July 25 • 2023

Pre-Summer News Round Up: Authorised fraud scams and regulation 

Cybercrime is low risk, low investment, and high return. Not surprisingly, illegal financial gain is one of the biggest reasons for cyber-attacks. The result is a predicted USD 10 Trillion of damages by 2025. Our vision is to change that.

The summer is now upon us, so here’s a roundup of recent news, all with a bearing on fraud, scams and how firms need to respond to protect customers. Many of these are interesting updates to previous blog posts. 


Duty of Care 


In an important ruling the UK Supreme Court have been clear on the limits of banks duty of care to their customers. The judgement made clear the bank has a duty to act on its customers instructions and “It is not for the bank to concern itself with the wisdom or risks of its customer’s payment decisions.” However, this was a corporate and not a retail consumer, and an international payment, so only some impact on retail consumers, but clearly leaves businesses largely to their own risk management. A previous Appeals Court case found only an account number sort code was required for a CHAPs payment, yet we have now had Confirmation of Payee brought in through voluntary means and this will also become mandatory next year for all UK PSPs for Faster Payments. 


The consumer focused PSRs rules on APP frauds, will continue, unimpacted by this ruling, as the Financial Services and Market Act (FMSA) has achieved Royal Assent in the last few weeks. In addition there is also the FCA’s Duty of Care will also apply to FI’s to help protect retail consumers from fraud and scams. 


It is clear from both this judgement that contracts between parties need actioning and there are big issues if this is not the case. This is why banks as well as regulators and governments have wanted changes to the law to support elements, such as delaying payment instructions. However, as we have seen, FIs still need to have the right sorts of controls in place to meet their regulatory and commercial contracts. If they wish to avoid liability.  


This will undoubtably put more onus on businesses, particularly larger businesses to undertake their own actions here, e.g. checking against known, rules lists for new and amended payment instructions. For corporates we may see some of these prevention and detection features become paid for services, where these go above and beyond the banks legal and regulatory obligations. 


Failure to Prevent law: proposed amendments 


A previous blog highlighted the proposed failure to prevent law in the UK, which the House of Lords have proposed further amendments to. There are two key amendments; bringing in a failure to prevent money laundering law and bringing firms of all sizes into scope, including foreign firms doing business in the UK, whereas previously only large firms were in scope. 


These changes, if they make it through to the final statue, will put enormous pressure on firms to have controls in place to demonstrate they are taking steps to prevent their staff and agents from enacting fraud or money laundering for the firms gain. 


Articles such as this one demonstrate how this might impact on firms who benefit from extra income, they should know is fraud or ML. 


Does brand reputation trump liability? 


We usually focus on what firms can do with a focus on liability reduction, but the key should be about protecting the customer. This goes for all firms, not just the FI’s sending and receiving fraudulent payments, but also those firms that lose the victims data in the first place. A new report suggests that firms who do not protect their customers data or let them be scammed, will find their customers walking away. 


The report’s key points are: 



However, it doesn’t have to be this way. Victims who are helped by firms, especially where funds are recovered, and therefore have a positive experience when falling victim to fraud or scams can lead to an increase in Net Promoter Scores (NPS). 

About CYBERA  

At CYBERA we’re on a mission to stop money laundering and help protect customers from scams and other financial cybercrime. We close gaps that allow cyber criminals to thrive by sharing crime data in real-time with financial institutions, fintech, and crypto exchanges, and coordinating a global response to support customers who have become victims of financial cybercrime.    

CYBERCRIME VSR™ lets victims report fraud and scams to increase chances of recovery.     

CYBERCRIME WATCHLIST™ helps support firms to reduce fraud and money laundering and meet the requirements of the CRM as part of a holistic fraud and financial crime strategy.