This week the FCA has published two letters to the CEOs of banks, building societies and payment / e-money institutions. The letters set out the FCA’s expectations relating to APP fraud reimbursement requirement, the role of the Consumer Duty and what firms can expect from the FCA through a data-led approach to monitoring progress. The letters ask CEOs to ensure that their firms have appropriate oversight, systems, and controls in place to comply with the requirements. The FCA’s expectations include: ✔ Anti-fraud systems and controls focusing on effective governance arrangements, controls and data to detect, manage and prevent fraud ✔ Capital and liquidity focusing on managing potential liability and the impact that may result from potential APP fraud reimbursement liabilities ✔ Consumer Duty - the FCA expects CEOs to ensure their approach to ‘on us’ APP fraud meets the obligations under the Consumer Duty. ✔ Communication - the FCA has reminded CEOs of their ongoing obligations to notify FCA without undue delay of any material changes in the firm’s circumstances, including significant systems and controls and/ or prudential issues. The FCA has flagged an issue regarding ‘on us transactions’ APP fraud reimbursement. The FCA highlights that consumers are unlikely to understand that the level of protection that a PSP provides against APP fraud may vary depending on the type of payment process used and that this will lead to poor consumer outcomes. Under the Consumer Duty firms are required act to deliver good outcomes for consumers. The FCA and the PSR will work together to monitor firms’ compliance with the PSR’s reimbursement regime. The FCA plans to publish final guidance on enabling a risk-based approach to payment processing, and a policy statement to GC24/5, by the end of 2024 https://lnkd.in/eg76S9UD Tom Salmond, FRSA Hemen Shah, CFE Katie Roberts Sachin Dean Abigail Viljoen Genevieve Marjoribanks Matthew Rogers Heather Alleyne Christopher Woolard CBE Alex Noble Matt Taylor Mohneesh Paranjpe Nina Driscoll Dan Cooper David Williams Simon Spencer Richard Monks Mduduzi Mswabuki Claire Hinchcliffe
Alla Gancz’s Post
More Relevant Posts
-
Two publications from the FCA this week reinforce the importance of Consumer Duty for the payments industry. With the new APP Fraud requirements coming into place on 7 October and the publication of the payments multi firm review, the focus on delivering good outcomes for users of payment services remains high on the regulator's agenda. #consumerduty #ey
This week the FCA has published two letters to the CEOs of banks, building societies and payment / e-money institutions. The letters set out the FCA’s expectations relating to APP fraud reimbursement requirement, the role of the Consumer Duty and what firms can expect from the FCA through a data-led approach to monitoring progress. The letters ask CEOs to ensure that their firms have appropriate oversight, systems, and controls in place to comply with the requirements. The FCA’s expectations include: ✔ Anti-fraud systems and controls focusing on effective governance arrangements, controls and data to detect, manage and prevent fraud ✔ Capital and liquidity focusing on managing potential liability and the impact that may result from potential APP fraud reimbursement liabilities ✔ Consumer Duty - the FCA expects CEOs to ensure their approach to ‘on us’ APP fraud meets the obligations under the Consumer Duty. ✔ Communication - the FCA has reminded CEOs of their ongoing obligations to notify FCA without undue delay of any material changes in the firm’s circumstances, including significant systems and controls and/ or prudential issues. The FCA has flagged an issue regarding ‘on us transactions’ APP fraud reimbursement. The FCA highlights that consumers are unlikely to understand that the level of protection that a PSP provides against APP fraud may vary depending on the type of payment process used and that this will lead to poor consumer outcomes. Under the Consumer Duty firms are required act to deliver good outcomes for consumers. The FCA and the PSR will work together to monitor firms’ compliance with the PSR’s reimbursement regime. The FCA plans to publish final guidance on enabling a risk-based approach to payment processing, and a policy statement to GC24/5, by the end of 2024 https://lnkd.in/eg76S9UD Tom Salmond, FRSA Hemen Shah, CFE Katie Roberts Sachin Dean Abigail Viljoen Genevieve Marjoribanks Matthew Rogers Heather Alleyne Christopher Woolard CBE Alex Noble Matt Taylor Mohneesh Paranjpe Nina Driscoll Dan Cooper David Williams Simon Spencer Richard Monks Mduduzi Mswabuki Claire Hinchcliffe
Dear CEO letter: (Banks and building societies) Expectations on APP fraud reimbursement
fca.org.uk
