FCA reiterates fraud protection requirements in ‘Dear CEO’ letters

With payment service providers (PSPs) now required to pay up to £85,000 to victims of APP fraud perpetrated through the faster payment system (FPS) and the clearing house automated payment system (CHAPS), the FCA has taken the opportunity to set out its expectations in this area.

In the letters addressed to the CEOs of payment/e-money institutions, banks and building societies, the FCA said that organisations should apply due diligence and ongoing monitoring measures to identify accounts and transactions related to fraud.

Nicholas Kamlish, financial regulation expert at Pinsent Masons, said: “The FCA has made it clear in its most recent Business Plan and 2022-2025 Strategy that reducing and preventing financial crime is one of its top priorities. The FCA is now taking faster, more proactive enforcement and supervisory action against firms which directly facilitate financial crime. Organisations should ensure robust systems and controls are in place to identify and address any fraudulent activity.”

The FCA letter says that controls must be supported by effective and regularly reviewed governance arrangements and accurate data. In line with the wider context set out in other recent publications by the regulator, firms are expected to monitor fraud trends and report their findings to the FCA on a regular basis. The aim here is for the data to help identify systemic issues, improving overall fraud prevention measures. Banks and building societies are being urged to work closely with law enforcement to tackle fraud. The FCA has also highlighted the importance of investing in technology that can identify fraudulent transactions in real-time and prevent them from being processed.

Adequate training for staff is another important element set out by the FCA, with firms expected to ensure that employees are well-equipped to handle fraud claims and provide necessary support to victims.

“The interplay with consumer duty is vitally important here. Many victims of APP fraud will be vulnerable customers, and firms cannot apply excesses or bars for gross negligence to claims by such customers. The FCA will expect firms to consider providing similar protections to the mandatory reimbursement rules for channels like ‘on us’, intra-firm, payments which are not covered by the rules,” said Kamlish.

Claims up to £430,000 for APP fraud can still be made to the Financial Ombudsman Service.  

Kamlish said: “As ever, compliance with both the due diligence and ongoing monitoring requirements of the Money Laundering Regulations and the FCA’s expectations under the consumer duty must be maintained to avoid action by the regulator and the risk of mass claims.”