James Nurse

THE WEEK IN FINANCIAL CRIME The UK’s Payment Systems Regulator (PSR) has proposed a new reimbursement cap for victims of APP fraud to enhance consumer protection and incentivize financial institutions to “implement enhanced fraud prevention tools.” The proposed cap would be reduced from £415,000 to align with the Financial Services Compensation Scheme limit of £85,000. After considering responses to the consultation, the regulator plans to finalize the approach by the end of September, with the implementation date for the protections remaining unchanged on October 7. The Ministry of Home Affairs (MHA) in Singapore has proposed a new bill allowing the police to instruct banks to limit the accounts of individuals suspected of being targeted by scams. This comes in response to the city-state seeing a 50% increase in scam and cybercrime cases in 2023, with job scams, e-commerce scams, fake friend call scams, phishing scams, and investment scams being the top concerns. Under the Protection from Scams Bill, the police would have the authority to issue Restriction Orders (ROs) to banks to temporarily prevent people from sending money to scammers. The MHA has announced the bill will soon become law and has called for public feedback by September 30. On August 28, FinCEN issued a final rule imposing AML and KYC obligations on registered investment advisers (RIAs) and exempt reporting advisers (ERAs). The rule aims to help safeguard the investment adviser sector from illicit finance activity. It follows a February 2024 risk assessment highlighting numerous cases where sanctioned persons, corrupt officials, fraudsters, and other criminals have exploited the investment adviser industry to access the US financial system and launder funds. The deadline for compliance with this rule has been extended from the date originally set out in the NPRM to January 1, 2026.

1

FCA keeps trading apps under review over gaming concerns 📲 The Financial Conduct Authority recently raised concerns over the gamification of trading apps, following an experiment to investigate the impact of digital engagement practices - DEPs - (eg: push notifications and prize draws). 📉 The results showed that digital engagement practices (DEPS) can result in increased trading frequency and risk-taking among certain demographic users. ⚠ These risks could potentially lead to poor financial decision making and decreased financial resilience. Under the FCA's Consumer Duty, trading apps are required to design and test their services to ensure they meet consumer needs and support informed investment decisions, especially for vulnerable groups. 💪 Ruleguard continues to champion consumer interests and help regulated firms across the globe to meet the FCA’s Consumer Duty regulatory requirements. 🤙 Talk to us today and see how we can help you transform Consumer Duty from a challenge to an advantage: https://lnkd.in/e4KXTWMc View full article here: https://lnkd.in/gqyytK9V #FCA #regtech #consumerduty

7

🕵️‍♂️ New fraud rules coming into force today have been condemned for failing to make banks report fraud to UK law enforcement agencies, writes Ellesheva Kissin. ⚠️ The controversial rules, which require all payment providers to reimburse victims of authorised push payment fraud, are a missed opportunity to compel banks to provide intelligence to agencies with the power to prosecute, say leading industry players. 📢 The issue was aired at a Labour party conference fringe meeting last month, at which politicians were grilled on how the new rules would work. 🔍 “All fraud is going to go dark…If there’s no intelligence, are we not actually just making it much easier for them?” asked one participant, who did not give their name. They warned that law enforcement agencies were deeply critical of the rules. 📉 Fraud is already significantly underreported. Law enforcement figures currently estimate that only 14 per cent of frauds are reported to them, according to Kathryn Westmore, a senior research fellow at the Centre for Finance and Security (CFS) at RUSI. 🚨 A prominent law enforcement official, who did not wish to be named, agreed the rules are “a problem” for failing to loop in the police. 📋 “Many from law enforcement circles would probably prefer to mandate reporting to police before reimbursement, just like you’d have to have a crime number if burgled before reporting to your insurance company,” the official said. 👀 Read more below https://lnkd.in/dhdgNqwe #APPfraud #fraud #APP

