Research has revealed that losses caused by Authorised Push Payment (APP) fraud will reach USD 6.8 billion in 2027. With this in mind, it is clear to see why APP fraud has become a big concern for not just consumers, but regulators and financial services alike.
In an attempt to combat fraudsters, the UK held its first Global Fraud Summit earlier this year where it was proposed that slowing down payments would be the solution to tackling APP fraud. Under the new proposed draft law, bank payments could be delayed for up to four days if fraud is suspected to allow any suspicious transactions to be properly investigated.
When existing solutions such as Request-to-Pay (RTP) mitigate the risk of fraud by design, there’s no need to slow down progress in the sector by placing payments on a four-day hold. Despite often being considered as the birthplace of real-time payments, with the new proposed draft law, the UK is at risk of falling behind the curve.
Regulators can no longer afford to overlook RTP, here's why:
APP fraud is an increasingly common scam method used by fraudsters to trick individuals into authorising fraudulent transactions. This is achieved through criminals pretending to be an individual’s bank or even a trusted relative in order to get an individual to send funds to them.
The FCA has split APP fraud cases into two main categories: malicious payee and malicious redirection. Malicious payee fraud is when a criminal tricks someone into buying goods or services that are never received, or do not even exist in the first place. Malicious redirection involves a fraudster impersonating a trusted authority in order to get someone to transfer funds out of their own bank account and into the criminal’s account.
Sadly, fraudsters are often opportunistic and tend to rely on major events, such as the pandemic, to trick vulnerable individuals who have fallen on hard times. As APP fraud continues to pose significant threats to businesses, looking at solutions to help mitigate this risk, including RTP solutions, should now be considered a priority instead of enforcing major changes to payment cycles which will stifle innovation.
There are many different reasons as to why B2B payments are vulnerable to fraud.
One reason why B2B payments are vulnerable to fraud is due to the complexity and volume of B2B transactions. B2B transactions often involve large amounts of money, which makes them an attractive target for fraudsters. These transactions also tend to involve multiple different parties, and each party adds an additional layer of complexity and vulnerability that criminals could exploit.
Another reason why B2B payments are vulnerable is due to human error. With many businesses still approving payments manually or relying on human intervention during the payment processes, organisations are opening themselves up to a world of risks. The manual human intervention element opens the door for criminals to impersonate an individual involved in the payment process and redirect payments to a fraudulent account - adding another unnecessary layer of risk.
A final reason why B2B payments are vulnerable is due to many companies still leveraging legacy technology. Research has shown that two thirds of organisations still leverage legacy technologies. Legacy systems have much weaker security measures and likely fail to utilise security measures such as Multi-Factor Authentication which help combat fraud. This combination of legacy systems and outdated security measures means that businesses are even more vulnerable to fraud.
The measures that UK regulators have proposed to address APP fraud are drastic and fail to consider pre-existing solutions such as RTP. RTP is an innovative solution which complements existing bill payment methods and allows a payment request to be sent to a payee through a secure digital channel. This enhanced control and visibility for both the business requesting the payment and the payee makes RTP the solution required to mitigate APP fraud.
RTP solutions have enhanced verification processes which involve the businesses requesting the payment to first verify their identity before then prompting the payee to confirm the payment request is legitimate and authorising the payment. This also acts as an added authorisation control as the payee must approve and authenticate the request before the payment is made, which further mitigates the risk of APP fraud.
On top of this, many RTP solutions allow businesses to create custom approval limits and set custom alerts for different types of payments. For example, if a payment request comes through which is higher than the default amount, it will alert a higher-level member of the business who will need to verify the payment before it goes any further. As alluded to above, RTP requests are carried out through a secure digital channel which includes verifiable details about the business or individual that is requesting a payment. This verification will also reduce the risk of phishing attacks, which is one of the most common APP fraud tactics.
RTP solutions have long been overlooked by officials, despite already mitigating the ever-growing threat of APP fraud. The proposed new measures are not only dramatic but also risk positioning the UK behind the curve in the payments sector. In order to remain a front runner in payments, UK regulators should be looking for the most innovative solutions, not stalling progress. The UK regulators are now faced with a choice, to slow down innovation and payments, or acknowledge Request-to-Pay as the solution to mitigate APP fraud once and for all.
Tim has almost twenty years of extensive experience in payments and tech, having worked at American Express for over a decade. Tim was B2B sales leader for Global Merchant Services and Director of Alliances at Tradeshift, managing key financial services partners such as HSBC, Santander, SEB and AMEX, with a focus on improving the payments process in the supply chain for enterprise businesses.
Bluechain is a secure network that simplifies the entire receivables process using Request-to-Pay (RTP) technology. Bluechain champions timely payments and convenient customer billing, reducing fraud and streamlining reconciliations. Bluechain is dedicated to making billing better and easier for businesses and customers alike.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now