Financial crime experts know that criminals will exploit the government’s cost-of-living schemes intended to help vulnerable people, just as they did with targeted help during the pandemic. So, is enough being done to protect vulnerable customers before they fall victim?
While the National Audit Office (NAO) published figures from HMRC indicating that around £4.5bn was lost due to error or fraud when COVID-19 support schemes were rolled out, the actual figure could be higher because it is an ongoing estimate. Recommendations have been made to HMRC and HM Treasury for future schemes, but there will be similar exploitation from fraudsters during the cost-of-living crisis. Although the NAO and Home Office are developing a second Economic Crime Plan, it will be delivered too late to help the most vulnerable during the current difficulties.
There will also be more ‘deep fake’-style attacks that are mostly automated. This type of attack has already been used with some success in ‘fake president fraud’, which involves a criminal posing as a company executive and persuading an employee to transfer large sums of money. The first one that shook the industry was in 2019 when a CEO fell victim to a deep fake voice attack, costing an energy firm $249,000. It should be recognized that this technology is now widespread and would be a simple tool for fraudsters to adopt.
The speed at which new fraud vectors are being created is unlikely to slow, and financial crime risk will always be greater during periods of economic uncertainty. Criminals will try to exploit the uncertainty and anxiety that the current financial situation in the UK will create – from gas and electricity scams to purchase scams relating to paying for Christmas or next year’s holiday to targeting businesses with invoice scams and tax change fraud.
No silver bullet
Although fraud reduction rates are lowering in the UK, it should be noted that this is partly because fraud levels here were exceptionally high to start with. This still leaves some margin for improvement compared to the reduction of fraud in mainland Europe after the Payment Services Directive 2 (PSD2) entered into force. Nevertheless, with more robust customer authentication mechanisms in place, criminal attacks will likely be deflected toward the enrolment and re-enrolment of a user.
The picture is not all doom and gloom, though. Authorized push payment (APP) fraud, which occurs when a person is tricked into sending money by a fraudster posing as a genuine payee, has recently declined, with losses down 13% in the past six months. This decline is attributed to the success of Confirmation of Payee (CoP), although overall figures and the sums involved are still too high.
Nevertheless, a PSR policy paper released in October 2022 states that CoP hasn’t been the silver bullet on APP fraud they hoped it would be. Although CoP helps prevent impersonation fraud, it is unlikely to tackle romance scams (which involve people being duped into sending money to criminals who go to great lengths to gain their trust and convince them that they are in a genuine relationship) or purchase scams. In a purchasing scam, someone is tricked into believing they are paying for goods or services they never receive. In that instance, the name on the account will match the details given by the criminal, so they would pass CoP checks.
Adapting to new regulations and technological innovation
The one thing that has been demonstrated in the past five years is the ability of fraudsters to adapt to new opportunities and threats and continue to innovate in their ability to exploit any weaknesses. Behind every scam and fraud is an individual or business that suffers potential material loss and emotional anguish at the crime committed against them. During times of economic hardship, research indicates that financial crime can increase by 75%-100% on current levels.
With the cost of living crisis and expected recession, now is the time for financial institutions to create customer-centric approaches to prevent criminals from exploiting their customers. What CoP has proven is that widescale adoption of modern technology that drives collaboration can have a material impact on financial crime.
Looking ahead, the focus needs to be on similar solutions enabling information sharing, training models that can adapt to fraud innovations, and policies that protect customer interests. Ultimately, the only way to protect the consumer is to make the UK economic environment, where customers send money, as hostile to criminals as possible by:
- Improving checks when accounts are opened, first receive payment and when money is removed from the account.
- Securing the transaction process by screening inbound and outbound transactions by both the sending and receiving banks.
- Smoother onboarding of new financial crime prevention technologies to enable the banks to innovate as quickly as the criminals.
- Collaboration and data-sharing tools to drive an increase in the level of intelligence and responsiveness to fraud threats.
Now is the time for the financial industry to invest in financial crime prevention measures to adapt to new regulations and put their customers at the heart of their response to preventing fraud and scams. However, there is no silver bullet in fighting financial crime. It will only be reduced by the continuing concerted efforts of all parties – the government and industry working closely together.
About the authors
Jane Jee, Nick Fleetwood, Fabien Ignaccolo, and Neil Turner are part of The Payment Association’s Project Financial Crime, which delivers community-driven solutions and awareness that addresses the problems posed by digital and financial criminal activity.
- Jane Jee is Company Secretary at Numitor, Director of Jee Associates, and leader of Project Financial Crime at the Payments Association
- Nick Fleetwood is the Head of Data Services at FORM3 Tech and a member of Project Financial Crime
- Fabien Ignaccolo is the CEO of Okay and a member of Project Financial Crime
- Neil Turner is the compliance and regulations manager at Mastercard and a member of Project Financial Crime
About The Payments Association
The Payments Association (previously the Emerging Payments Association or EPA) is a community for all payments companies, regardless of size, capability, location, or regulatory status. Its purpose is to empower the most influential community in payments, where connections, collaboration, and learning shape an industry that works for all. It works closely with industry stakeholders such as the Bank of England, the FCA, HM Treasury, the PSR, and Pay.UK, UK Finance, and Innovate Finance.
The Payments Association facilitates the connections through its comprehensive program of activities and with guidance from an independent Advisory Board of leading payments CEOs. It builds the bridges that join the ecosystem together and make it stronger. These activities include monthly digital and face-to-face events, including an annual conference, PAY360, The PAY360 Awards dinner, CEO round tables, and training activities. The Payments Association also runs six stakeholder working project groups covering financial inclusion, regulation, financial crime, cross-border payments, open banking, and digital currencies. The volunteers in these groups represent the collective views of the industry and work together to ensure the industry's big problems are addressed effectively. The association also conducts original research, made available to members and the authorities. These include monthly whitepapers, insightful interviews, and tips from the industry’s most successful CEOs.