Authorised Push Payment Fraud TechSprint

In September 2022, the FCA and Payment Systems Regulator (PSR) jointly ran an APP Fraud TechSprint working collaboratively with industry participants to better understand:

• the technological solutions that might be available in the market
• the way in which useful data could be shared
• possible gaps and barriers in tackling fraud of this kind

The volume and variety of fraudulent activity in the UK is increasing, with APP fraud increasing year-on-year. Despite work by the payments industry to reduce APP fraud, in H1 of 2021, its value was 71% higher than the same period the year before, and exceeded the value of card fraud for the first time. Less than 50% of APP fraud losses were returned to consumers.

According to UK Finance members, there were 149,946 incidents of APP scams in 2020 with gross losses of £479 million.

This three-day in-person TechSprint was an opportunity to build on the important work already carried out by the FCA and PSR, and for industry to work collaboratively with regulators to develop innovative tech-led solutions that help identify and prevent APP fraud.

Focus of the event

The event focused on 3 use cases:

• Use Case 1: Real-time APP fraud prevention using new and existing technologies: what are the barriers and limitations to current (real-time) APP fraud prevention technologies and processes, and how might we encourage the firms we regulate to improve and adopt them?
• Use Case 2: Enhanced Data Sharing: how FS firms and multiple sectors can share data and relevant analytics, securely in real-time, to spot and prevent APP fraud?
• Use Case 3: Spotting fraud at source: communicating them to those in the chain, including PSPs so that they can take affirmative action and protect consumers.

On the afternoon of 29 September, the TechSprint teams shared their proposed solutions with a panel of expert judges and a global audience at our ‘Demo Showcase’.

There was also a keynote speech from Michael Levy, Professor of Criminology, and closing remarks from Jessica Rusu, Chief Data, Information and Intelligence Officer, FCA.

Reflections on the event

'In less than 3 days, teams had been formed, skills assessed, discussions and ideas developed, and then presented and reviewed. The event and collaboration reinforced ideas I have developed during my years in the industry, and helped me gauge industry support for potential solutions. I was pleased to find that not only were those ideas feasible, but there is appetite to build them and deploy them to protect customers.'
TechSprint participant

'There's no single solution, but what we learnt from collaborating with industry leaders, financial institutions, regulators and other solution providers was, there is so much more we can do.'
TechSprint participant

'This TechSprint was particularly exciting because it broke new ground in terms of achieving ambitions set out in our Data Strategy. The FCA, PSR and Smart Data Foundry collaboration on the provision of ground-breaking synthetic data sets, which provided the sprint teams with access to synthetic & pseudonymised personal data, bank records (from, transaction data, Telcom data, including text/call records, as well as multiple types of synthetic fraud in the data which covers both the perpetrator and victim.

This is another demonstration of how FCA Innovation is at the bleeding edge of technology and exploring new ways to tackle real world problems to protect UK consumers. Getting the agreements in place to gain access to these datasets was a monumental effort navigating data governance, legal and data delivery protocols. The learnings gained from this piece of work will help with future innovation projects.'

Jessica Rusu, Chief Data, Information, and Intelligence Officer, FCA.