On 31 January 2018, the Financial Conduct Authority (the FCA) published a 'Dear CEO' letter it sent to firms on authorised push payment (APP) fraud.
Why has it been sent?
This letter follows the report by the Payment Systems Regulator (the PSR) published on 7 November 2017 covering the work done on APP scams. The FCA published a press statement supporting industry-led initiatives and has highlighted fraud prevention as one of its priorities in its 2017/2018 business plan.
What are the industry-led initiatives?
The FCA is actively supporting the APP Best Practice Standards developed by UK Finance. If these standards are adopted across the industry, the FCA believes this could significantly improve the experience of those who fall victim to the APP scams.
What has the FCA asked senior managers to consider?
The FCA has asked senior managers to consider how they are stopping APP fraud in the context of their obligations under the Senior Managers and Certification Regime (SM&CR). The FCA has posed three questions:
1 Which of your Senior Management Function (SMF) holders has been allocated responsibility for the firm’s policies and procedures for countering the risk that the firm might be used to further financial crime, including APP fraud and other payment services fraud?
2 Are the senior manager(s) in (1) above ensuring that adequate measures are being taken to address APP fraud and other payment services fraud?
3 If you have committed to adopt the UK Finance Standards, how will you incorporate them into your policies, procedures and target operating model?
Does the FCA want firms or senior managers to respond answering these questions?
No. But the FCA has made it clear it expects firms and senior managers to be taking an active role in industry initiatives to help reduce the impact of APP scams.
Can we expect a continued scrutiny on APP fraud scams?
Yes. The FCA says it will take further action where it is needed.
What do I need to do?
If you are a senior manager or a payment services firm, we recommend (a) reviewing the FCA's questions and (b) preparing an internal paper documenting your answers to them. This will allow you to explain your position clearly to the FCA, or the PSR, if it comes asking questions in the future.