2023 has proved to be yet another busy year in the payments arena. Operational resilience, generative AI, ISO 20022 and Authorised Push Payment (APP) fraud were all among the watchwords of the year. In this article, we reflect on these trends in more detail and set out what is in store for payments in 2024.
Authorised Push Payment Fraud
APP fraud continued to be a significant issue in 2023. Data from UK Finance shows that in the first six months of the year, there were 116,234 cases of APP fraud, up 22% on the first half of 2022. Individuals and businesses alike fell prey to these scams, with the value of cases amounting to £197m of personal losses and £43m of business losses. Indeed, all types of organisations, from utilities and charities to councils and corporates, are susceptible to this type of fraud for very different reasons. One growing challenge is the use of AI technology to clone the voice of trusted people, such as CEOs, to authorise large payments or transfers.
As we move into 2024, APP fraud will remain high on the agenda. For Payment Service Providers (PSPs), a key focus will be implementing the new reimbursement requirements from the Payments Systems Regulator (PSR). For any fraudulent transactions made using Faster Payments, PSPs will be obliged to reimburse individuals, charities and microenterprises within five working days, though the clock can be stopped if they need to gather further information. Most businesses, however, will not be protected by the new rules, so their focus will be on putting in place controls, such as Confirmation of Payee and more robust payment authorisation controls, to combat the risk of APP fraud.
Operational resilience and control culture
From a regulatory perspective, recent operational resilience requirements, such as those issued by the Financial Conduct Authority (FCA) and The Prudential Regulation Authority (PRA) in 2022 and the new Consumer Duty from the FCA have increased the focus on service delivery trust in the financial services space. In a now predominantly digital world, end users of banking and payment systems need to have confidence that their online services are reliable and delivered in a timely manner.
Financial services institutions are, therefore, being pushed to stress test their systems and ensure that better controls are in place to ensure resilience.
In the corporate world, the advent of new corporate governance reforms dubbed UK SOx for companies with more than 750 employees puts a greater emphasis on the need for stronger controls and preventative measures against fraud and operational risk. Due to come into effect in late 2024, the regulation will require companies to make fraud and resilience statements. As such, the coming year is likely to see considerable corporate effort expended on reviewing systems, identifying weaknesses, and seeking to automate processes where possible to reduce the risk of fraud and error.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below formBy GlobalData
Generative AI in finance
Generative AI has been one of the hottest topics of 2023 following the launch of ChatGPT. Both financial and non-financial organisations are interested in exploring the potential benefits of the technology, and in the world of finance, we can expect to see more proof of concepts testing how AI can be used to optimise payment workflows. However, the likelihood is that general corporate adoption of generative AI will outpace that of financial services institutions because they are not subject to the same level of regulation.
There are still multiple challenges to overcome.
Most generative AI technologies, having been trained on the Internet, are too generic to be applied precisely for finance use cases. And the option of training models on a corporation’s or FI’s own data is not as straightforward due to strict data protection requirements. Finally, there is also the potential for model risk and model bias to be considered; for example, if the training data is unrepresentative or of low quality, the output will similarly be biased and unreliable. The first real-world use cases of generative AI in finance are, therefore, most likely to be in customer servicing and addressing inbound queries, which are deemed safer applications of the technology.
Corporate ISO 20022 readiness
One theme that was noticeable by its absence in 2023 was the lack of action on the part of corporates to prepare for the adoption of the new ISO 20022 messaging format. Though still subject to some delays (for example, in the SEPA region), the transition to ISO 20022 is now well underway. Payment systems around the world are updating their infrastructure to move across the new format; this includes the UK, where the Bank of England updated its Real-Time Gross Settlement System, CHAPS, in 2023.
ISO 20022 is a much richer format, a major benefit that will allow additional information to be included within the payment message. From November 2024, the Bank of England will be mandating the addition of purpose of payment for all property transactions and expects to subsequently extend this to all CHAPS payments, while in 2025, it expects to mandate the use of structured addresses.
Practically speaking, these changes mean that corporates need to update their processes and systems to ensure they are collecting the relevant data and can move it between their enterprise resource planning (ERP) systems, bank portals, and other financial applications.
With little action having taken place in 2023, this needs to change in 2024. One incentive for corporates is that ISO 20022 presents a massive opportunity to improve processes and find efficiencies. For example, it can be a game-changer for reconciliation processing, with corporates able to significantly improve match rates with richer information. Yet, for the most part, corporates as well as their financial service providers appear woefully unprepared and will need to up their game in 2024 to improve their payment infrastructure.
Preparing for 2024
Corporate and banks in the UK have significant work to do in 2024. Systems and processes will need to be updated in readiness for the new ISO 20022 messaging format, as well as new regulatory requirements, such as UK SOx. There is also the role of generative AI to consider, as well as the growing challenge of APP fraud and regulatory requirements to counteract this. Yet, while there is a lot of heavy lifting to be done, there are also many opportunities to be found as we move into a new data-rich payment world and embrace the latest technology available.
Anish Kapoor is CEO, AccessPay