APP Scams and Liability: Essential Insights for the Rest of 2024
As we hurdle through 2024, data continues to indicate a global rise in fraud incidents, with scams becoming particularly prevalent.
Amidst liability changes taking shape in numerous countries, it’s more important than ever to consider: What does the future hold? Let’s explore what’s ahead.
Recent data from the United Kingdom and the United States is disturbing. In the US, consumers faced an unprecedented $10 billion in losses to scams and fraud in 2023, marking a 14% rise from the previous year’s figures, according to the Federal Trade Commission. In the UK, fraud losses more than doubled to £2.3 billion in 2023 – the second-highest figure recorded in the past two decades, according to BDO.
Challenges of 2024: Navigating APP scams and AI exploitation
A similar surge in fraud can be observed worldwide and is largely driven by an increase in scams, including authorized push payment (APP) fraud, impersonation scams, and others. UK banks have sounded the alarm on a “scam epidemic,” with Barclays reporting that last year, over 70% of scams occurred on social media, online marketplaces, and dating apps.
Industry and security experts are also raising concerns that fraudsters are increasingly exploiting advancements in artificial intelligence to deceive consumers. The integration of generative AI and deepfakes into scams and social engineering efforts is enhancing their believability, enabling scammers to operate more effectively and victimize more people.
The escalating success of fraudsters is eroding what is arguably the digital payment industry’s most crucial asset: consumer trust. In response, national regulators worldwide are prioritizing stronger customer protection by implementing new fraud reimbursement regulations.
Introducing the UK’s pioneering reimbursement regulation
Set to be introduced on 7th October 2024, the UK’s innovative reimbursement regulation is capturing global attention. This new framework mandates equal responsibility for both sending and receiving banks in reimbursing customers in instances of APP fraud and establishes consistent minimum standards for customer protection. Notably, exemptions are few, with customer gross negligence being one, though the burden of proof rests with the bank to demonstrate the customer’s lack of due caution.
The final version of PSD3 highly anticipated
Looking ahead, this year also anticipates the finalization of the Payment Service Directive (PSD3) and Payment Service Regulation (PSR1) by the European Union. Eagerly awaited, the new rules aim to update and enhance PSD2 from 2016. This is particularly relevant to fraud prevention and liability, an area where PSD2 is lacking – especially as we witness the growing occurrence of impersonation fraud and APP scams.
Read more about the liability shift
The European Commission thus plans to enhance requirements for fraud detection and prevention. This includes strengthening transaction monitoring measures, mandatory confirmation of payee (i.e., checking if IBAN matches the account name), establishing a legal basis for PSPs to share fraud-related information, increasing awareness of fraud threats, and implementing changes in liability. Contrary to PSD2, which limits bank liability to unauthorized fraudulent transactions, PSD3 is proposing extended refund rights to victims of impersonation fraud under specific circumstances.
Looking forward: Cooperation, data, and technology
With the implementation of the UK’s reimbursement rules and the advent of PSD3, 2024 is going to be a landmark year for liability for fraud losses. Combating APP scams also remains one of the key challenges for regulators and financial institutions, particularly as fraudsters utilize increasingly sophisticated AI technologies.
For banks and PSPs to stay ahead of evolving fraud tactics and meet regulatory demands, it is crucial to foster collaboration, share fraud data, and invest in advanced fraud prevention technologies that can identify a wide spectrum of fraud, including APP scams.