Fraud Trends and Regulations to be aware of in 2024

Our consultants work with a wide variety of businesses worldwide. Through the insights gained from client engagements and industry data, we have curated the foremost fraud trends and regulatory developments that will shape the financial security landscape in 2024.

Better Treatment of Victims – Push Payment Requirements 

The UK’s Payment Systems Regulator has taken a significant step in combating authorised push payment (APP) fraud by implementing a reimbursement system for victims, mandating banks and payment companies to promptly reimburse affected individuals. This new regulation, effective from 7 October 2024, comes as a response to the growing threat of APP fraud, where fraudsters manipulate victims into making payments.

Under the Payment Systems Regulator (PSR) mandate, all UK payment organisations are obligated to compensate victims of APP fraud, with a maximum reimbursement limit of £415,000 per case. Furthermore, payment organisations must ensure that reimbursements are provided swiftly, requiring them to process claims within five working days of the reported fraud.

This initiative not only aims to provide financial relief to victims but also serves as a deterrent to fraudsters, enhancing the overall security of the payment system.

Introduction of the Economic Crime and Corporate Transparency (ECCT) Act 2023

In the realm of corporate security, the imperative for companies to adopt proactive measures against fraud and mitigate risks has never been more pronounced. With internal fraud emerging as a pivotal concern, the introduction of the ECCT Act underscores the necessity for companies to assume accountability for fraudulent activities transpiring within their operations.

Moreover, transparency regarding the ownership structures of businesses is set to become a paramount requirement. Companies will face mounting pressure to disclose accurate information regarding their ownership, reflecting a broader shift towards greater transparency and accountability in corporate governance.

The Act will give Companies House the ability to enforce stricter controls governing the establishment and operation of companies within the UK, signalling a pivotal step towards bolstering regulatory oversight and safeguarding against fraudulent practices.

AI Technology

The escalating advances and widespread adoption of AI presents a burgeoning challenge, particularly when used for illegal activities. Deep fake technology, in particular, has emerged as a potent tool, enabling perpetrators to circumvent Know Your Customer (KYC) technologies through creation of false identities, whether entirely fabricated or by impersonating legitimate parties. Furthermore, AI facilitates the creation of remarkably convincing communication, luring unsuspecting victims into believing they are interacting with genuine companies and individuals.

In response to these evolving threats, there is a pressing need for developing solutions that harness generative AI to bolster risk management and investigative efforts. Such solutions aim to streamline processes by delivering summarised and enriched alerts, thereby enhancing productivity in threat detection and response. Additionally, leveraging generative AI could facilitate the creation of coherent, comprehensive, and compliant Suspicious Activity Reports (SARs), expediting the filing process and enabling more efficient regulatory compliance measures.

Online Payment Fraud

With the rapid expansion of online and e-commerce transactions, the prevalence of cybercrime is escalating, posing a significant threat to personal data security. This heightened risk increases the likelihood of personal information being compromised, thereby enabling perpetrators to exploit various fraudulent methodologies:

• Social Engineering – Fraudsters may use social engineering techniques to manipulate individuals into divulging sensitive information or performing actions that facilitate fraud. This could include impersonating trusted entities, such as banks, retailers or government agencies, to deceive victims.
• Identity Theft – Fraudsters can steal personal data to create false accounts for financial gain using tactics such as phishing, social engineering or data breaches.
• Account Takeover – In the same way, fraudsters may steal login credentials and so gain unauthorised access to individuals’ accounts. Once they have control of an account, they may engage in various fraudulent activities such as unauthorised transactions.
• Card fraud – Despite advancements in card security such as Stronger Customer Authentication, card-not-present fraud remains a concern. Fraudsters are using the same social engineering techniques as they use for APP fraud to manipulate customers into making card payments. 
• Mobile Payment Fraud – As mobile payment usage increases, fraudsters may exploit vulnerabilities in mobile apps or devices to commit fraud. This could include malware targeting mobile devices, SIM swapping, or unauthorised access to mobile wallets, as well as using social engineering techniques.
• Ransomware/Cyber Extortion – Cybercriminals may target businesses and individuals with ransomware attacks, encrypting data and demanding payment for its release. Cyber extortion schemes could also involve threats of data exposure or distributed denial-of-service (DDoS) attacks unless a ransom is paid.
• Synthetic Identity Fraud – Fraudsters may create synthetic identities using a combination of real and fictitious information to open fraudulent accounts or obtain credit. This type of fraud can be challenging to detect since the identities may not correspond to real individuals.

Conclusion

To effectively combat fraud, it is imperative for both businesses and individuals to stay informed about emerging threats, as well as new legal and regulatory requirements in order to safeguard sensitive information, customers and financial assets. 

Adopting a proactive approach is paramount. Conducting regular gap analyses to identify vulnerabilities, staying ahead of potential threats and keeping abreast of new laws and regulations is vital. AJC, with its wealth of experience and expertise, is able to assist companies in navigating these challenges and help guide them towards resilience.

Please contact us on 020 7101 4861 if you think we can help.

Image accreditation: Steve Johnson (2023) on Unsplash.com. Last accesses on 20th March 2024. Available at: https://unsplash.com/photos/a-computer-circuit-board-with-a-brain-on-it-_0iV9LmPDn0