To view or add a comment, sign in
-
Action Required – FCA Expectations on Authorised Push Payments (AAP) Fraud Reimbursement Yes, it’s another call to action from the FCA. And yes, it’s another Financial Crime blog! New measures came into force on 7th October to support victims of APP fraud. If you are not worried about this in your firm, or the impact of bad publicity, then just watch how Revolut was highlighted in a Panorama programme this week around its’ approach to customers and fraud. The FCA has again upped the ante for firms, and is actively working with firms on their anti-fraud systems and controls, in this instance around how PSP’s prevent harm to their customers, and how they tackle money mules laundering funds. The focus is on: - Having effective governance arrangements, controls and data to detect, manage and prevent fraud; - Regularly reviewing your fraud prevention systems and controls to ensure that these are effective; and - Maintaining appropriate customer due diligence controls at onboarding stage and on an ongoing basis to identify and prevent accounts being used to receive proceeds of fraud or financial crime. The FCA are also highlighting the Consumer Duty issue here, in that firms must avoid causing foreseeable harm. They specifically call out that if customers are scammed and this relates to a firm’s financial products and are due to the firm’s inadequate systems to detect and prevent scams, or inadequate processes to design, test, tailer and monitor the effectiveness of scam warning messages, then this would be a breach of that Consumer Duty. If your fraud detection processes are not sufficiently effective, then you will be at risk. - Have you got a fraud payment team? - Have you got transaction monitoring working real time? - Are you confident that your transaction monitoring rules are configured to highlight the right issues at the right time? - Have you got your alert systems flagging stuff early enough that your people can deal with this effectively? This is becoming another hot potato that could easily burn an organisation. Here at Brighter Consultancy we have experts who work with banks and payment providers on fraud and transaction monitoring systems and controls, to help you be compliant and deal with all APP fraud issues effectively. Do reach out for a confidential chat. #financialcrime #Fraud #riskmanagement #financialcrimecontrols https://lnkd.in/e9ydScGY
Dear CEO letter: (Banks and building societies) Expectations on APP fraud reimbursement
fca.org.uk
To view or add a comment, sign in
-
Positive progress in the UK financial services sector’s fight against financial fraud: Recent reports from UK Finance indicate a 16% year-on-year decrease in cases and an 11% reduction in losses related to APP fraud in the first half of 2024. #financialfraud #banking #finance #ukfinance #GB #UK
UK Finance published mid-year fraud update for 2024 that shows that there was a 16% decline in cases and an 11% fall in losses for APP fraud compared with the same period in 2023. We continue to monitor fraud rates and the implementation of reimbursement rules, it is good to see reduction in the number of cases and losses during the first half of the year 2024. Fraud continues to pose a major threat to the UK and cause serious harm to individuals and society. While the banking and payments industry works to recover and return the losses from this type of fraud, UK Finance data on the enablers of fraud show that little has moved since we started to collect and publish the source of APP fraud. "The best way to protect against fraud is to prevent it from happening in the first place. This is the focus of the financial services industry which invests huge sums of money, including deploying a wide variety of sophisticated tools, to try and detect potential fraud and intervene before it happens. We need the social media, technology, and telecommunications sectors to do far more in partnership with us to protect the public and society from fraud. Intelligence must flow in both directions and be shared with law enforcement. There should be effective user verification and online marketplaces should use proper payment systems. And there needs to be a commercial incentive for them to act – these sectors should contribute to the cost of countering fraud and victim reimbursement." Ben Donaldson OBE Jana Mackintosh Ben Poxon Daniel Holmes Laura Catterick Nuala Jackson Phillip Mind Hemen Shah, CFE Tom Salmond, FRSA Genevieve Marjoribanks Abigail Viljoen Dan Moore Tony Craddock
To view or add a comment, sign in
-
