Microsoft withdrew its support for IE11 on 15 June 2022 and the IE11 desktop application is now out of support. You should make changes to avoid interruption in accessing Bacs and Pay.UK websites. We recommend installing the latest version of Microsoft Edge or Google Chrome. Visit IE11 withdrawal - impact on Bacs for information on how this may affect your access to the Payment Services Website.

Pay.UK and UK Finance convene Phase 2 of the Enhanced Fraud Data standardisation work

The Authorised Push Payment fraud challenge

APP fraud losses were £355.3 million in 2021 and over £249 million in the first half of 2022.

Criminals are continuing to adapt their methods to carry out this type of fraud and their victims are sometimes losing life-changing amounts of money. It is vital that the industry comes together to tackle APP fraud head-on.

The challenges with Data Sharing and how Data Standardisation helps

Data sharing is one of the key approaches for addressing APP fraud.

At Pay.UK, we have taken great strides to improve the way that data sharing happens, which has resulted in greater industry collaboration in this space.

But there are challenges. Effective data sharing can encounter many obstacles, from legal and regulatory issues to difficulties with cost and management.

One particular aspect that slows down information exchange is the level of manual adjustment and correction that needs to be carried out on the data when it is received. This results in organisations investing significant amounts of time and cost before the data is actually usable by the recipient. This has a particular impact when it comes to combatting fraud, as any necessary adjustments can slow up information sharing between banks, delaying the identification and management of suspect payments.

‘Standardisation of data’ is a solution that can address this challenge. If all parties agree how the information being exchanged should be structured, it ensures that a sender and receiver will have the data in exactly the same format.

Standardisation also includes agreeing and universally defining the specific usage of a data field. An example is determining how long a customer has been with a particular payment service provider. The ‘length of this customer relationship’ could be defined either as ‘the time from when the first product was provided to the customer’ or ‘the time from when the customer held a bank account’ – both definitions could have quite different timeframes, so agreement is needed as to what precisely constitutes the length of this relationship.

Pay.UK is the mandated standards setter for UK retail payments, so we can play a vital role within the payments industry by convening the appropriate stakeholders to help make these choices.

Pay.UK and UK Finance coordinating the Enhanced Fraud Data Standards Group (EFDSG)

In 2021 we established the Enhanced Fraud Data Standards Group with UK Finance. We are aiming for this group to provide technical standards expertise and support in the development of a data standard to enable the sharing of enhanced data between financial institutions.

We completed Phase 1 of our Enhanced Fraud Data standards work with UK Finance in February 2022. Strong input and collaboration from many industry specialists helped us determine several key pieces of data that could be used by economic crime specialists to identify suspect payments sooner.  This allowed us to develop a logical data model, which is a consistent approach for managing and organising this information.

We are now commencing Phase 2 by defining the structure and usage of specific data fields that have been identified as ‘fundamental’ by those economic crime specialists working with UK Finance. We anticipate that this will result in the delivery of associated technical documentation (e.g. schemas and Implementation Guides) that can be consistently used by organisations wishing to share the agreed ISO 20022 data.

We aim to complete Phase 2 in the early part of 2023, at which point we will share this work for wider industry consultation and consideration.