12

📢 Last week CB Payments Limited (CBPL), a UK-registered E-Money was fined £3.5m The Financial Conduct Authority issued a Final Notice to CBPL, highlighting areas for improvement in their financial crime compliance processes. This serves as a valuable case study for all #fincrime professionals. The key points: ❌ Penalty: CBPL received a £3.5m fine, reduced from £5m due to early settlement. ❌ Breach of Requirements: CBPL breached a Voluntary Requirement (VREQ), an FCA supervisory tool that restricts certain business activities to mitigate risk while the firm enhances its compliance framework. Over three years, CBPL onboarded 13,416 high-risk customers against VREQ restrictions, leading to $24.9m in prohibited deposits and $226m in crypto transactions. ❌ What Went Wrong: The FCA identified significant gaps in CBPL’s automated onboarding systems and financial crime controls. Key issues included inadequate pre-implementation testing, incomplete requirements given to the tech team, and ineffective ongoing monitoring, resulting in repeated non-compliance. Lessons Learned: ✅ Strengthen Controls: Ensure financial crime control frameworks are effective and regularly updated. ✅ Testing: Conduct thorough pre-implementation testing for new controls and continuously monitor their effectiveness. ✅ Record-Keeping: Maintain comprehensive records of all compliance efforts, including design, testing, and implementation steps. ✅ Continuous Monitoring: Implement effective monitoring systems to quickly detect and address any breaches. Utilise dashboards and other tools for real-time compliance tracking. ✅ Timely Remediation: Address any identified weaknesses promptly. For further details, review the full Notice here https://lnkd.in/e9ZMtc_2 #FinancialCrime #MLRO #Compliance #FCA #Crypto #AML #Regulation #effectiveness

3

This isn't really a new theme. Efficient controls are not the same as effective controls. Any decent Compliance Monitoring Plan worth the paper it is written on will demonstrate exactly that. FATF ratings are just a measure to use when constructing your own internal country risk assessments. Never go below their rating, but there is no problem to keep the likes of the Cayman UAE at high risk. #aml #compliance #monitoring #fatf #jurisdiction #mlro #mlco #risk #financialcrime #fincrime https://lnkd.in/ewVR4ruD

7

1 Comment

The three stages of laundering money are: 1. Placement: The ""dirty money"" or proceeds of crime is placed in the financial system; 2. Layering: Moving funds around financial services, with a view to further disguising the proceeds of crime; and 3. Integration: When the money launderers can withdraw the funds from the financial system and use this for seemingly ""legitimate"" activities. Click below for our online Anti-Money Laundering training course, with access to our Free Demo Course.... #AML #AntiMoneyLaundering #RQCGroup

4

APP Fraud in the UK: New Regulations Confirmed. The UK’s Payment Systems Regulator (PSR) has issued a statement confirming the implementation date for the APP fraud (Authorised Push Payments) protections to come into effect, and a new cap for mandated APP fraud reimbursement. Key Highlights: - New Reimbursement Cap: The proposed limit of £85,000 is a significant reduction from the initially suggested £415,000 but aligns with the Financial Services Compensation Scheme (FSCS) cap. This ensures over 99% of claims (by volume) are covered, according to PSR data. - Rationale for the Change: A PSR review revealed very few cases exceeded £85,000, making the new cap more representative while avoiding incentives for fraudsters. - Shared Liability: Both sending and receiving banks will share the cost of reimbursement equally, encouraging a stronger focus on fraud prevention. - New Measures: The FCA has proposed allowing payment service providers to delay outbound payments when fraud is suspected, and updated guidance is expected by the end of 2024. - APP Fraud Trends: While APP scam volumes rose 12% year-on-year from 2022 to 2023, the total value of scams fell by 12%, from £389m to £340.6m. Despite the reduction in the cap, the new rules are expected to galvanise investment in AI-driven anti-fraud solutions and state-of-the-art prevention strategies. However, concerns remain about unintended consequences, such as first-party fraud or the rise of ‘fraud playbooks’. Read the full article by Payments Cards & Mobile for more insights: https://buff.ly/3DZ8sMw #APPFraud #PaymentRegulations #OpenBanking

6

Futures Commission Merchants (FCMs) are calling for more oversight of self-clearing CCP members. Clearing firms worry that PTFs and market-makers joining CCPs en masse will increase systemic risk. Ive just read an excellent article from Luke Clancy at Risk.net . Read it here (paywall) https://lnkd.in/eK8e2vSF. The increasing trend of principal trading firms (PTFs) and market-makers becoming direct members of central counterparties (CCPs) is reshaping clearing. While this shift offers benefits like greater liquidity and cost efficiency, it also introduces significant risks that must not be ignored. The US Treasury clearing mandate—requiring broker-dealers to clear US Treasury securities by December 2025 and repo trades for most participants by June 2026—has been a key driver. To preserve profitability in strategies like basis trading, where margin treatment is critical, many firms see self-clearing as a way to optimise margin offsets between cleared repos and futures. However, concerns from futures commission merchants (FCMs) and other market participants highlight critical risks: 1️⃣ Capital Requirements and Resilience: Banks and FCMs face strict capital rules. Banks must hold 3–5% capital against exposures, and FCMs must set aside 8% of required client margins. By contrast, non-bank CCP members can join with as little as $5 million. This disparity raises concerns about whether these firms can absorb losses during market stress, potentially endangering the system. 2️⃣ Default Fund Contributions and Intraday Risk: CCP default fund contributions are based on end-of-day positions, but PTFs and market-makers often hold substantial intraday exposures. Their trading strategies involve high daily volumes, creating risks that may not be fully captured by CCP risk models. This leaves the system vulnerable if a failure occurs. 3️⃣ Regulatory Oversight: Unlike FCMs, which face intense scrutiny from bodies like the CFTC, self-clearing PTFs operate with lighter oversight. This creates an imbalance, with CCPs incentivised to admit members based on commercial interests rather than systemic safety. If FCMs are heavily audited and fined for minor infractions, should self-clearing members face the same treatment? While some argue that more clearing members enhance resilience—citing examples like DRW’s role in managing Lehman’s positions during the 2008 financial crisis—the systemic risks cannot be ignored. Uniform capital requirements for all CCP members and revised margining practices to account for intraday exposures could help address these risks. As the US Treasury clearing mandate approaches, the industry must balance innovation with stability. How do we ensure progress doesn’t compromise resilience? Your thoughts on these developments are welcome. Glenn Handley SecFin Solutions Education and Consulting Services https://lnkd.in/ePeMPvTu

