Currently, in the United Kingdom, there is an increase in tension between banks and technology companies specializing in the implementation of activities in the social media area, in the context of the question of which party should be responsible for paying compensation to people who have become victims of fraudulent crimes in the Internet space.
From Monday, October 7, in the mentioned country, financial institutions must compensate victims of the so-called authorized push payment (APP) fraud. It is worth noting separately that the amount of the corresponding compensation will not exceed 85,000 pounds ($111,000). The new system of rules on the interaction of banks with customers implies the right to payments in respect of those clients of creditors who have been tricked or subjected to psychological manipulations designed to transfer money to criminals.
APP fraud is a form of a scam in which representatives of the criminal environment convince people to send them financial funds. It is also worth clarifying separately that in such cases, fraudsters impersonate individuals providing certain services, or as representatives of a business of a corresponding orientation.
The amount of reimbursement, amounting to 85,000 pounds, may be too large for some banks and companies offering consumers solutions for financial transactions. Rare such payments are unlikely to become a factor of significant financial losses, but the more frequent regularity of the need to comply with the new norm will be a sensitive source of impact on the position of lenders and firms of the mentioned category. Moreover, common payments can take a bank or a company that provides financial services, on the verge of bankruptcy. In this context, it is also fair to assume that customers may become less attentive and cautious when making transactions against the background of a guarantee of compensation for potential damage from fraudulent activities. For banks and payment companies, this means a significant probability of having to reimburse for those losses that might not have happened if consumers had acted more responsibly in the context of their behavior with outside parties. The guarantee of compensation reduces the risks for consumers. Theoretically, this new norm is unequivocally positive, but human psychology does not consist entirely of positive components. Some customers of banks and payment companies may perceive, including unknowingly, the mentioned guarantee as permission for irresponsible actions. If the appropriate scenario is implemented, the number of fraudulent crimes will increase significantly. For banks and payment companies, such a situation will mean an additional financial burden, which may sometimes be unbearable.
It is also worth noting separately that security threats in cyberspace have increased recently. To a large extent, the corresponding state of affairs is related to the development of artificial intelligence. Scammers also have access to AI technologies, which is why their activities have become more sophisticated. In the context of countering such threats, which are relevant, including from the point of view of the risks of financial losses, personal awareness of ensuring security in a virtual environment is important. For example, a query in an Internet search engine, such as how to know if my camera is hacked, will allow anyone to get information about signs of unauthorized access to the device.
The UK Payment Systems Regulator (PSR) has abandoned the idea of introducing a higher compensation amount for victims of fraud after receiving a negative reaction from the industry. In particular, the mentioned idea was not supported by the industry group the Payments Association, which stated that the initial proposal of payouts would be too large for companies and organizations operating in the financial services sector.
At the same time, in the United Kingdom, the issue of whether all banks and payment firms will be able to cope with the new burden of costs associated with the reimbursement rule for victims of fraud continues to be a topic of discussion. Reducing the amount of compensation does not cancel out the additional financial burden.
Last week, Revolut, a virtual bank headquartered in London, accused Meta of failing to handle what is needed to tackle fraud on a global level. At the same time, last week, the technology giant announced the start of partnerships with UK lenders such as NatWest and Metro Bank. As part of this collaboration, Meta will share information with financial institutions about fraudulent activity recorded on virtual platforms included in its digital ecosystem. Also, last week, the technology giant announced the expansion of its Fraud Intelligence Reciprocal Exchange (FIRE). This solution will allow financial institutions based in the United Kingdom to directly share data with Meta that will help detect and take down fraudulent accounts and counteract the implementation of coordinated schemes for the commission of relevant crimes. The technology giant said that as part of the initial experience of cooperation with the mentioned UK banks, it received information that allowed it to block 20,000 accounts that were used by scammers. In this case, it means a virtual network that operated on Meta’s digital platforms and focused on deceiving residents of the United Kingdom and the United States when buying concert tickets.
