The FCA has published a “Dear CEO” letter on authorised push payment (APP) fraud. The letter notes that UK Finance has developed a set of APP Best Practice Standards for sending and receiving banks when dealing with APP fraud. The FCA believes that industry–wide adherence to them could significantly improve the experience of victims.

The FCA would like firms to consider how they are tackling APP fraud within the context of the Senior Managers and Certification Regime (SM&CR) through the following questions:

  • which senior management function (SMF) holders have been allocated responsibility for the firm’s policies and procedures for countering the risk that the firm might be used to further financial crime, including APP fraud and other payment services fraud?
  • are these SMF holders ensuring that adequate measures are being taken to address APP fraud and other payment services fraud?
  • if the firm has committed to adopt the UK Finance standards, how will it incorporate them into its policies, procedures and target operating model?

Firms do not need to notify the FCA of the action they take in response to the above bullet points. However, the FCA may want to discuss these considerations in any future contact they have with firms.

View FCA “Dear CEO” letter on authorised push payment fraud, 31 January 2018