PSR plans for scams reimbursement
The Payment Systems Regulator (PSR) in the UK recently completed its consultation with industry on its proposed reforms to the regulation around Authorised Push Payment (APP) scams, which would require reimbursement for victims from their Payment Services Providers (PSPs) including banks and fintechs.
The consultation, CP22/4: Authorised push payment (APP) scams: Requiring reimbursement sought feedback from industry participants on the potential impact of this regulatory shift, including a proposal to split the liability for the scams losses 50:50 between the sending and receiving PSPs.
Whilst the proposal tackles the very real and urgent issue of the impact of scams on consumers, there is a risk that the industry is too focused on treating the symptoms of scams rather than curing the disease.
Featurespace response to the PSR
Featurespace outlined its position on the proposed regulation across five key points.
1 – Collaboration not competition
There are elements of the proposal that seem to foster competition between PSPs, centred on apportioning blame for fraud losses and avoiding bearing the costs rather than focusing on driving down the rate of scams. The variable proposed liabilities across complex fraud schemes, disbursement trees, and repatriation efforts could tie up vital fraud-fighting resource in interbank disagreements.
2 – Unanticipated consequences
The proposed changes have the potential to drive large-scale changes in the behavior of consumers and fraudsters, making it more challenging to accurately identify scams, as well as increasing the Total Cost of Fraud for PSPs through requirements for new people, processes, and technologies. Should these increase to unmanageable levels for small PSPs, it risks threatening the thriving UK fintech ecosystem. And it is likely they will increase; currently unreported fraud will surface as a result of the changes.
3 – Missing innovation
The New Payments Architecture (NPA), Request to Pay (R2P) service, and the ISO 20022 data standard are all conspicuously absent from the proposal, suggesting that as an industry we are missing the opportunity to leverage the innovations that already exist.
4 – Neglecting inbound transactions
Transaction monitoring on inbound payments for the purposes of fraud prevention would be more effective in preventing criminal networks from profiting from scams than focusing on reimbursements. And reducing inbound fraudulent payments would simplify the repatriation and reimbursement process. Inbound fraud prevention for APP should be a requirement of the proposal.
5 – Making the UK a safer place to transact
As an industry it is necessary to address the current impact APP is having on consumers. It is neither right nor fair that consumers are bearing the costs of rampant fraud in the UK. The proposal in its current form appears a fairly blunt instrument. It may or may not eventually reduce the overall fraud levels in the UK. The missing element is the focus on making the UK a safer place to transact. Featurespace would welcome more specific mandates on driving down fraud rates, perhaps taking inspiration from the low-risk thresholds applied in Strong Customer Authentication (SCA) exemptions under the Revised Payments Services Directive (PSD2), as this incentivises low fraud rates.
All of this creates a massive incentive for UK PSPs to invest in fraud controls, and particularly in technologies which can outsmart criminals. As an industry there is a lot of opportunity to apply machine learning, and in particular deep learning techniques to improve fraud prevention rates on both outbound and inbound payments.