1

Are you ready for PSD3, PSR and FIDA? Tribe MD Alex Reddish delves into the intricacies of the regulations set to reshape open banking, data access and security in the financial sector: https://bit.ly/45LxKYh The Fintech Times | #PSD3 #PSR #FIDA #Payments #Fintech #PayTech

27

Open Banking #OBL released its Financial Crime Report 2024, providing key insights into financial crime risks and mitigation strategies within open banking journeys. The report highlights the evolving challenges of combating fraud and financial crime in the rapidly growing open banking ecosystem. Key Takeaways Include: ➡️ Total APP fraud losses in the first half of 2024 amounted to £213.7 million across 178,230 payments, underscoring the scale of fraud risks in open banking transactions​; ➡️ Fraudsters are exploiting vulnerabilities in payment authorisation processes, highlighting the need for robust security measures and enhanced monitoring​; ➡️ Collaboration between financial institutions and technology providers is critical to mitigating risks and improving fraud detection within open banking journeys​; and ➡️ The report emphasises the importance of consumer education in identifying and avoiding scams within the open banking environment​ ✅ Financial institutions should continue to prioritise robust fraud prevention strategies to safeguard the integrity of open banking ecosystems. 💡 Learn more about Plenitude’s Fraud Prevention Services and how we help clients enhance their fraud prevention mechanisms: https://lnkd.in/eFGHUH5U https://lnkd.in/ejgyM87t

1

Breaking news on Friday afternoon: AML/CFT Guidance for VASPs How the NZ AML/CFT regime applies to virtual asset service providers ("VASPs" - eg crypto issuers, wallet providers, payment networks and exchanges) has been a topic of debate for many years, and the ambiguity continued despite the recent VASP regulations. Today, the Department of Internal Affairs (DIA) released guidance (Guidance) for virtual asset service providers (VASPs) on the stage 2 amendment regulations under the Anti-Money Laundering and Countering Financing of Terrorism (AML/CFT) Act 2009 (Act). The Guidance gives direction to VASPs in understanding how to approach virtual assets, their quasi-money treatment, and the nature of transfers involving them. It also makes clear the consequences of virtual assets being pulled into the wire transfer regime – that short change of definitions actually represents what is likely the most substantive impact for VASPs, but may not have been understood by all from what is on the regulations’ pages. Many thanks to Sam Short and Darlene Hu for your help putting the note together! And to Jeremy Muir who is buried in the Reserve Bank's CBDC working group today - noting that digital representations of fiat are carved out from virtual assets!

6

Metro Bank’s recent £16.7 million fine highlights a serious lapse in monitoring systems that left millions of transactions unchecked for financial crime risks between 2016 and 2020. Watch as we break down what went wrong and the importance of robust AML/CFT controls in today’s financial landscape, in this week's Weekly Words of Wisdom. #AML #FinancialCrime #Compliance #MetroBank

9

Metro Bank fined nearly £17m for failure to monitor potential money laundering #Metro #MetroBank #AML #MoneyLaundering #Banking #FCA #TSGTSG #SoftwareAssurance #BusinessSystems #BusinessSolutions #SoftwareTesting #SoftwareSolutions #QA #SoftwareQualityAssurance #TestDrivenDevelopment #TestManagement https://soamp.li/m6h2

