Out-Law News 2 min. read
10 Dec 2024, 3:54 pm
Financial institutions and online platforms in Ireland have been urged to review their procedures on preventing, mitigating and reporting fraud in light of a recent report into authorised push payment (APP) fraud.
Sarah Twohig of Pinsent Masons in Dublin made the recommendation after the Joint Committee on Finance, Public Expenditure and Reform, and Taoiseach (Joint Committee) report highlighted that APP fraud is an increasing trend in economic fraud in Ireland with wide-ranging impacts.
APP fraud occurs where victims are manipulated or tricked into making real-time payments into bank accounts controlled by fraudsters posing as genuine payees. This type of fraud commonly occurs with the consent of the victim, without realising the transaction is fraudulent, and can involve the loss of sensitive banking information, such as account numbers or PINs.
The Joint Committee report was commissioned in response to the growing trend of APP fraud and to examine the impact it has on consumers and businesses in Ireland, which has been precipitated in part by an increase in real-time payments and online banking, particularly during and post the Covid-19 pandemic.
In its report, the Joint Committee examined five main areas, including: the prevalence and economic cost of APP fraud; reporting obligations; customer rights; policy response; and international examples – including the introduction of a mandatory redress scheme for APP fraud in the UK.
Instances of fraudulent activity in Ireland are required to be reported to Irish police, An Garda Síochána, and regulators, in line with obligations under the Criminal Justice (Money Laundering/Terrorist Financing) Act 2010 and section 19 of the Criminal Justice Act 2011 in respect of offences under Schedule 1 of that Act.
The Joint Committee called for a centrally led, whole-of-system approach to combat APP fraud in Ireland, “whereby the state, financial services, social media companies, telecommunications companies and An Garda Síochána can collaborate to devise appropriate strategies to better share intelligence, implement protections for consumers and develop barriers to criminal activity”.
Amongst its central recommendations for businesses, the Joint Committee said a direct line of communication between financial institutions and social media companies or internet providers should be “developed urgently … to ensure swift reporting and removal of fraudulent advertisements”.
The Joint Committee also recommended the establishment and implementation of a uniform reporting standard regarding all known instances of suspicious or fraudulent activity and called on businesses in the banking and payments sector, telecommunications companies and online platforms to adhere to these standards. It noted the lack of uniformity across financial institutions and online platforms in reporting and removing fraudulent advertisements by customers or users as well as in respect of the reporting of instances of suspicious fraudulent activities to law enforcement in Ireland.
The Joint Committee further recommended the creation of a shared fraud database to record fraud or attempted fraud, which would be available to stakeholders with a “legitimate interest”, and that legislation be affected “without delay” to enable the creation of such a database.
Online platforms, it said, should also be statutorily obligated to ensure that they only publish advertising for financial products and service from companies that are regulated by their competent national authority.
The Joint Committee also recommended that the National Economic Crime Strategy is published and enacted without delay. It also highlighted that responsibility for tackling APP fraud is currently fragmented across different entities in various sectors and recommended the establishment of an expert group led by a designated central authority to combat and prevent APP fraud.
Twohig said: “The Joint Committee notes in its report a ‘lack of uniformity’ across financial institutions and online platforms regarding who reports instances of suspicious or fraudulent activity to the Gardaí. Businesses in Ireland, particularly ones operating in those spaces, should take steps to review their procedures on preventing, mitigating and reporting fraud, however, industry will look to the next Irish government to implement legislation so that a central strategy can be put in place to respond more effectively to APP fraud in Ireland.”