<![CDATA[The development of information technology and the digitalization of banking services have significantly increased the use of digital transactions, offering efficiency and convenience while simultaneously giving rise to increasingly complex cybercrimes. One prevalent form of cybercrime in digital banking practices is fraud through social engineering schemes. This type of fraud exploits psychological manipulation to obtain customers’ confidential information, authentication codes, or unauthorized transaction approvals, resulting in substantial financial losses. In the context of banking law, social engineering fraud raises legal issues concerning banks’ liability for customer losses, particularly in determining the boundary between bank negligence and customer fault. The Indonesian banking regulatory framework has incorporated prudential principles, risk management, and consumer protection measures. However, regulations specifically addressing banks’ liability in cases of social engineering fraud remain insufficient and lack comprehensive clarity, leading to potential legal uncertainty and inconsistent dispute resolution. This study aims to analyze banks’ liability for social engineering fraud in digital transactions from the perspective of banking law and customer protection. The research employs a normative legal method with statutory and conceptual approaches by examining banking regulations, consumer protection laws, and legal doctrines related to liability and negligence. The findings indicate that banks may be held liable when customer losses arise from weaknesses in security systems, failure to properly implement prudential principles, or inadequate customer protection and education measures. Therefore, clearer legal regulation is necessary to define the allocation of liability between banks and customers in order to ensure legal certainty and strengthen customer protection in digital banking transactions.]]>
