28 Jun 2024

Where next in the fight against online fraud? – By Innovate Finance

Publications

By: Christopher Foo, International Policy Associate at Innovate Finance 

Late last year Innovate Finance launched our General Election FinTech Manifesto where we called on the next government to ‘make the UK the most secure place in the world for consumers and businesses to use digital finance’. Fighting fraud is essential because it has the potential to dampen confidence in digital finance and impede the UK’s international competitiveness.

Our manifesto calls on the next government to set ambitious targets to tackle payments fraud and improve data collection and analysis across all sectors, introduce shared responsibility and liability for social media and telecommunications companies, and create a National Anti Scam Centre. These proposals were the topic of discussion amongst a diverse group of stakeholders featuring FinTechs, digital challenger and high-street banks, regulators, RegTechs, consumer groups and academics at the Innovate Finance Global Summit (IFGS) policy roundtable on fraud in April. Some key themes emerged from the roundtable that built on our initial policy proposals.

Firstly, delegates discussed the importance of data sharing, data collection and data standards. There was unanimous agreement that real-time data sharing and data collection between the public and private sectors, and between payment service providers and tech companies is pivotal to preventing fraud. It was noted that with this data, for instance, banks would be able to better assess when and where transactions are taking place and conduct necessary checks if a transaction appears suspicious. However, data sharing will face hurdles because every organisation has different data standards. There is also concern that any big ideas on data sharing might hit a brick wall due to its apparent incompatibility under existing General Data Protection Regulation (GDPR) rules.

Secondly, collaboration was raised where delegates lamented the siloed approach to tackling fraud across government and regulators. There was a feeling that the government and regulators did not appreciate the joint actions needed to tackle fraud across industry. While financial regulators such as the Payment Systems Regulator (PSR) are focused on the role of payments companies in tackling fraudulent payments, not enough is being done to simultaneously hold tech companies accountable for fraud origination. For example, Ofcom’s proposals to implement the Online Safety Act 2023 does not impose sufficient incentives to compel Big Tech firms such as Meta to impose digital verification requirements for listings on Facebook Marketplace. The implementation of the Act is also not aligned with the PSR’s go-live date of 7 October for its mandatory reimbursement scheme where payments firms must reimburse victims of Authorised Push Payment (APP) fraud.

This is why we called for the next government to incentivise the tech sector to do more and prevent fraud on their platforms through shared liability in reimbursing victims of APP fraud. Industry data shows that 77% of all APP fraud cases originate online, of which social media platforms like Meta are estimated to account for over 60% of all APP fraud. It is right that those Big Tech firms responsible should play a part in reimbursing victims. They can and should do more to stamp out online fraud.

Finally, looking internationally for ideas to prevent fraud was explored. Delegates picked up on our suggestion to create a National Anti Scam Centre as established in Australia. It was noted that the initial impact has been positive despite being a nascent organisation. However, delegates also suggested that the UK could look further and beyond Australia by leaning on the skills and expertise of the tech sector given that they possess vast amounts of data that can detect and prevent fraud. While it is absolutely right that Big Tech is pressured to do more, a National Anti Scam Centre should also work with them to better understand data and how that data can be used to make decisions.

We believe a National Anti Scam Centre could facilitate collaboration between different stakeholder groups, including tech and telecommunication companies. It should develop and implement effective data sharing and analysis between the public and private sector, undertake specific projects to address acute issues, and help coordinate effective communication with consumers on the risks of fraud and types of scams. For this to succeed, a centralised authority is needed to set data standards and establish a compulsory online safety code of practice. Data protection rules should also be reformed.

Other themes that were raised at various points during the policy roundtable include privacy, making the Online Safety Act work as best as possible notwithstanding its limitations, and wariness about any proposal that could lead to increased friction in online payments.

All views expressed at the roundtable have provided us with an impetus to further expand on our manifesto proposals to fight fraud in our plan for government. As we work on this, we will carry the mantra of ‘thinking FinTech first’. Proposals would not only make the UK the safest place to transact online, but also a place where financial innovation continues to flourish in a responsible way.