Daily Dash: UK Regulator Cracks Down On Finfluencers

October 23, 2024
<
Back
The UK’s Financial Conduct Authority is targeting individuals illegally promoting financial services on social media, Swift is rolling out an AI-powered tool for tackling cross-border payments fraud, Portugal is taking a more interventionist approach to payment services fees, and the ECB is revising the oversight requirements for systemically important payment systems (SIPS).

UK Regulator Cracks Down On Finfluencers

The UK’s Financial Conduct Authority (FCA) is taking action against so-called "finfluencers" it believes may be illegally promoting financial services on social media firms such as TikTok and Instagram. 

Twenty influencers are being interviewed under caution as part of the regulator's efforts to clamp down on unlawful promotions. 

In addition, the FCA has issued 38 alerts against social media accounts suspected of making illegal financial promotions.

"Finfluencers are trusted by the people who follow them, often young and potentially vulnerable people attracted to the lifestyle they flaunt," said Steve Smart, joint executive director of enforcement and market oversight at the FCA.

"Finfluencers need to check the products they promote to ensure they are not breaking the law and putting their followers' livelihoods and life savings at risk."

The FCA intervention comes after it has already taken action against nine individuals and finfluencers for promoting an unauthorised trading scheme.

Swift To Launch AI-Powered Fraud Defence For Cross-Border Payments

Swift has announced that it is rolling out a new AI-powered anomaly detection tool that will help financial institutions identify and prevent fraud in cross-border payments.

Following a successful pilot with financial institutions in Europe, Asia and North America, the tool is set to be available from January 2025 onwards.

The new tool builds on Swift’s existing Payment Controls Service, drawing on pseudonymised data from billions of transactions to identify and flag suspicious activity in real time.

Since February this year, Swift has been working with financial institutions to explore how federated learning, combined with privacy-enhancing technologies, could enable market participants to share information without revealing their proprietary data.

The group has so far developed a number of additional fraud detection use cases which are set to be tested in a sandbox environment.

Portuguese Parliament Enacts New Law On Payment Fees

The Portuguese parliament has approved Decree-Law No. 72/2024, amending previous legislation that will mean a more interventionist approach to payment services fees. 

Published on October 16, 2024, the law builds on Decree-Law No. 3/2010, which prohibits fees for payment services and ATM transactions.

A key update introduced in the legislation mandates a uniform transaction commission of 0.2 percent for both debit card payments and instant transfers, extending equal customer protection rights to users of third-party payment apps.

ECB Launches Public Consultation On Payment System Oversight Changes

The European Central Bank (ECB) has launched a new public consultation on proposed revisions to the oversight requirements for systemically important payment systems (SIPS).

The updates follow a year-long review of the existing regulation, which was initially adopted in 2014.

Key changes include a revised definition of SIPS operators, allowing euro area branches of non-euro area entities to be identified as SIPS operators. 

New governance requirements, including the mandatory establishment of risk committees, are also proposed, and the revisions also introduce new articles on cyber risk and outsourcing management.

The consultation period will run until November 29, 2024, inviting feedback from market participants.

G7 Wants Urgent Action On Quantum Computing Risks In Financial Sector

The G7 Cyber Expert Group, co-chaired by the US Department of the Treasury and the Bank of England, has issued new guidance urging financial authorities to prepare for cybersecurity threats posed by quantum computing. 

The group has warned that quantum computers, once fully developed, could break current encryption standards, jeopardising financial data and system security.

Although such capabilities may still be a decade away, the G7 has emphasised the need for immediate action, stating that financial institutions need to assess quantum computing risks and start planning for quantum-resilient technologies to safeguard future and historical data. 

The G7 group has urged in its joint statement that financial entities work to understand the risks, develop mitigation strategies and adopt the necessary technology to secure the financial system against emerging quantum threats.

Commonwealth Bank Breaks Anti-Spam Rules, Pays A$7.5m

Commonwealth Bank of Australia (CBA) has paid a A$7.5m ($5m) penalty for sending more than 170m marketing emails that did not comply with Australia’s anti-spam laws. 

An investigation by the Australian Communications and Media Authority (ACMA) found that, between 2022 and 2024, CBA sent 170m emails that did not include an option to unsubscribe.

