A thought on the PSR’s recent statement on APP reimbursement policy:
Under the Consumer Standard of Caution, “consumers should have regard to interventions made by their sending PSP […] those interventions must clearly communicate the PSP’s […] assessment of the probability that an intended payment is an APP scam”. Should the
consumer not meet this standard with gross negligence, they would not be eligible for reimbursement from their bank.
At first, it might seem that the natural response for the banks would be to lower the threshold on their transaction monitoring systems to increase the volume of “targeted interventions” of high-risk payments. The rationale being that at the cost of more friction
(albeit targeted) for customers, the bank would reduce its liability for APP fraud reimbursement. However, the PSR has put tremendous effort into the new regulation – making it extremely unlikely that they would let banks “off the hook” so easily.
Might then the PSR require banks to explain to the customer why they intervened with their requested payment? Possible. But this would be difficult as well. First, ML models used at the Sending PSP are based on a variety of features that would probably not
sound very convincing to a customer – imagine the following warning: STOP! Suspected SCAM! Given your age, the cadence of logins on your device, and the median outbound payments of your account in relation to your customer class, this payment has a likelihood
of 83% of being fraudulent. Although it might actually be true, it doesn’t do the job of “breaking the spell”. Worse, it would be outlining the parameters of victims’ accounts that scammers need to avoid to evade detection.
Another possibility would be to refer the payment to the fraud prevention team at the bank for further analysis. They would then be able to speak to the customer to better understand the context of the payment. This could potentially work, but it would generate
an immense workload for the back office at the bank. Difficult to sustain over time.
The PSR is hoping this unprecedented piece of regulation will push banks to be super creative. I peronally believe that banks will stand up to this challenge, and will partner with innovative fintechs in order to do so. It's going to be fascinating to watch
how things unfold within the UK banking ecosystem between now and the October 2024 deadline, and whether the PSR's regulatory stance will be adopted globally.