Security Update - New Payee & SMS Verification

24 March, 2026

What Is It?

An enhanced security measure, for first time payments to a new Payee or BPAY biller.

This security feature (for payments made via electronic banking - Internet or App) involves a One Time Password (OTP), sent via SMS, to authorise the transferring of money to a new Payee or BPAY biller.

 

What is a new Payee or BPAY biller?

A person, business or organisation that you have not made a payment to before.

 

Why Do I Need This?

This mandatory security feature is used to confirm your identity when adding a new Payee or BPAY biller and is used to help ensure the request is genuine and your money stays protected.

 

How Does it Work?

After entering the new Payee or BPAY biller details (Internet Banking or App) a unique code will be sent to the mobile number registered for you with CWCU.

Ensure you have selected the Send SMS code button. 

(If you do not select/tap the black box you will not receive a code.)

You will then be required to enter this code to confirm the add of the new Payee or BPAY biller.

 

Will I need to share this Code with Anyone Else?

No. 

This code is for your use only.

 

What do I do if I get a Code that I did not request?

If you get a One-Time Password that you did not request, please call your local branch immediately.

 

What would I do if I did not get a Code?

Ensure your mobile number is up to date to receive these codes.

Ensure you have selected the Send SMS code button. 

(If you do not select/tap the black box you will not receive a code.)

If you still do not receive a code:

  • Check your reception/service. A weak, unstable, or out-of-range signal causes delivery failures or delays.
  • Check your spam/junk message folder to ensure your phone has not filtered the message to this folder.
  • This service is sent from +61 428 007 219; please ensure you have not blocked this number.

If you still have not received a code, and you see the below option, please select the black box to resend the SMS

 

Can I Turn Off OTP for New Payees or BPAY billers?

No, you cannot turn off One-Time Password (OTP) requirements for new payees or BPAY billers, as it is a mandatory fraud protection measure.

 

It is important to note:

  • CWCU will never send you a link and request that you use the link to confirm personal identification or payment details.
  • CWCU will never contact you and instruct you to transfer funds to another person, business or organisation.
  • CWCU will never request you download Remote Access Software to assist in problem shooting issues you may be experiencing.

If you receive any requests of this nature, please do not provide any personal or identifying information, cease contact immediately and report the activity as soon as possible to us.