Collaboration key to tackling fraud

• United Kingdom

• Financial services disputes and investigations
• Fraud and financial crime

30-03-2022

As stark statistics illustrate that fraud and cybercrime now accounts for over half of all UK crime, in a recent Justice Committee hearing, UK Finance gave a clear message about the financial services sector’s main concerns in this area. UK Finance highlighted the importance of tools to investigate fraud and combat mule accounts, including greater cross-industry collaboration and empowering banks to slow down payments.

Background

• On 22 March 2022, a third session of the Government’s Justice Committee’s investigation into fraud and the justice system brought together representatives from the financial services (UK Finance), technology (TechUK) and telecommunications (Telecommunications UK Fraud Forum (“TUFF”)) sectors to discuss the significant increase in fraud, including authorised push payment fraud (“APP fraud”) and the steps proposed by the sectors to address this

• a consistent theme arising from the discussion was that industry, consumer and public sector bodies, are not doing enough to collaborate in order to tackle fraud. Those gaps are exploited by fraudsters, contributing to fraud losses of approximately £2.4bn across 2020-2021, figures which are likely to rise

• the Government confirmed that the new body taking over from Action Fraud would be in place by 2024 (with more details on the initially announced plans discussed here), and that a new Fraud Action Plan would be published later this year.

UK Finance discussion

• Katy Worobec, Managing Director for Economic Crime at UK Finance, highlighted a “huge growth” in APP fraud. Greater global digitisation, accelerated by the pandemic, facilitates APP fraud, resulting in huge losses for consumers (and also financial services which reimburse a significant proportion of customers falling victim to APP fraud)

• Ms Worobec voiced concerns that these scams can be “very difficult [for banks] to detect”, and highlighted the need to focus attention on tackling scams “upstream”, so they are prevented at source. That is particularly relevant for the huge problem of mule accounts. Innocent individuals are groomed online (usually on social media) by “mule herders” to become mules, allowing their otherwise legitimate accounts to receive the proceeds of fraud and for money laundering, in return for payment from the fraudster. This recruitment process is an example of what Worobec referred to as non-paid (or organic) advertising

• reducing fraud therefore requires greater collaboration, including information and intelligence sharing, not just within the financial services sector, but also across sectors

• in reply to a question about the push for mandatory reimbursement for consumers (as previously discussed by us), Worobec stated that there was a need to “address [fraud] at source”, pointing out that consumer reimbursement will not reduce fraud levels by itself.

UK Finance’s suggestions

• Ms Worobec called for “legislation to slow down and freeze payments to allow industry investigation”. While she did not set out the detail of the desired changes, this would likely involve legislation that codifies the duties and obligations on financial institutions, including the circumstances in which they should refuse to process payments. This would help prevent fraud and also the swift moving of proceeds from account to account, making it difficult to trace and repatriate funds. Worobec explained that the technology already exists, but suggested that the legal framework as it stands acts as a significant barrier. Reforms would allow financial institutions to take a truly risk-based approach

• Ms Worobec was supportive of making it easier to share information about fraud and suspected fraudsters both between financial services institutions and across sectors

• on mule accounts, she suggested the key was to impede both paid and non-paid advertising on platforms, including social media, so that scams do not take place in the first place. Romance scams, which usually originate from contact made on social media, are another example of problematic non-paid advertising. Whereas with traditional, paid advertising, platforms can require advertisements to be pre-vetted, as some already are; non-paid advertising is more difficult to stop. As Worebec noted, the Online Safety Bill seeks to address scam advertising.

Other sectors

• The technology sector is already collaborating with UK Finance as part of the Online Fraud Steering Group¹ , set up nine months ago. Tech UK, as well as TUFF, understand the need for their members to play their part in preventing fraud. All participants agreed there needs to be a joined up, collaborative approach across sectors (including the public sector) if there is to be any hope of reducing fraud and cybercrime

• the financial services sector will welcome an initiative by tech companies to require that those advertising financial services on their platforms be authorised by the FCA

• TUFF explained the challenges faced by the telecommunications industry, and OFCOM, in seeking to tackle number spoofing and scam text messages from which APP fraud often originates.

Comment

• Of most interest for financial institutions will be UK Finance’s request that the Government consider legislation on slowing down payments. The exact nature of these proposed changes and how effective they would be, if they are adopted, remains to be seen. As ever with legislation, the devil is in the details. However, the tension between the primary duty owed to customers to follow their payment instructions, and the need to protect customers from the risk of fraud, is a familiar battleground which is regularly dealt with in litigation and in complaints to the Financial Ombudsman Service

• UK Finance’s proposals would almost certainly impact on some legitimate payment journeys, and whether consumers would be willing to forego some of the convenience of making instant payments, as a quid pro quo for greater fraud protection, remains to be seen

• UK Finance noted that mandatory reimbursement of APP fraud victims is unlikely to be effective in reducing fraud levels without a joined up approach between sectors and relevant public bodies. While mandatory reimbursement may act as a greater incentive on financial institutions to have in place effective fraud prevention matters, this is not a war that can be won by the financial services sector in isolation

• the Online Safety Bill recognises the need for the technology and telecommunications sectors to play their part in tackling fraud. The representations of each of the sector bodies in this session suggest a more collaborative and joined up approach may be possible.

1. A public-private group focused on the threat from online/cyber enabled fraud in the UK.