Authorised Push Payment (APP) fraud is still one of the biggest threats to the UK’s financial ecosystem, but the payments industry remains firmly committed to tackling the issue and minimising its impact.
Ths was clearly outlined in the words of Chris Hemsley, the Payment Systems Regulator’s (PSR) Managing Director, who spoke to a full room at the 1LoD Fraud Risk Event in London.
In his speech, Hemsley acknowledged that the fruitful collaboration between industry and government has so far managed to produce some major results in the fight against fraud, such as the roll-out of Confirmation of Payee.
There is, however, a lot left to be desired when combatting APP scams, with Hemsley explaining that the PSR will advocate for changes in the UK’s approach from next year, and that companies need to be ready to adapt.
Inside APP fraud
To give a bit of a perspective on the issue, Hemsley pointed out that APP fraud is not only a UK-centric problem, but has also expanded globally.
The estimates he presented to the London audience included around half a billion pounds lost annually to criminals, with an average of 200,000 people falling victims.
Moreover, a PSR report from October showed that some companies in the UK are doing much better than others in protecting their customers when it comes to APP fraud.
Hemsley said that if all businesses had been implementing the same level of prevention and detection for customers, the amount of money saved could reach between £70m and £120m – something that the PSR wants to achieve with its proposed changes.
“Each one of these frauds represents distress, shame, worry and – of course – the consequences of the financial loss. The house purchase that falls through. The lost life savings mean that retirement becomes more distant,” he added.
“Which is why it is in all of our interests to get on top of this problem, and prevent as much of this fraud as possible from happening in the first place.”
Changing the landscape
The PSR’s position on what has to change, starting from next year, is very clear. If changes as to how APP fraud is being tackled are to be implemented, according to Hemsley, they must apply to all firms dealing with payments.
Consequently, there will be a multi-alley avenue when exploring this connected approach. The first aspect being the introduction of mandatory objectives for all payment firms under the Faster Payments rulebook – shifting away from what has been – in Hemsley’s words, the practice of relying on firms ‘to do the right thing’.
The second objective will be to ensure that APP fraud victims are almost fully reimbursed, except for cases where there’s been gross negligence. This would require the distribution of costs between the sending and receiving firms in a 50/50 split.
Hemsley argues that this approach would be fair because APP fraud involves taking control of a payment account, and that firms providing these accounts need a strong incentive to prevent this from happening.
This has raised some concerns from the industry however, with the UK’s Payments Association writing to the government that while it agrees with the overall approach of the PSR, these two changes in particular might deter investors from the sector.
Having said that, one specific development that both organisations have welcomed wholeheartedly is the introduction of the Online Fraud Charter, which essentially sets out clear guidelines for all social media platforms to strengthen their anti-APP fraud measures – an area that they’ve so far been dragging behind.
And as the country moves towards a new era of APP fraud fighting, the PSR envisions all payment firms using Faster Payments to be included in the shift.
So, if you’re a payments business in the UK, Hemsley’s advice is that “you need to get ready now”.
Effectiveness and global impact
Coming to the end of his speech, Hemsley laid out all the positive developments in the payments sector achieved through PSR’s guidance – a statement suggesting a better future with minimum fraud if the guidance continues.
Some of the listed improvements mention that firms are now investing more in fraud prevention and data technology.
Information sharing is also taking a prevalent role in the day-to-day operations of these companies – a key step for combating malicious actors.
Finally, the UK’s Financial Conduct Authority has also utilised the data collected by the PSR to improve the oversight of payment firms and take better action against those operating on the unsatisfactory end.
All in all, Hemsley concluded that the country’s approach to battling fraud is being observed throughout the globe, with Australia expressing a particular interest in the UK’s reimbursement mechanisms, while the EU is just now rolling out its own Confirmation of Payee service.
“It is important to recognise that the work that everyone in UK payments is doing is helping the UK get ahead of this problem.
“The work we have driven is having a positive impact and others are looking at how the solutions we’re delivering in the UK can work in their own environments.
“This has to be the right approach.”
