.svg)
The UK’s Payment Systems Regulator (PSR) is inviting feedback on its proposed publication of data related to authorised push payment (APP) fraud sources, which will reveal which online platforms are most vulnerable to misuse.
This data will reveal the platforms and services most frequently associated with fraud incidents, aiming to spotlight "fraud enablers" and strengthen cross-industry responses to fraud.
In its letter requesting feedback, the PSR says it plans to rank firms by the number of times they have been reported by fraud victims as an enabler of fraud types such as romance scams and impersonation scams.
The regulator adds that it may also publish rankings of firms by specific sectors or sub-sectors, such as the most common enabler recorded among listing or auction sites, the most common among social media platforms, and so on.
The consultation is open until December 4, 2024, and stems from data collected earlier this year, when the PSR used its regulatory authority to gather data from the 14 largest banking groups in Great Britain and Northern Ireland.
This dataset reveals which online and telecoms platforms are commonly reported as facilitating contact between fraudsters and their victims.
Scheduled for public release in mid-December, the report will categorise these “enabler” platforms by frequency of fraud reports, creating a clearer picture of where fraudsters are targeting consumers and which firms are most associated with fraudulent activities.
This move will no doubt be welcomed by payments and banking professionals, who have long pushed for action on this from the regulator.
“Many payments firms and industry bodies have published datasets at a sector level,” the letter, signed by David Geale, PSR managing director, says. “They have called for other industries to act to stop attempted financial crime before consumers are exposed to harm.”
A variety of payment service providers (PSPs) have published data on this previously. Revolut, for example, published data in October that revealed Meta platforms were the biggest source of all scams reported to Revolut globally in H1 2024, at 62 percent.
Facebook was the most common source, accounting for fraud volumes (39 percent) more than double those of the next highest platform, WhatsApp (18 percent).
Geale says in the letter that the PSR welcomes initiatives between technology, telecoms and other large online-based businesses, as well as the payments industry, to better understand the threats and improve their collective response.
“However, we consider that more systemic action is needed. Data insights can be a powerful way to encourage a greater ecosystem response to prevent APP [authorised push payment] fraud,” he says.
“This data tells us which private sector companies are most commonly reported as enabling contact between fraudsters and victims that results in an APP fraud payment.”
What could this mean for the payments ecosystem?
This initiative will only add to the scrutiny that big tech platforms receive from financial institutions when it comes to fraud. This is not a UK-specific issue either, with trade associations in the EU also pushing for more accountability from platforms.
This has became an issue not just within the payments ecosystem, but further afield as well, with politicians having joined calls for more action from tech and telecoms actors in dealing with fraud.
It has been reported that Rachel Reeves, the UK finance minister, will use her Mansion House speech this evening (November 14) to urge the technology and telecoms sectors to do more to combat online payment fraud, for example.
This data from the PSR will only add fuel to that fire. If social media platforms are frequently highlighted as enablers of APP fraud, these companies may face even more increased pressure to invest in more advanced fraud detection and prevention technologies.
Measures might include stricter verification processes for users, enhanced monitoring of suspicious accounts and a more proactive detection of fake profiles.
This could see partnerships with the banking industry ramped up. One example of such a key partnership is the Fraud Intelligence Reciprocal Exchange (FIRE) programme, which allows banks to share intelligence with Meta directly to combat scams on its platforms.
There could also be increased regulatory scrutiny, something which may also take place in the EU with the Payment Services Regulation (PSR).
If the PSR data shows that social media firms are a significant vector for APP fraud, regulators might impose specific obligations on them to address these vulnerabilities.
This could include mandatory reporting of suspected fraud cases or penalties for failing to act on known fraud risks.
Sources in the payments space have told Vixio that they are under the impression that the UK Treasury is waiting to see whether the EU acts on social media liability, and has left the door open to following suit.
There is also a case for implementing a fraud levy, which was touted by parliamentarians on the Home Affairs Select Committee prior to the general election that took place earlier this year.
