How might the legislative clampdown shift money mule tactics?

In June, the Payment System Regulator (PSR) settled months of frantic speculation surrounding the Financial Services and Markets Act. As predicted, legal obligations will extend to mandatory reimbursement of APP (Authorised Push Payments) fraud losses originating within Faster Payments. Financial liability will be split 50:50 between the sending and receiving PSP, with no genuine victim disadvantaged.

The new standard - which legally comes into effect on 7th October 2024 - constitutes the most drastic shake-up in the bill’s 23-year history and will fundamentally change how banks do business. 

But revolutionary as it is, the Financial Services and Markets Act is just one turning point in a shifting landscape. There is also the much-debated Economic Crime and Corporate Transparency draft Bill, which if passed will force an overhaul of fraud money laundering prevention procedures.

In short, Faster Payment processors have much to think about: for a start, whether their fraud prevention measures and partners are fit for purpose. Keep reading to learn how you can adapt.

• Why APP Scammers Will Not Settle for Less [Skip ahead]
• How Might APP Fraud Evolve Following Legislative Clampdown? [Skip ahead]
• We Must Reframe How We Think About Mules [Skip ahead]
• Is It Possible to Predict a Would-Be Mule? [Skip ahead]

Why APP Scammers Will Not Settle for Less

Just as proactive PSPs keep close watch of developments, so do the fraudsters who profit from weak links. Criminals know that the 50:50 mandatory reimbursement will trigger tighter measures and smarter strategies to reduce APP fraud – cutting off their illicit cash flow in the process.

Fraudsters simply will not accept this. And if necessity is indeed the mother of invention, we can expect disarmed and desperate criminals to get creative quickly. As additional bills pass through Parliament, we will unfortunately see the cycle of uncertainty perpetuate.

How Might APP Fraud Evolve Following Legislative Clampdown?

Although APP fraud could always be for the sole benefit of the receiving account, it is more often associated with money mules. The receiving account is one touchpoint in a larger, sophisticated fraud agenda.

Through scams (impersonation, romance, confidence, investment, etc.), a payer becomes an intermediary to transfer funds acquired through illegal activities – intentionally or accidentally becoming a money mule.

Given that so-called “mule herders” leverage social engineering and target “clean” accounts, money mules are difficult to detect without the best-syndicated data and ML models.

As a result, Synectics Solutions predicts that the legislative clampdown will preface a rise in the incidence and sophistication of money mule fraud. For example, we expect fraudsters to:

• Coerce victims to deposit funds into crypto wallets or transfer money to websites. As legislation applies to Faster Payments only, fraudsters may shift towards e-commerce or card transactions that bypass prevention techniques built into Faster Payments.
• Play a longer game to lessen abnormalities in transaction history by investing more effort into social engineering.
• Diversify psychological triggers to target atypical mule accounts (at present, those aged 18-25 are favoured).
• Use a wider cybercriminal network to maliciously obtain information about how the latest fraud and money laundering solutions work.

We Must Reframe How We Think About Mules

Post-financial Services and Markets Bill, the risk of failing to prevent APP fraud has taken on an entirely different tone.

The 50:50 sending and receiving mandatory liability means colossal reimbursement bills, regulatory penalties, and a reputational hammering for those who do not keep pace. After all, current processes focus on identifying rather than predicting mule accounts. How can PSPs realistically avoid liability payments?

Synectics Solutions believes the answer lies in rethinking how we approach APP fraud prevention entirely – whether associated with money mules, impersonation, account takeover, or other malicious activity.

Is It Possible to Predict a Would-Be Mule?

As implied, Synectics Solutions proposes a shift towards prevention which until now, has been notoriously challenging due to the characteristics of APP fraud. However, as demonstrated in a recent Proof of Concept with EY’s Fintech Lab, prevention is now possible, and every PSP can benefit.

By leveraging National SIRA, a supervised mule-specific Precision Machine Learning scoring model, and continuous risk screening, Synectics Solutions has determined characteristics associated with accounts most likely to become money mules in the future.

This means that risk can finally be isolated at the point of application, not just within transactions. From here, PSPs can protect against losses through fair decisioning and monitoring, while fast-tracking good customers and fuelling growth in a climate of legislative clampdown.

To learn more about developing a mule-orientated fraud strategy, contact a Synectics Solutions consultant here.