CHALLENGE FORUM
Combating APP fraud in financial services: Navigating challenges and innovating solutions
Produced by:
Listen to the episode in the Enterprise Thought Leadership podcast, powered by TechPros.io
CHALLENGE FORUM PARTICIPANTS
The UK banking sector is currently grappling with a formidable challenge—the rise of Authorised Push Payment (APP) fraud. This type of fraud involves manipulating consumers into willingly sending money to scammers has dramatically increased in recent years. Fraudsters are leveraging a combination of real-time payment schemes, social media, and advanced social engineering techniques to perpetrate these scams, leaving banks and consumers alike struggling to keep up.
In response, FintelligenX, in partnership with TechPros.io, convened a roundtable of industry leaders across the financial sector to tackle the pressing question: "What is the right level of 'payment grit' (friction) to introduce to reduce fraudsters' spell?"
PTom Martin, who leads the economic crime prevention platform at Lloyds Banking Group, led the discussion, which delved into the complexities of the APP fraud challenge and explored potential strategies for tackling this growing threat. In addition to Martin, the panel included, Andy Willmot, CTO at Onebanx; Abhay Chungroo, founder and CEO of FintelligenX; David Pollington, Head of Research at Bloc Ventures; Hemen Shah, Partner at Ernst & Young LLP focused on financial crime; and Gautam Hazari, co-founder and CTO of Sekura.id.
The discussion covered a wide range of topics related to APP fraud, from the tension between friction and customer experience to the potential of artificial intelligence (AI) and machine learning (ML) in fraud detection. The participants also explored the need for greater collaboration and data sharing across the industry and the role of regulation in driving progress.
CHALLENGE FORUM
Combating APP fraud in financial services: Navigating challenges and innovating solutions
Produced by:
The UK banking sector is currently grappling with a formidable challenge—the rise of Authorised Push Payment (APP) fraud. This type of fraud involves manipulating consumers into willingly sending money to scammers has dramatically increased in recent years. Fraudsters are leveraging a combination of real-time payment schemes, social media, and advanced social engineering techniques to perpetrate these scams, leaving banks and consumers alike struggling to keep up.
In response, FintelligenX, in partnership with TechPros.io, convened a roundtable of industry leaders across the financial sector to tackle the pressing question: "What is the right level of 'payment grit' (friction) to introduce to reduce fraudsters' spell?"
Tom Martin, who leads the economic crime prevention platform at Lloyds Banking Group, led the discussion, which delved into the complexities of the APP fraud challenge and explored potential strategies for tackling this growing threat. In addition to Martin, the panel included, Andy Willmot, CTO at Onebanx; Abhay Chungroo, founder and CEO of FintelligenX; David Pollington, Head of Research at Bloc Ventures; Hemen Shah, partner at Ernst & Young LLP specialising in financial crime; and Gautam Hazari, co-founder and CTO of Sekura.id.
The discussion covered a wide range of topics related to APP fraud, from the tension between friction and customer experience to the potential of artificial intelligence (AI) and machine learning (ML) in fraud detection. The participants also explored the need for greater collaboration and data sharing across the industry and the role of regulation in driving progress.
CHALLENGE FORUM PARTICIPANTS
The APP Fraud Landscape
Martin kicked off the roundtable by painting a stark picture of the APP fraud landscape in the UK.
‟
The UK is targeted because we've got faster payments, social media, and we're quite an affluent country. You put that combination together, and we are a real target for the fraudsters.
The scale of the problem is indeed alarming.
According to UK Finance, there were 149,946 cases of APP fraud in the UK in 2020, with losses totalling £479 million. This represents a 5% increase in cases and a 22% increase in losses compared to 2019.
The COVID-19 pandemic has only exacerbated the issue, with criminals capitalising on the surge in digital transactions and heightened financial vulnerability.
Martin highlighted that banks face a challenge in maintaining a balance between adding friction to digital payment journeys to deter fraudsters and ensuring that it does not negatively impact the customer experience. He said staying focussed on our customers is key. He stressed that a commercial and preventative approach is necessary, but finding the right balance will be difficult.
Other participants echoed the complexity of the challenge. Willmot stated,
‟
Initiatives are already underway at the moment around Payment Systems Regulator (PSR) to introduce more consumer protection for faster payments. And I think that's an essential thing that needs to be done.
