By Jerry Mulle, Managing Director at Ohpen
New rules regarding how banks and financial service providers deal with Authorised Push Payment (APP) fraud have just come into effect this month. The rules replace the voluntary code introduced in May 2019 and are the work of the Payment Systems Regulator (PSR). It is implementing an APP fraud compensation requirement within the Faster Payments System in an effort to lessen the volume and impact of this type of fraud. It is also keen to engage the payment sector in more fraud prevention.
Authorised Push Payment (APP) fraud is the most common type in the UK, costing the economy roughly £459.7 million in 2023 alone. It works simply by encouraging individuals and businesses into sending money under false pretences. APP fraud has been a growing problem in the payment services industry for years, and according to UK Finance’s 2023 fraud report, APP fraud losses surpassed card fraud losses in 2021.
There were 207,372 incidences of recorded APP fraud in the UK in 2022; although the majority of cases (78%) were internet fraud, this only accounted for 36% of reported losses; the remaining 44% of losses were attributed to telephonic fraud, which made up 18% of cases. So, what do organisations need to be prepared for when it comes to the new regulations?
The impact of new UK fraud regulation
The ramifications of the new rules will be felt at many levels. The existing voluntary Contingent Reimbursement Model (CRM) Code already has many of the standards that are included in these changes but there are some notable differences in the mandatory new rules.
Both direct and indirect CHAPS Payment Service Providers (PSPs) are now required to follow the BoE’s CHAPS reimbursement rules and reimburse victims of APP scams, since the laws came into place on 7th October. Both direct and indirect CHAPS PSPs will need to inform consumers of their rights under the CHAPS reimbursement requirement.
Equally, in terms of operational change, will be the ability of banks and other financial institutions to contend that clients who have acted carelessly or negligently shouldn’t be compensated. Of course, in order to accomplish that, they will have to ensure they have correctly recorded the evidence to substantiate their case – all of which impacts operational systems. Additionally, vulnerable consumers are exempt from this, so, as with Consumer Duty, record keeping and evidence will be key.
The ripple effect for organisational strategy
At a more strategic level, the rules will impact the way firms operate in terms of their operations, compliance and risk appetite. Lenders will need to rethink how they deal with victims who apply for other products such as mortgage loans. Any potential borrower who is perceived as a higher fraud risk may wrongly be considered a poorer prospect for repaying any loan. This not only disenfranchises borrowers, but ultimately unfairly creates a second tier of financial victimisation. Victims of fraud are arguably already vulnerable. The repercussions for the lending industry are manifold.
It is not new for the modern world to challenge older lending models. While criteria on mortgage lending has become more sophisticated over the past fifty years, crude affordability models and automated rules engines have meant that many borrowers too easily become marginalised. Self-employment is a good example. Multiple income streams and variable income patterns rarely suit a process built on pay slips. Today’s gig economy means lending has had to evolve.
Protecting consumers in an increasingly vulnerable world
Digital and APP fraud is another example of the world moving on and lending having to keep pace. Binary unsophisticated decision making could unfairly exclude potential applicants from access to the very lending they should be entitled to apply for.
Interestingly, younger people are particularly vulnerable to this type of fraud. First-time buyers face enough challenges as it stands. Affordability issues, stress tests, and small deposits are a few of the seemingly insurmountable obstacles many face when attempting to buy a first home. But because APP fraud is largely instigated online, younger people are more at risk.
UK Finance data on the sources of APP fraud shows 77% of APP fraud cases originated from online sources. These cases tend to include be lower-value scams, such as purchase scams, and so account for 32 per cent of total losses. 17% of cases originated in telecommunications and these tend to include higher value cases, such as impersonation fraud, and so account for 45% of total losses. This potentially impacts the accessibility of mortgage lending to a very specific but important subset of consumers.
Some hard thinking and agile technology will be required if lenders are to manage applicants who have been victims of fraud effectively and fairly. That will mean dumping legacy thinking and legacy technology. As the world of lending evolves lenders will need next-generation core banking software that is fit for this new future.
Lenders not only need to evolve their processes to make nuanced lending decisions, they need the systems of record in place to record and evidence they have done the right thing at the right time for the right reason.
