Practical tips to adopt APP fraud reimbursement requirements
Authorised Push Payment (APP) fraud has been a significant concern for organisations, with over half reporting encounters with such scams last year according to our latest research.
Following a recent webinar with Jonathan Williams of the Payment Systems Regulator, Experian’s Charlie Connor helps shed light on the changes aimed at combating this growing issue.
Our latest research revealed that 69% of UK organisations surveyed report fraud losses are “significantly or somewhat” higher than last year, with over half citing APP fraud as a main area of concern. In order to help tackle this, the Payment Systems Regulator (PSR) is working to implement new requirements to protect consumers and reimburse fraud losses.
In our recent webinar with Jonathan Williams of the PSR, Jonathan addressed the challenges presented around the new regulation and discussed practical tips for organisations to navigate through the changes. Here are some of my key takeaways from the conversation.
Refining the reimbursement requirements
The PSR carefully considered all responses during the extensive consultation on proposed changes to the reimbursement model, which ran from September to December last year. Some changes were made based on the feedback. Initially, reimbursement within two days was proposed, but it is now agreed that five days is more reasonable, with the possibility to pause the clock in certain situations.
There was general agreement on the 50:50 liability split between payment service providers.
They continue to consult on the maximum reimbursement level and defining the customer standard of caution to protect against APP fraud.
The clear focus is on the transaction between the customer’s control and an external account, where the reimbursement should be targeted. These issues were thoroughly examined before finalising the policy statements, and they will be part of the reimbursement requirements going forward.
But unanswered questions still remain. For example, Payment Service Providers (PSPs) are most concerned about the scope of the requirements, particularly which transactions fall under the requirements and which ones do not. There is uncertainty about what may be considered APP scams or on the edges of APP scams, and further clarity is still needed.
Another area of concern is defining the customer standard of caution, previously known as “the grid”, to address payments made with gross negligence. Striking a balance between the interests of payment service users and providers will be a crucial aspect of the consultation.
What needs to be considered around foreign transactions, and types of scams such as romance or merchant scams?
The scope only applies to the Faster Payment system, and in fact if only applicable to domestic transactions, so foreign payments would not be within scope.
When it comes to the type of scam, it’s a good question as different types of scams have varying values and levels of engagement with fraudsters. Tailoring an approach to each individual scam is ideal, but currently, the industry currently lacks the necessary sophistication to implement this effectively.
The implementation of the APP reimbursement system will provide valuable data insights into the types of scams and their operations, leading to more informed and targeted policies. The current reimbursement system aims to prevent fraudsters from continuing their activities and protect victims as much as possible, but there is room for further improvement.
Tips for the pathway to adoption
For smooth adoption of the requirements in the coming months, organisations should prepare for the go-live date, which will be publicised later this year. Waiting for the timeline might not be an option due to its potential short duration. Things to be considered:
- Consider the existing handling of authorised push payment cases and see if any tweaks are needed rather than complete reengineering.
- Studying CRM compliance and observing what other banks have done can serve as a valuable learning model.
- Engaging with Pay.UK and thoroughly reviewing the policy statement, especially regarding timescales, is essential.
- UK will monitor compliance, so meeting timelines and metrics criteria for implementing the rules will be crucial for Payment Service Providers.
To find out more about the background of the regulation update, and how Experian can support your organisation, read our blog with Yaro Zozulya, Innovation Director at Experian.
Download our latest report
Our latest research delves into the scale of the challenge presented by APP fraud, and where consumers are most concerned.
You can find out more in our ‘Shining a spotlight on the Latest Fraud Trends’ report.
Access the latest insight
Our latest research reveals how challenges in identity and fraud are evolving and how businesses are keeping pace.
Download nowFurther reading
The new APP fraud reimbursement legislation is coming: are you ready?
APP fraud involves a fraudster persuading a victim to willingly deposit funds to their account, or to the account of a complicit third party.
2023 UK Identity and Fraud Report
Our report explores the concerns, preferences and needs of today's digital consumers and their online experiences. Download now.
6 fraud and identity predictions to help you protect your business and customers in 2023
Read our six key fraud and identity predictions to explore the potential impact of growing fraud threats and new identity trends in 2023.
Crisis response
This white paper presents the experiences of businesses and individuals during the 18 months up to December 2021, the subsequent response and outcomes.
Why it’s essential to put your consumer response plan to the test
Why understanding the implications of a data breach and its impact on your organisation is an important first step in developing a response plan.
As threats to data security grow, how can organisations mitigate the risks?
No matter how secure your cyber defences, there are many ways that fraudsters can exfiltrate your data. Is your business ready to respond?
5 biggest recruitment challenges employers face and how to address them
Trying to find the right talent to join your organisation can be tough. Here's how to hire smarter, better and faster with background checks.
Five key strategies for enhancing your identity and fraud capabilities in 2022
What fraud prevention strategies can you implement, while ensuring that customer experiences are always as engaging as possible?
Spotlight on first party fraud
First party fraud involves knowingly misrepresenting your identity or giving false information to get services and credit you might not be eligible for.
The MO of an ML: A real-world example of a money laundering business
Watch the video to uncover the typical characteristics of a money-laundering business and see how when applied together they helped to uncover a criminal business.
This article is Experian’s summary of the webinar conversation and doesn’t intend to accurately specify any regulatory changes that may be introduced by PSR in the future.