Chrungoo highlighted the diversity of APP fraud typologies and victim profiles.
‟
It's very dynamic in the context, so where do you think the line is in terms of the bank doing this on a customer's behalf or actually customers telling you how much grit they would be happy to accept?
The APP Fraud Landscape
Martin kicked off the roundtable by painting a stark picture of the APP fraud landscape in the UK.
‟
The UK is targeted because we've got faster payments, social media, and we're quite an affluent country. You put that combination together, and we are a real target for the fraudsters.
The scale of the problem is indeed alarming.
According to UK Finance, there were 149,946 cases of APP fraud in the UK in 2020, with losses totalling £479 million. This represents a 5% increase in cases and a 22% increase in losses compared to 2019.
The COVID-19 pandemic has only exacerbated the issue, with criminals capitalising on the surge in digital transactions and heightened financial vulnerability.
Martin highlighted that banks face a challenge in maintaining a balance between adding friction to digital payment journeys to deter fraudsters and ensuring that it does not negatively impact the customer experience. He said staying focussed on our customers is key. He stressed that a commercial and preventative approach is necessary, but finding the right balance will be difficult.
Other participants echoed the complexity of the challenge. Willmot stated,
‟
Initiatives are already underway at the moment around Payment Systems Regulator (PSR) to introduce more consumer protection for faster payments. And I think that's an essential thing that needs to be done.
Chrungoo highlighted the diversity of APP fraud typologies and victim profiles.
‟
It's very dynamic in the context, so where do you think the line is in terms of the bank doing this on a customer's behalf or actually customers telling you how much grit they would be happy to accept?
Envisioning the Future: The UK's Fraud Marketplace
As the roundtable explored the intricate challenges posed by APP fraud, Martin provided compelling foresight into a ‘fraud marketplace’—the evolution of fraud in the UK that continuously adapts and innovates in response to countermeasures and technologies.
‟
As we navigate these changes, it's crucial to imagine how the fraud marketplace in the UK might adapt… Understanding the complexity and anticipating new forms of fraud before they happen will be key to staying one step ahead.
This forward-looking perspective highlighted the necessity for the financial sector to not only react to current fraud types but also anticipate future schemes that could emerge. It's a call to adopt a more anticipatory approach, considering how today's solutions might influence tomorrow's fraud landscape. By conceptualising the ‘fraud marketplace,’ Martin stresses the importance of innovation, collaboration, and regulatory agility to outpace fraudsters' evolving tactics.
These insights serve as a crucial reminder of the ongoing battle against APP fraud—a battle that requires constant vigilance, adaptability, and a proactive stance from all stakeholders involved.
Balancing Friction and Customer Experience
One key theme that emerged from the discussion was the tension between introducing friction into payment journeys to prevent fraud and maintaining a seamless customer experience. Hazari posited that enhancing security entails compromising customer satisfaction and advocating for innovative, non-intrusive solutions.
‟
Do we need to add more friction to reduce fraud, or can we find frictionless ways to do it without losing customers?
Martin recognised the challenge of finding the appropriate balance and mentioned that his bank is exploring various strategies to tackle it. He commented on the impact of fraudsters' tactics and how difficult it is to combat them. "Their spell is so powerful," he said. "That's why it's such a challenge to identify the right interventions and break the spell."
He shared an example of the bank's efforts to fine-tune friction:
‟
We frequently test different payment warnings and continuously improve, but unfortunately we won’t be able to stop all fraudulent payments going through.
In discussing the delicate balance between security and user convenience, Pollington highlighted the critical role of customer interaction with security prompts.
‟
When legitimate users encounter these prompts, their thoughtful pause and consideration of the warnings can indicate their authenticity. This reaction time helps identify genuine transactions and serves as a subtle, user-friendly layer of security, encouraging users to reflect on potential risks before proceeding.
Harnessing AI and Enhancing Data Collaboration
While opinions differed on the right level of friction, there was consensus about the potential of AI and ML to combat APP fraud. Martin shared that his bank has seen "phenomenal" results from AI in fraud detection, but cautioned that it's not a silver bullet.
Gautam Hazari brought attention to the use of GenAI models to manipulate psychological responses through 'Amygdala Hijack,' a technique that compels individuals to make hasty decisions based on emotion rather than logic. "By exploiting the emotional decision-making process, these models effectively bypass rational considerations, playing directly into the hands of fraudsters."
