In our previous blog, Jeny spoke about PSD2 as a revolutionary step in the world of fraud regulation. In a “faster payments” environment where customers are demanding access to the latest financial products as quickly and easily as possible, protecting customers against fraud is an increasing area of regulatory and media focus. The consumer protection agenda is further strengthened by the requirements PSD2 imposes on responding to and investigating potential incidents of fraud within a formal reporting framework.
The market changes that we anticipate as a result of PSD2 will likely create new opportunities for fraud because banks will be required to open up their infrastructure and allow third party providers access to customer account information. This will impact the visibility of banks when it comes to end-to-end transaction monitoring and will inevitably have an effect on their ability to prevent and detect fraudulent transactions.
However, there are a number of steps that banks can take in order to manage the changing fraud risk. A large part of the effort on the part both of banks and payment services providers will be to educate consumers so that they can make informed decisions about how they manage their own data, who they provide access to and how to spot potential fraudulent behaviour. Fundamentally, though, responding to the requirements of PSD2 and ensuring that customers are protected from fraud means that banks really need to understand both their customers’ needs and their behaviours.
In order to do this, current technology solutions need to be optimised for the new payments environment. From a technology perspective, institutions will need to adjust their systems or implement solutions to meet the key requirements under PSD2 for online channels transaction monitoring, including, but not limited to, device profiling (analysis of device details, location, possible malware infection) and use of different identity verification methods (PIN, passwords, fingerprints, facial recognition). Institutions need to be able to deploy real-time smart detection rules and to constantly check and monitor customers’ behaviour by analysing and properly scoring the risk associated with each transaction.
Investing in technology solutions from a PSD2 perspective can also have wider benefits in terms of managing other financial crime risks – for example AML transaction monitoring – thereby driving efficiencies throughout the financial crime framework and, potentially, improving the customer experience. There is a suite of new technologies on the market, which can help banks both map their financial crime obligations and highlight areas of risk. Investing in a suitable solution will help the overall management of the wider financial crime risks but the appropriateness of the solution needs to be assessed in the context of a firm’s existing systems and the output of its fraud risk assessment.
Forensic Accountant, PwC United Kingdom
Tel: +44 (0) 20 7213 2942