velera How Credit Union Innovation Can Drive Gen Z Engagement May 2024 Banner

UK Wants to Turn Faster Payments Into Four-Day Payments

APP Fraud, push payments fraud, fraud prevention

When it comes to innovation, the United Kingdom can find itself on a literal island. And the kingdom’s latest regulatory push, one that is targeting authorized push payment (APP) fraud, has left observers wondering whether that island may be sinking. 

This, as the U.K.’s first Global Fraud Summit, hosted by the Home Secretary, kicked off Monday (March 11) with the novel concept of taking faster payments, and slowing them down by a lot.  

Under the proposed new draft law, bank transfers and payments could be delayed for up to four days if fraud is suspected, in order to allow any illicit activity to be properly investigated. 

In an ironic twist, the U.K. is one of the original birthplaces of real-time payments — with the nation making faster payments a requirement in 2008 through the Faster Payments System (FPS) initiative, which reduced payment times between different banks’ customer accounts to around a few seconds, down from the three working days that transfers usually take. 

Now, those three working days could be coming back — with a bonus day tacked on. 

Read moreBanks Say Better to Be Proactive Than Reactive When Making Payments Real Time

The potential regulatory crackdown comes after U.K. citizens collectively lost 485 million pounds ($620 million) to APP fraud in 2022. 

APP fraud is an increasingly common scam tactic where criminals deceive victims into authorizing irrevocable fraudulent transactions, either by posing as a bank representative or a trusted friend or relative, and imploring the victim to send funds — which they then frequently do. 

Complicating matters, as the U.K. lawmakers noted, is that around 70% of fraud offenses have ties to overseas criminals. Per a report published by Interpol on Monday, APP fraud is often perpetrated by organized criminal groups, including human traffickers, who force people to work in scam centers which target potential victims of fraud across the world. 

“We are facing an epidemic in the growth of financial fraud, leading to individuals, often vulnerable people, and companies being defrauded on a massive and global scale. Changes in technology and the rapid increase in the scale and volume of organized crime has driven the creation of a range of new ways to defraud innocent people, business and even governments. With the development of AI (artificial intelligence) … the situation is only going to get worse without urgent action,” said Interpol Secretary General Jürgen Stock in a statement. 

Weighing Security Against Speed

Currently, U.K. banks are required to process payments by the next business day. The proposed draft legislation is aimed at providing banks with more time — four days’ worth — to better look into suspected fraudulently issued transactions. 

But the move has left observers wondering, as payments around the world continue to speed up, whether slowing them down is the silver bullet answer the U.K. thinks it is. 

U.K. firms will have to meet a “two stage test” in order to delay payments up to four days, with the first test being reasonable grounds to suspect the fraud has occurred, and the second test being that it may require more than 24 hours in order to contact the relevant payer about a suspicious payment. 

If passed by Parliament, the U.K.’s push to slow down payments is expected to come into effect on Oct. 7.

The proposed rules will be implemented the same day that the Payment Systems Regulator’s new rules on mandatory reimbursement for APP fraud take effect, requiring banks and other payment firms to reimburse victims of APP fraud up to 415,000 pounds ($529,671) per incident.

The issue here is that the regulation holds banks liable for reimbursing consumers for fraud in the event of already authorized push payments fraud. He who bears the risk traditionally has the power to make the rules, but by forcing banks to pay for mistakes that consumers have authorized, the result is now that U.K. banks are backing off from instant payments. 

“Fraud ruins lives. Con artists and thieves are a threat to hard-working families across the country,” U.K. Security Minister Tom Tugendhat said in a statement

And there is no doubt about that, but the implication that faster payments lead to faster fraud — and the decision to slow down payments as a result — could have the unintended downstream effect of stifling further payments innovation in the U.K., which itself could keep the doors open to fraud given the proclivity bad actors have already shown for abusing legacy and traditional payment systems. 

Rather, as fraudsters adapt their tactics to exploit advanced technologies, there is the need for more innovative solutions that leverage AI and machine learning to develop advanced analytics and solutions — not less. 

As for the larger picture surrounding fraud itself, and the trends that are making financial institutions (FIs) cautious about fully embracing open banking and instant payments, PYMNTS Intelligence found that 43% of FIs reported an increase in fraud in 2023 compared to the previous year.

See alsoThe Role of Banks in Scaling B2B Payments Innovation

More Innovation is the Answer to Payments Fraud 

When payments innovation goes backward as a result of regulation, it only allows for bad actors to widen the gap between their techniques and their targets. 

The experts that PYMNTS has spoken to regarding instant payments believe that collaboration between financial institutions, technology providers and payment processors is crucial to combating the new iteration of frauds and scams targeting faster payments — as is end-user education around the risks endemic to push payments. 

Pradheep Sampath, chief product officer at Entersekt, told PYMNTS in February that the broader payments ecosystem needs to adopt a paradigm of shared intelligence. This involves financial institutions and payment service providers anonymizing transactions and sharing data to collectively refine models and anticipate threat vectors.

Collaborating on denial lists is also critical to enable the sharing of information about fraudulent actors or merchants across the broader ecosystem, he added. Adopting standardized approaches, such as the W3C’s Web Authentication standard for passwordless authentication, can bolster security significantly.

Echoing this sentiment, Nick Fleetwood, head of data services at Form3, told PYMNTS that the consortium approach has proven effective at identifying 80% of fraud within a system.

“This makes it very inefficient for a fraudster [to be successful] using instant payments, because they’re in a position where 80% of that fraud will be stopped,” Fleetwood said. “Consortium intelligence will become a key aspect in the fight against fraud in instant payments … and beyond.”

The business and consumer benefits of payments innovation are compelling. If they are mitigated in the U.K. due to regulation, they will simply be realized elsewhere — and that gap may be hard to close in the future.