November 27 • 2023

FCA Multi-Firm Review of APP Fraud – What does it mean for you firm? 

Cybercrime is low risk, low investment, and high return. Not surprisingly, illegal financial gain is one of the biggest reasons for cyber-attacks. The result is a predicted USD 10 Trillion of damages by 2025. Our vision is to change that.

The Financial Conduct Authority (FCA) has just completed a multi-firm review of fraud prevention controls and complaints handling, focused on APP fraud. 

The review has happened as the UKs APP problem is still large, with Authorised Push Payment Fraud (APP) losses of £239.3m for H1 2023 vs. £241.9 down 1% in H1 2022. However, case were up 22% from 95,167 to 116,324. 

This is despite the numerous initiatives already in place, such as Confirmation of Payee (COP) and the Contingent Reimbursement Model (CRM) and with new PSR rules due this time next year. 

With the new PSR rules coming into effect in under a year, impacting all UK PSPs of Faster Payments and the FCA Consumer Duty that came into force at the end of July 2023, the number of firms the rules apply to, is in the thousands. 

What are the key areas that the FCA raised as being a problem in their review? 

It is clear from the FCA report most firms need to up their game on at least some elements here to avoid fines and Dear CEO letters. 

What do firms need to do? 

Firms need to ensure that they are meeting both the forthcoming PSR regulations and FCA Duty Of Care requirements as part of a comprehensive fraud management strategy. 

This should cover: 

 Victim Response 


Improve access to sources of real time actionable intelligence to improve you end to end fraud strategy, throughout the whole of the customer lifecycle: 

Review our PSR Scam Regulatory Response to see how we can help.

About CYBERA   

At CYBERA  we’re on a mission to stop money laundering and help protect customers from scams and other financial cybercrime. We close gaps that allow cyber criminals to thrive by sharing crime data in real-time with financial institutions, fintech, and crypto exchanges, and coordinating a global response to support customers who have become victims of financial cybercrime.   

CYBERA WATCHLIST™ helps support firms to reduce fraud and money laundering and meet regulatory requirements as part of a holistic fraud and financial crime strategy.   

Financial Institutions (FIs) can check against the CYBERA WATCHLIST™ for confirmed mule accounts when processing payments. For outbound & inbound payments, where there is a match on either IBAN (Account Number & Sort code) or on Name the transaction can be flagged as high risk.   

At account opening and ongoing CDD, email, phone and name can be used to match to CYBERCRIME WATCHLIST™ to reduce opening new mule accounts.   

CYBERA VSR™ further supports by providing users with alerts of any of their accounts reported as mules directly in their dashboard.   

Unlike other data sources, CYBERA is a global solution, so is well placed to support the increasing levels of cross-border real-time payments.