Pollington argued that effective AI/ML models for scam prevention require signals across the payment ecosystem.
‟
It comes back to my previous point about needing to bring data together from both the issuing and acquiring banks in order to create this kind of holistic AI-based solution.
Chrungoo built on this idea, proposing that larger banks could provide AI/ML fraud prevention "as a service" to the ecosystem.
‟
Maybe larger banks wouldn't share their intelligence, but could perhaps make their AI models accessible over APIs, which would make them more available to smaller players.
Martin expressed interest in the concept but noted that legacy technology debt may limit large banks' ability to implement such services quickly. However, he agreed that API-powered data and model sharing could be a game changer in the medium term.
Advocating for Regulatory Support
The proposed ideas were enthusiastically received during the discussion on API-based collaboration. Martin further added that if such intervention is truly cross-industry, it could help. He believes that there would be real value for all if it happens.
Shah pointed out the lack of a single, coherent regulatory regime governing fraud prevention across financial services, telecommunications, social media, and other implicated sectors.
‟
Currently, there is no single fraud regulator in the UK. How do you regulate big techs, telcos and financial services organisations?
Martin agreed, noting that the bank has "done much lobbying from a bank perspective to try and influence other firms, other parts of the ecosystem to do more." He cited the example of the recently announced Online Safety Bill, which will place new requirements on social media companies to tackle fraud on their platforms.
‟
The more that we could get particularly Meta to do more, the better, because that is the root cause of a lot of particularly APP fraud.
Exploring the effectiveness of regulatory frameworks in other financial areas, Willmot offers a perspective that underscores the need for a multifaceted approach to fraud prevention:
‟
Currently, it's all faster payments based. However, we don't usually associate APP fraud with card transactions, and there's a good reason. The card industry has a robust liability framework, including chargebacks and other protections, which effectively deters fraud. This leads us to consider whether we could apply similar solutions to APP fraud, rather than merely increasing friction to individual journeys.
A Unified Call to Action
As the virtual roundtable made clear, APP fraud is a societal problem that no single actor can solve alone–A coordinated effort is needed among banks, payment networks, social media platforms, telcos, regulators, and consumers.
Gautam Hazari provided insight into practical measures implemented by banks in the UK, such as the Scam Signal/Line Busy technology used by mobile networks. By identifying and blocking potentially fraudulent communications, these tools play a crucial role in safeguarding consumers and demonstrates effective cross-industry collaboration to enhance real-time fraud prevention.
Martin passionately argued for an ecosystem-wide response.
‟
Fraud is definitely growing, and we need to act. It's clearly for the benefit of all of our customers collectively in the UK to really collaborate and tackle this now, rather than let it grow even further.
Willmot agreed, envisioning an Open Banking-style framework where originators like social media platforms could
‟
check using some information about the context of that payment to see whether or not they want to send that payment through or not, but it needs to be done in cooperation with the information that's held in the banks.
The ideas are there—smarter friction, AI/ML-powered risk scoring, API-based data and model sharing, and regulatory mandates for ecosystem collaboration. What's needed now is leadership to drive progress forward.
With APP fraud losses mounting and consumer trust on the line, the industry must unite to break the fraudsters' spell. Every stakeholder has a role to play. The time to act is now.
FintelligenX, the roundtable sponsor, is at the forefront of empowering financial institutions to combat APP fraud effectively. By leveraging real-time intelligence sharing, advanced data analysis techniques, and fostering collaboration between banks, FintelligenX aims to revolutionise the fight against fraudsters.
‟
Our goal is to tailor general intelligence to the financial sector, making it practical and applicable in the present, rather than years ahead. By providing banks with the tools and insights they need, we can create a more robust and resilient financial ecosystem.
As the financial industry navigates the complexities of APP fraud prevention, collaboration, innovation, and regulatory support will be critical drivers of success. By embracing emerging technologies like AI, sharing data and intelligence, and working together across sectors, financial institutions can stay one step ahead of fraudsters and protect their customers in an increasingly digital world.
The path ahead may be challenging, but with a unified approach and a commitment to innovation, the financial sector can rise to the occasion and safeguard its customers' trust and assets.