In this blog, Dr. Nicola Harding, CEO of We Fight Fraud, outlines the challenges financial institutions face when tackling Authorised Push Payment (APP) fraud.

Drawing on her extensive discussions with the Payment Systems Regulator, financial institutions, and fraud victims, Nicola emphasises the need for better industry collaboration in the fight against fraud.

The following text is taken from our e-book on APP fraud. Get your copy here.

An introduction from Dr. Nicola Harding

The Payment Systems Regulator’s (PSR) approach to tackling Authorised Push Payment (APP) fraud is the finance industry’s ‘millennium bug moment’.

Much like Y2K, where no one knew how things would shake out, there’s been a noticeable tension as the industry prepares for and adjusts to these new rules.

Whatever happens, one thing is clear: APP fraud needs to be tackled as a matter of urgency. The PSR regulation is the alarm bell. Now we all must respond.

When you work for a bank, dealing with fraud cases and customers all day, it’s easy to forget how difficult these scams are to spot. But there’s a reason fraud accounts for 40% of all recorded crime in the UK. Fraudsters have honed their tactics to exploit even the most vigilant among us. The banking industry’s trust, systems, and practices are used against us in ways that have proven difficult to detect and stop.

Victims are not naive: they are targeted by highly-organised criminal networks that remain steps ahead of the defences we currently have in place. Reimbursing victims is a starting point, but the next question for financial institutions is: how do they stop fraud reimbursement from eroding their bottom line?

After extensive discussions with stakeholders across the UK—including the Payment Systems Regulator themselves, various banks, and victims—I believe collaboration is crucial. However, collaboration must mean more than handshakes and meetings; the sector must evolve into one interconnected fraud prevention team.

Enjoying the blog? Download the e-book on APP fraud, written by Salv, Thistle Initiatives and We Fight Fraud today.

Enabling meaningful fincrime collaboration

This will require proper technological integration, enabling all corners of the industry to work together effectively. Then, the solution to APP fraud becomes more straightforward. Follow the stolen money, stop it while it’s in the UK, and return it to its rightful owner.

Until then, the impact of the PSR’s new rules will vary, depending on the fraud prevention and refund mechanisms a company has in place. What’s crucial is that customers now receive equal protection, regardless of who they bank with. This levelling of the playing field is not only a regulatory expectation but a paradigm shift in how we respond to criminal activity.

The e-book we’ve written with Salv and Thistle Initiatives guides you through how APP scams are used as part of the criminal playbook, told from the victim’s perspective. It uses the inputs of 30 industry practitioners from banks and fintechs at a roundtable event, where we discussed the same victim story as in the e-book. It’s designed to help financial crime professionals critically evaluate your current setup and processes.

Could your company have detected and stopped this scam before it was too late? And if not, what can you do differently to ensure that next time, you can?

If you read the e-book, I urge you to keep these questions in mind. The answers will help you protect your customers better and safeguard your company’s bottom line by reducing the need for reimbursement.

Change is happening, whether we’re ready or not. If we work together, we can meet this challenge head-on. We are stronger when we fight fraud together.

Download the e-book, Inside the Scam: How APP Fraud Fits into the Fraudster’s Playbook to learn more.

×
ISO/IEC 27001 logo
Aicpa logo
GDPR compliant logo
OWASP logo

We build security to our products and organisation from the start. We use security best practices (incl. ISO 27001, CIS etc.) to ensure that our security management system meets the highest standards.

Salv has an ISO/IEC 27001: 2022 certificate, as well as ISAE 3000 compliant SOC 2 Type 2 report.