NatWest and MetroBank are so far the only UK lenders that have joined the fraud information-sharing pact with the technology giant. Moreover, Meta stated that over time, several more financial institutions based in the United Kingdom will be involved in this initiative.
It is worth noting that the social media giant has already faced calls from UK banks to take additional measures to combat fraudulent activity committed on the company’s digital platforms. In this case, it means the corresponding activity on Facebook, Instagram and WhatsApp. In 2022, UK digital lender Starling, which is backed by Goldman Sachs, began boycotting Meta and pulled advertising from its platforms due to concerns that the technology giant could not fully tackle fraudulent financial advertisements. It is worth noting that criminals often use apps included in the company’s digital ecosystem to swindle money from users in various deceptive and manipulative ways.
Meta already has a corporate policy concept prohibiting the promotion of financial fraud, including loan scams and schemes promising high rates of returns. The technology giant also bans publications that contain promises of incredibly large earnings or an absolute guarantee of financial return.
Woody Malouf, Revolut’s head of financial crime, said that Meta and other companies that own social media platforms should help lenders cover the costs associated with reimbursement to victims of fraud. Also, in the context of this statement, it was noted that the mentioned firms have no incentive to take any measures to counter the specified crimes since they do not bear any responsibility for the fact that users lose their money as part of illegal practices implemented by representatives of the criminal world.
It is worth noting that Revolut’s call for large technology platforms to pay financial compensation to people who become victims of fraud on their websites and apps is not something fundamentally new in the context of the relationship between the giants of digital platforms on the one hand and fintech companies and banks on the other hand.
Recently, there has been an increase in the number of fraud cases in the virtual space. Against the background of the implementation of this tendency, tensions in the space of relations between technology companies and banks are increasing. It is worth noting that the intensity of online fraud has increased dramatically after digital platforms began to be used to pay for services and buy goods in a virtual format.
In June, the media published information according to which the Labour Party of the United Kingdom has drafted proposals forcing technology companies to reimburse victims of fraud. In this case, it is implied that firms of the mentioned categories should be financially responsible for criminal activity on their digital platforms. At the same time, the prospects for the implementation of the initiative of the Labour Party are still unknown. The government of the United Kingdom has not yet unequivocally stated its position regarding the practice in which technology companies reimburse victims of APP fraud.
A UK government spokesperson did not respond to a media request for comment on the mentioned issue.
Matt Akroyd, a commercial litigation lawyer at Stewarts, said during a conversation with media representatives that after their victory in lowering the maximum limit of reimbursement for APP fraud to the level of 85,000 pounds, banks will receive another boost if their efforts to push the United Kingdom government to place some regulatory liability on technology companies are also successful. At the same time, he noted that it is a difficult question of what kind of regulatory regime can cover those firms that do not play an active role in PSR’s payment systems, and how. According to him, the relevant issue is not likely to be resolved any time soon.
Banks and regulators have long been pushing companies that own social media platforms to collaborate more closely with retail lenders in the United Kingdom. In this case, it means interaction within the framework of countering the rapidly growing and constantly evolving threat of fraud. The main ask in the relevant context is for technology companies to share more detailed information about how criminals use digital platforms for their own purposes.
At a UK finance industry event focusing on economic fraud in March 2023, regulators and law enforcement agencies drew attention to the need for social media firms to do more as part of the fight against fraud. At this event, Kate Fitzgerald, head of policy at the PSR, stated that a significant part of the crimes of the mentioned category originate from social media platforms. She also noted that absolute transparency is needed regarding where fraud is committed so that regulators can know where to focus their efforts in the value chain.
At the mentioned event, regulators underlined that companies that own social media platforms are not making sufficient efforts to combat and remove attempts to defraud Internet users.