UK Finance published mid-year fraud update for 2024 that shows that there was a 16% decline in cases and an 11% fall in losses for APP fraud compared with the same period in 2023. We continue to monitor fraud rates and the implementation of reimbursement rules, it is good to see reduction in the number of cases and losses during the first half of the year 2024. Fraud continues to pose a major threat to the UK and cause serious harm to individuals and society. While the banking and payments industry works to recover and return the losses from this type of fraud, UK Finance data on the enablers of fraud show that little has moved since we started to collect and publish the source of APP fraud. "The best way to protect against fraud is to prevent it from happening in the first place. This is the focus of the financial services industry which invests huge sums of money, including deploying a wide variety of sophisticated tools, to try and detect potential fraud and intervene before it happens. We need the social media, technology, and telecommunications sectors to do far more in partnership with us to protect the public and society from fraud. Intelligence must flow in both directions and be shared with law enforcement. There should be effective user verification and online marketplaces should use proper payment systems. And there needs to be a commercial incentive for them to act – these sectors should contribute to the cost of countering fraud and victim reimbursement." Ben Donaldson OBE Jana Mackintosh Ben Poxon Daniel Holmes Laura Catterick Nuala Jackson Phillip Mind Hemen Shah, CFE Tom Salmond, FRSA Genevieve Marjoribanks Abigail Viljoen Dan Moore Tony Craddock
To view or add a comment, sign in
-
APP fraud reimbursement - PSR Director steps down - Starting October 2024, the fraud risk related to APP payments will be split between payer and recipient banks, increasing the risk exposure for both parties in cases of APP fraud. This change aims to tighten fraud prevention measures on both ends of the transaction. However, the new legislation sets a fraud reimbursement limit of up to £415,000, significantly higher than the average APP fraud amount of £2,340 in 2022. (Source: LSB) The other change to the existing CRM Code is that banks can now deny reimbursement for amounts under £100 under the new PSR rules. It raises concerns about the effectiveness of the new regulations. While there is robust protection for larger amounts, smaller victims might be left without refunds. And in general it is the smaller amounts that happen more often. With some time before the implementation in 2024, there might be room for adjustments to address these issues. Read more about the changes and the recent developments in the payment systems sector: https://lnkd.in/eCDgbgnP
Reimbursement Backlash Forces Hemsley Out at UK’s Payment Systems Regulator
https://www.pymnts.com
To view or add a comment, sign in
-
APP fraud and the law of unintended consequences... The 7th October 2024 was a landmark day in fintech – the day the UK’s legislation came into effect to make banks liable for authorised push payment (APP) fraud. It promises compensation of up to £85k within 5 days for customers scammed by fraudsters, with the onus falling equally on the sender payment service provider and the receiver. And it was originally going to cover up to £415k before the banking lobbyists made their feelings known. All this looks good for the consumer - the UK is trailblazing consumer protection ahead of Europe and way ahead of the US. And it’s clearly needed – nearly £0.5 billion was lost to APP fraud in the UK last year, and a over £5bn globally. But I worry about what this will mean for customers. The victims of fraud – most commonly the most vulnerable in our society will be flagged as high-risk and it’s not beyond imagination we start to see these people getting de-banked. And just by virtue of being over a certain age bracket, you’re automatically going to be classified as a high-risk category, which could not only spell the end of free banking, but also higher costs if you’re judged to be a higher risk. And that’s not all – Mike Haley, the CEO of the CIFA (the UK’s fraud prevention office) has talked of how this may well lead to ‘crime-as-a-service’, with both ‘victim’ and fraudster sharing the proceeds. I’m concerned this legislation could end up being a millstone around the UK’s neck. What are your thoughts? 🤔
To view or add a comment, sign in
-
