliver.” Fix: specify the false pretenses and inducement at the outset.

  2. Missing payment trail or unclear recipient identity. Fix: include receipts with reference IDs, recipient account names/numbers, and a loss summary.

  3. Screenshots without context (no timestamps, no handles, cropped headers). Fix: capture full headers and continuity; add profile URLs.

  4. Wrong respondent (only a “page,” no identifiers). Fix: include bank/e-wallet recipient details; include all handles/numbers; file as “John Doe” with identifiers.

  5. Disorganized annexes. Fix: use Annex labeling and cite them in the narrative.

  6. Inflammatory language, speculation, irrelevant accusations. Fix: factual narration; avoid guessing motives; let evidence show intent.

11) A final, prosecutor-ready checklist (one page)

Before signing and filing, confirm the affidavit contains:

  • Full complainant details + ID annex
  • Respondent identifiers (handles, URLs, numbers, recipient accounts)
  • Exact timeline (dates/times/platforms)
  • Exact representations and inducements (quotes/substance)
  • Proof of payment (receipts + ref nos.)
  • Proof of non-delivery/non-refund + demand + blocking/unreachable
  • Total loss computation table
  • Annex index and consistent references
  • Soft copy evidence package (organized folders)
  • Proper jurat (subscribed and sworn)

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login