Rob Jones, director general of the National Economic Crime Centre, a unit of the UK National Crime Agency, said at an event last March that the bit that’s missing is the at-scale social media firms taking down suspect accounts that are involved in fraud. He also noted that it was difficult to overcome inertia in companies of the mentioned category to truly gain them in the relevant practice.
Meta rejected suggestions that it should be held liable for paying out compensation to victims of APP fraud. In written evidence presented to a parliamentary committee last year, the social media giant said banks were too focused on their efforts to transfer responsibility for fraud to other industries. Meta also underlined that the relevant actions of financial institutions form a hostile environment that is beneficial for fraudsters.
Separately, the technology giant said it could use live intelligence from major banks to help stop fraud and develop and improve its machine learning and artificial intelligence detection systems. The company also called on the government to encourage such cross-industry cooperation. In a separate statement to the media, Meta underlined that banks, including Revolut, should seek to join forces with the technology giant on its FIRE framework to facilitate the process of data exchange between the firm and large lenders.
A spokesperson for Meta, while talking to reporters, noted that FIRE is designed to allow banks to share information so that the company can interact with financial institutions to protect people using prospective services. Also, in this context, it was underlined that fraud is a multi-sector spanning issue, the resolution of which is possible only through joint efforts.
It is worth noting that financial crimes continue to be a sensitive issue for the United Kingdom. At the same time, London is demonstrating, albeit moderate, but still positive results in countering the relevant threats. Last year, residents of the United Kingdom who became victims of fraud lost a total of 1.17 billion pounds. This figure is 4% lower compared to the same data for 2022. The relevant information was released by UK Finance, a trade association for the United Kingdom banking and financial services sector.
Pedro Barata, chief product officer at Feedzai, a fraud detection software development company, commenting on the mentioned data, said that the fight against scams has never been as important as it is now. The expert also noted that although the amount of money lost by residents of the United Kingdom as a result of fraud in 2023 is lower than the figure for 2022, much more needs to be done to protect consumers from the corresponding threat. Pedro Barata stated that behavioral biometrics, device analysis, transactional data, and profiling can stop the process of committing a crime of the specified category at an early stage and with minimal impact on the user. Separately, the expert underlined the importance of joining forces to combat the corresponding threat.
Also, last year, banks in the United Kingdom prevented unauthorized fraud for 1.25 billion pounds. This result was achieved due to the high level of efficiency of financial institutions’ security systems.
The total losses of residents of the United Kingdom from fraud related to unauthorized transactions across payment cards, remote banking, and cheques in 2023 amounted to 708.7 million pounds. This indicator decreased by 3% year-on-year. The total number of recorded cases in the corresponding category was 2.7 million, which is 2% less than in 2022.
The total losses of residents of the United Kingdom from APP fraud in 2023 were recorded at 459.7 million pounds. This indicator is 5% lower compared to the figure for 2022. The mentioned amount includes 376.4 million pounds of personal losses and 83.3 million pounds of business losses. The total number of APP fraud cases in the United Kingdom in 2023 was 232,429. This indicator increased by 12% year-on-year. It is also worth noting separately that APP fraud is still largely associated with the abuse of online platforms and telecommunications. Last year, 76% of the relevant cases originated from online sources, mainly so-called lower-value scams, such as purchase scams. Also, in 2023, 16% of APP fraud cases originated from telecommunications networks. In this case, a scam involving impersonation is implied, among other things.
It is worth noting that within the framework of the practice of committing financial crimes of the mentioned category, fraudsters mainly at the initial stage attempt to socially engineer personal data from their victims. Also, in this case, a specific feature is that the affected party, from a legal point of view, independently makes a payment transaction. The corresponding circumstance complicates the counteraction to APP fraud. Also, in this context, it is worth noting that some people ignore numerous warnings from employees and security systems of financial institutions, overly trusting scammers.
Last year, in the United Kingdom 287.3 million pounds were returned to victims of APP fraud. The corresponding amount increased by 59% compared to the figure recorded in 2022.