1

✍️ New article: Suspicious Activity Reporting (SAR) Responsibilities for Payment & Emoney Firms The FCA recently sent a letter to some payments and Emoney firms, where they were reminded of their responsibilities regarding Suspicious Activity Reporting (SAR).   As financial crime continues to evolve, regulators have stressed that firms in the payments and Emoney sectors must prioritise their SAR framework.   Our latest article provides key insights into enhancing your SAR process, including:   ·      Establishing robust detection systems (manual and automated) ·      Senior oversight for effective alert management ·      Keeping accurate SAR volumes to meet regulatory standards ·      Regular staff training to combat financial crime   Read the full article now: https://lnkd.in/e76pWM2m   #Payments #Emoney #EMI #financialcrime #antifinancialcrime #SAR #FCA #Compliance

12

2 Comments

🏦Metro Bank's $17M Fine: A Wake-Up Call for Banks #AML #MetroBank #FCA #MoneyLaundering #FinancialCrime #Compliance #RegulatoryEnforcement 🔰The UK's Financial Conduct Authority (FCA) has imposed a $17 million fine on Metro Bank for potential money laundering failures. This significant penalty serves as a stark reminder of the importance of robust Anti-Money Laundering (AML) controls. 🚩Cause: Between June 2016 and December 2020, Metro failed to have the right systems and controls to adequately monitor over 60m transactions, with a value of over £51bn, for money laundering risks. The FCA identified weaknesses in Metro Bank's customer due diligence and risk assessment processes, including: - Inadequate customer verification - Insufficient risk assessment and monitoring (transaction monitoring was automated in June 2016) - Failure to report suspicious transactions 🚀Lesson Learnt: 1. Risk-Based Approach: Ensure customer risk assessments are thorough and ongoing. 2. Customer Due Diligence: Verify customer identities and beneficial ownership. 3. Transaction Monitoring: Implement effective suspicious transaction detection and reporting. 4. Ongoing Training: Educate staff on AML regulations and best practices. 5. Continuous Improvement: Regularly review and enhance AML controls. 📍Key Takeaways: - AML compliance is non-negotiable. - Regulatory scrutiny is increasing. - Financial institutions must prioritize risk management. Read the full report @ https://lnkd.in/giDP6fVg Share your thoughts: How can financial institutions strengthen their AML controls? #FinancialIntegrity #AMLCompliance #RegulatoryEnforcement #MoneyLaunderingPrevention #FinancialCrimePrevention Engage with the post: Like Comment Share Follow me for more AML insights!

15

Maximum reimbursement to fraud victims by bank and payment companies reduced from £415k to £85k by the UK regulator. In the EU, the proposed PSD3 and PSR do not explicity put a limit but following comments from the EBA the texts have been amended to consider additional measures and to also include electronic communication providers to bear liability to prevent "spoofing" or impersonation fraud. #payments #regulation #PSR #PSD3 #fraud #liability

6

🚨 PSR Expands APP Fraud Reimbursement to CHAPS 🚨 📜 Overview of the New Policy The Payment Systems Regulator (PSR) is taking a significant step to combat authorised push payment (#APP) fraud by extending its reimbursement rules to the CHAPS Clearing Company Ltd. This move builds on the existing Bank of England requirements and will provide a more robust safety net for victims of #payment fraud across major UK payment systems. 🛡️ What This Means for Payment Security Starting on 7 October 2024, the rules that were initially designed for the Faster Payments Scheme Limited will also cover CHAPS. This extension aims to close the gaps that fraudsters exploit in high-value and time-critical payment transactions. Kate Fitzgerald, PSR Head of Policy, emphasized the importance of this expansion: "It is crucial that we provide consistent incentives across payment systems to ensure everyone does their best to tackle scams." 💡 Key Takeaways and Industry Impact 👉Unified Approach Across Payment Systems By aligning the #FPS and #CHAPS rules, the #PSR ensures that customers receive consistent protection, making it harder for criminals to shift their fraudulent activities between systems. 👉Increased Responsibility for Payment Firms Payment firms must adapt to these changes by enhancing their fraud detection and prevention strategies. Christine Reisman, Managing Director at Protiviti, pointed out that adopting risk-based approaches will be essential for navigating this new landscape. 👉 Broader Implications for Social Media and Tech The role of social media in perpetuating fraud is under scrutiny. Stakeholders like Riccardo Tordera-Ricchi from The Payments Association call for a broader focus that includes Big Tech, highlighting the need for comprehensive strategies encompassing all platforms involved in financial transactions. 🌐 Global Leadership in Fraud Prevention The PSR's proactive measures set a global standard in the fight against payment #fraud. This policy protects consumers and encourages payment service providers to enhance their anti-fraud measures, contributing to a safer financial environment for all stakeholders. 🔄 What’s Next? The PSR is finalizing its consultation on this policy extension and plans to publish its specific direction in September 2024. With the implementation date set for the same day as FPS, the industry is urged to effectively prepare to meet these new requirements.

12