FCA has published a “Dear CEO” letter emphasising the work required to combat authorised push payment (APP) fraud. This follows the Which? super-complaint in September 2017, and the Payment Systems Regulator’s response in November.
FCA explains combating APP fraud and financial crime in general is a priority articulated in its 2017/2018 Business Plan. FCA hopes UK Finance’s voluntary APP Best Practice Standards will become an effective tool in tackling APP fraud and will be accepted on an industry-wide level to improve victim experience.
Within the context of the SMCR, FCA asks firms to consider the following:
- Which SMF holders are responsible for financial crime prevention?
- Are the responsible senior managers ensuring adequate measures are being taken to address APP fraud and other payment services fraud?
- If UK Finance Standards have been adopted, how are they to be incorporated into a firm’s policies, procedures, and target operating model?
FCA does not expect to have to take a rigorously interventionist approach to APP fraud because of expectations and requirements in the SMCR and in the COCON module of the Handbook, but will take further actions if needed.
FCA does not require firms to respond to the letter but warns it may wish to discuss it where it has contact with them in future.