Is reimbursing APP fraud victims the answer, or are banks about to shoulder a heavy load? APP fraud is on the rise, with 252,000 cases reported in 2023, according to the UK’s Payment Systems Regulator. The deadline for implementing the new mandatory reimbursement framework for victims of APP fraud is fast approaching on October 7, 2024. But here’s the real question: is reimbursement enough? Shouldn’t we focus on stopping these frauds? And what about startups, that will now be squeezed between compliance costs and potential reimbursement payouts? Or maybe more focus should be on finding the actual causes and focusing on preventing them. Jonathan Frost has highlighted some key reasons: What makes a fraud attractive? - Real-time payments - A lack of strong customer authentication (SCA) - Little or no protection for consumers who suffer fraud The UK Finance Report 2024 shows that 76% of APP fraud originates online. This figure has barely changed since 2022. Why isn’t the number going down? Not only banks and fintechs but also e-commerce platforms and social media giants should ensure that strong customer authentication and tech-based fraud detection measures are in place to prevent fraud before it happens. There’s a lot more buzz about whether it’s really an effective way to prevent fraud. You can see this conversation growing, especially among legal, financial, and compliance experts on LinkedIn. Jemma Jackson from Tenet Compliance highlights the growing impact: “With increasing numbers of people finding themselves a victim of APP fraud, the impact is increasingly being felt by both consumers and Payment Service Providers.” Santander UK’s COO Stephen White also agrees: “Fraud is a global problem, and we in the UK unfortunately see our fair share. The impact of this crime on both consumers and businesses is harrowing.” Financial institutions and FinTechs have their own reasons for pushing back against the reimbursement rules that the government is trying to impose on them. Tom Matsuda, a fintech reporter, warns that “it’s a world-first new regulation that fintech industry watchers believe could damage startups who might not have big enough cash reserves to make lots of chunky payouts, while also placing an extra compliance burden on smaller teams.” With frauds originating primarily on social media, these platforms should also implement strong customer authentication mechanisms and financial institutions should review fraud detection processes so that interests of customers and financial service providers can be protected. Richard Ransom, a payment expert, believes that “With these rules in place, the industry is encouraged to enhance fraud detection and response, aiming for a consistent and fair experience for all.” In my opinion, while reimbursements are a relief for consumers, placing the entire burden on payment services might not be the best approach and more focus should be on eradicating the root cause. #appfraud #reimbursement
To view or add a comment, sign in
-
Benchmarking can be very powerful, when communicating to senior stakeholders, here is an example I would use personally as a door opener and to kickstart a dialogue: For every £1 million received into Skrill’s accounts in 2023, £18,550 was of it was from APP scams. In contrast, for every £1 million received by Santander accounts, £41 was from APP scams. Here is an executive summary of the most significant findings from the PSR APP scams performance report: Executive Summary: 1. Overall Reduction in APP Scam Losses: - The total value of APP scams sent decreased by 12% from £389 million in 2022 to £341 million in 2023. 2. Increased Reimbursement Rates: - The percentage of APP scam losses reimbursed increased from 61% in 2022 to 67% in 2023. - Reimbursement rates varied significantly between banks, ranging from 9% to 88%. 3. Rise in Scam Cases: - The volume of APP scam cases increased by 12% from 224,603 in 2022 to 252,626 in 2023. 4. Shift in Scam Types: - Purchase scams saw a 32% increase in volume, becoming the most common type of scam (70% of cases). - The value of police/bank staff impersonation scams decreased by 33%. 5. Disparity Between Directed and Non-Directed PSPs: - Non-directed PSPs (typically smaller firms) had an average scam rate 18 times higher than directed PSPs. - Non-directed PSPs accounted for 38% of APP scams received by value despite processing only 17% of transactions. 6. Improvements in Individual Bank Performance: - 9 out of 14 largest banking groups improved their reimbursement levels. - Clydesdale Virgin Money saw a 79% increase in reimbursement by value. 7. Introduction of New Reimbursement Framework: - A new mandatory reimbursement requirement will be implemented in October 2024, aiming to improve consumer protection and incentivize fraud prevention. 8. Continued Challenges: - Significant variations in reimbursement rates persist between banks. - Smaller payment firms continue to be disproportionately targeted for receiving fraudulent payments. These findings indicate progress in some areas of APP scam prevention and reimbursement, but also highlight ongoing challenges that the industry and regulators are working to address.
