With new regulation regarding Authorised Push Payment (APP) scams coming into place later this year we spoke to Anthony Gudgeon, Head of Fraud Operations at Thredd, about what this means for businesses.
What is the new PSR regulation regarding APP scam reimbursement?
The Payment Systems Regulator (PSR) is building upon the existing Contingent Reimbursement Model (CRM) and extending it to all banks and payment companies. Which will ensure more protection and consistent minimum standards are given to cardholders who may have been victims of a sophisticated scam.
The new regulation will support victims who have been coerced into sending money through the payments system to a fraudster by mandating that the majority of victims are reimbursed within 5 days of the reported date. The remitting and beneficiary PSP (Payment Service Provider) will cover the cost of the reimbursement 50:50. In the 2023 UK Finance Annual Fraud Report, the total value of APP fraud was £485.2 million with a reimbursement value of £285.6 million, PSP's could be liable for this value under the new regulations and reimbursement model.
Why is this new regulation being brought into place?
Its primary goal is to provide consistent minimum standards across all PSPs regarding APP fraud prevention, case investigation and reimbursement to a victim. The regulation aims to do this by:
- Improving how PSPs are managing the ongoing fraud threat by putting in place specific and direct warnings to cardholders when making payments.
- Having clear guidance to PSPs for investigating cases that consider vulnerable cardholders and include exceptions for first party fraud and gross negligence.
- Mandating that the sending and receiving PSPs are 50:50 liable for reimbursement costs, in some cases even when the warnings have failed to prevent the fraud from taking place, thus incentivising PSPs to improve on their APP fraud prevention.
What can businesses to do prepare for the 7th October 2024 deadline?
PSPs should consider what fraud tools they have in place or will need to manage the regulations that are coming, the PSP should consider:
- How to provide these specific and direct warnings to cardholders during the payments flow.
- Create the ability to hold payments coming into the account and before leaving an account when fraud is detected.
- Where appropriate, recruit a team to manage APP fraud cases, the mandatory reimbursements for victims of fraud and create policies and procedures ready for the new reporting requirements.
- Have a robust machine learning model in place to prevent APP fraud, whilst maintaining the user experience (e.g. from false positives and necessary friction).
Find out more about Fraud solutions from Thredd here.