Moreover, nearly 35m of these emails were sent to customers who either had not consented to receive them or had previously withdrawn their consent. 

This is CBA’s second major breach of the anti-spam rules, after it paid a A$3.5m ($2.3m) penalty in May 2023 for sending 65m emails without an option to unsubscribe.

“The ACMA took action against CBA just last year for not delivering on their customers’ rights to unsubscribe from marketing messages,” said ACMA chair Nerida O’Loughlin.

“We have now had to take further action after this new investigation found that CBA had incorrectly classified millions of messages as non-commercial.”

APP Fraud Down, CNP Fraud Up, Latest UK Finance Stats Reveal

UK Finance has released its Half Year Fraud Report for 2024, revealing that £571m was stolen through unauthorised and authorised fraud in the first six months of the year. This marks a 1.5 percent decrease compared with the same period in 2023.

Authorised push payment (APP) fraud losses decreased by 11 percent to £213m, with significant drops in purchase scams, romance scams and investment scams.

However, online platforms and telecommunications continue to drive APP fraud, with 72 percent of cases starting online.

Unauthorised fraud losses across payment cards, remote banking and cheques rose by 5 percent, totalling £358m, while card-not-present (CNP) fraud saw a 26 percent spike.

Ben Donaldson, managing director of economic crime at UK Finance, said the fight against fraud cannot be won by the financial services industry alone. 

"There have been some improvements made by other sectors, but their actions don’t yet fully match the scale of the problem, and more needs to be done to prevent fraudsters exploiting these platforms and networks," he said.

Klarna Steps In Following Demise Of Apple Pay Later

Klarna has announced that its buy now, pay later (BNPL) service is now available to Apple Pay users in the US and UK when checking out online or in-app.

The BNPL firm also said it will launch within Apple Pay in Canada in the “coming months”.

Klarna will appear in "Other Cards & Pay Later Options" when checking out on Apple Pay with an iPhone or iPad.

The move follows the launch and swift withdrawal of Apple’s own BNPL service, Apple Pay Later.

As covered by Vixio, Apple Pay Later was discontinued in June this year, less than 12 months after its full launch.

One of the reasons given was that Apple had decided to pursue partnerships with other BNPL firms, instead of offering BNPL services directly.

PC Editorial

Our premium content is available to users of our services.

To view articles, please Log-in to your account, or sign up today for full access:

To read more articles like this, along with gaining access to the tools that will help you navigate compliance risk with confidence, request a demo of our RegTech platform today.

Related articles

March 14, 2025

Regulatory Influencer: European Union's Approach to ICT Incident Reporting

In recent weeks, the European Commission has published two significant regulations under the Digital Operational Resilience Act (DORA) which will contribute towards firms’ compliance efforts, standardising reporting of major ICT-related incidents and cyber threats. The first, Commission Delegated Regulation (EU) 2025/301, sets out technical standards for the content and timing of mandatory incident reports and voluntary cyber threat notifications. It sets out classification criteria, reporting deadlines and required details, such as impact assessments, remediation efforts and communication with authorities. Meanwhile, Commission Implementing Regulation (EU) 2025/302 provides standardised templates, forms and procedures for reporting. This regulation mandates uniform reporting formats, secure submission channels and requirements for complete and updated information. Both regulations, published in the Official Journal of the EU, took effect on March 11, 2025, 20 days after entering the statute book.
Read article
March 14, 2025

Week In Crypto: US Stablecoin Battle Heats Up As House, Senate Reintroduce Bills

Although US lawmakers appear to be aligned on the need for federal stablecoin legislation, they are no closer to an agreement on which bill should prevail and what provisions it should include.
Read article

Opt in to hear about webinars, events, industry and product news

Gambling Compliance

Learn more

Payments Compliance

Learn more
Still can’t find what you’re looking for? Get in touch to speak to a member of our team, and we’ll do our best to answer.
Contact us
No items found.
No items found.
Australia
European Union
United States
Portugal
United Kingdom
International

Please choose your preferred
service to log in to.

GamblingCompliance
PaymentsCompliance
Don’t have an account?