To view or add a comment, sign in
-
Will the new UK regulations related to Authorized Push Payment (APP) Fraud reimbursements actually cause MORE fraud in the UK? And what can other regions learn from this model? 💰 As of October 7th, a new mandatory reimbursement regime for victims of APP fraud came into effect in the UK. From this point forward, PSPs must reimburse many customers who fall victim to APP fraud, with a cap set at a whopping £85,000 per instance. The reimbursement cost is shared equally between the sending and receiving PSPs, forcing both parties to have significant skin in the game when it comes to monitoring push payments for potentially fraudulent activity. I had the privilege of attending a breakfast event in London this past week hosted by the team at We Fight Fraud (WFF), including CEO Dr Nicola Harding, CIO Tony Sales, and Chairman Dr Mark Goldspink (pictured below). The WFF team has used their breadth of knowledge and experience to uncover criminal playbooks that attempt to exploit these new rules - and let me tell you, it's scary. 😱 Imagine scenarios where criminals use legitimate consumers as mules to exploit the rules: A criminal pays someone £1,000 to transfer £25,000 to a criminal-owned account, and the account holder then files for reimbursement from their bank, claiming fraud. 😱 Or scenarios where criminals exploit weak KYC controls at banks and licensed fintechs to open their own accounts and file reimbursement claims on transfers that they've made to themselves. Not only are these effective attacks, which we've already seen, but they can also be extraordinarily challenging for sending and receiving institutions to detect, particularly in an environment with limited industry-wide data sharing mechanisms between parties. 🏦 Big banks may have the balance sheets to support this level of criminal activity, but the potential for massive exploits is worrisome to many fintechs and smaller institutions, some of which are now asking whether the juice is worth the squeeze when providing real-time push payment services. The risk vs. reward equation has undoubtedly changed. 🌎 The implementation of faster payment systems continues to be a major trend worldwide. We at Glenbrook Partners estimate that over 80 systems are currently in development or some stage of early rollout. However, few have adequately addressed the persistent and growing problem of authorized push payment fraud and scams. While consumer protection is the primary concern among regulators, liability and reimbursement rules have proven challenging to implement in a way that balances consumer safety while satisfying all parties within the payments ecosystem. It's an area we'll certainly be keeping an eye on. I highly recommend you check out what the team at We Fight Fraud is up to, as they have some great industry resources and events: https://lnkd.in/etqx8iSs #fraud #scams #appfraud #fasterpayments
To view or add a comment, sign in
-
Ahead of all the proposed changes and updates around the CRM later this year, Uk Finance published the Annual Fraud Report 2024. But what does this Report show us? - The report is published by UK Finance and provides comprehensive data and analysis on fraud in the financial industry, based on data provided directly from member firms, - The report covers various fraud types, including unauthorised fraud, APP scams, and digital fraud, highlighting trends and shifts in the fraud landscape. - Notable findings include a significant increase in card ID theft losses, a shift in attack vectors towards mobile banking, and the importance of collaboration across the ecosystem to combat fraud. - Reimbursement for fraud losses is emphasized, with concerns raised about the approach taken by the Payment Systems Regulator as this feel like a reactive and not preventive action. - The report underscores the need for a cross-sector approach, sharing actionable intelligence, and proactive measures to combat fraud effectively. More than ever, in anticipation of forthcoming regulatory amendments, it has become imperative for Payment Service Providers (PSPs) to prioritize and strengthen their focus on preventative strategies and compliance adherence, reviewing existing, remediating policies and procedures and being ready for what's to come.
Annual Fraud Report 2024_0.pdf
ukfinance.org.uk
To view or add a comment, sign in