Why more time to investigate APP fraud is the first of many changes

Earlier this week, the UK Government announced new rules that could see bank transfers delayed by up to four days. The plans are the latest legislative mechanism designed to combat APP scams, and follow provisions laid out in the Economic Crime and Corporate Transparency Bill.  As a result, Payment Service Processors (PSPs) may be granted vital additional time to investigate suspected fraud.

APP scams, which in 2022 cost victims a staggering £485m and accounted for 40% of fraud losses, have dominated banking headlines since mandatory reimbursement was announced. In the period since, PSPs have been exploring a feasible means of intercepting significantly more APP fraud within the 24 hours currently permitted.

Therefore, the Government’s decision marks a success for fraud leaders and in particular, UK Finance. Both voices have long maintained that delaying potentially fraudulent transactions before processing is key to achieving better outcomes for APP scam victims – who are often caught in complex social engineering traps.


Critical hours to break the coercion spell


The draft legislation encourages PSPs to use their extended hours to run enhanced screening and verification checks, for example when a customer’s financial activity appears abnormal.

If an illicit transaction is suspected, a 72-hour window allows fraud teams to investigate in far more detail than is possible at application or onboarding stages. For example, using SIRA – Synectics Solutions’ industry-leading risk intelligence sharing platform – to conduct a deeper dive. Organisations are also advised to contact customers and if necessary, law enforcement, to break the coercion spell before funds are permanently lost.

In theory, with additional hours, advanced detection tools and syndicated data sources, fraud teams could tackle substantially larger volumes of high-risk cases. However, there is a broader context to consider, whereby APP scams are potentially resistant to 72-hour investigative windows.

When app scams meet money muling


Vulnerability is best illustrated by money muling, an organised crime typology which often leverages push payment tactics to fraudulently authorise transactions.

Money muling is surging within at least two high value banking demographics and is increasingly challenging to intercept. This is because the smartest money mules operate with a subtlety which means they may not be flagged at all. Take Synectics Solutions’ post-application money mule analysis, which revealed that:

  • The median time for an account to engage in mule activity is 8 months
  • Mules offend on average 3.6 times across institutions
  • Due to a long dormant period, 75% of mule accounts would be missed should SIRA users only run a 90-day retroactive check.


Operating within the grey areas


These findings indicate that mules are successfully crafting a façade of normality. Repeat offending is particularly strong evidence that mules are exploiting gaps in risk intelligence sharing between PSPs and typical on-book screening schedules.

In a similar vein, the average would-be mule account passing under the radar for eight months suggests that need-to-know risk events must be urgently reviewed, with on-book parties being continuously screened with the same diligence as new customers.

Deciding what these new need-to-know events are may also be challenging with traditional tools. The drawn-out lead up to mule activation, paired with close associations between clear and fraudulent accounts, shows that muling in 2024 is deliberately convoluted – and bypassing many manual analyses and traditional processes.


Practical solutions to new legal powers


Banks being granted an additional 72 hours to delay payments where APP fraud is suspected is an unequivocally positive step. This exceptionally harmful fraud – and its intrinsic connection to money muling – is deservedly back in the legal spotlight and should trigger a wave of action from PSP fraud leaders.

However, as with the Economic Crime and Corporate Transparency Bill, having new legislative powers is not the same as having a practical solution to the problem. Alongside embracing new powers to delay potentially illicit transactions, PSPs must explore how they can:

  • Establish a culture of intelligence sharing, centred on risk data syndication and collaboration between PSPs, such as what is possible with the SIRA platform
  • Implement continuous on-book screening for need-to-know events that may shift risk levels and necessitate additional checks or restrictions
  • Explore how Machine Learning models – fed with authoritative point of application and on-book data – can better detect subtle, evolving behavioural patterns that indicate future fraudulent intent


Synectics Solutions is developing a market-first post-application solution that is capable of predicting accounts likely to engage in money muling activity in the future. To learn more about the solution, and how you can develop a mule-oriented fraud strategy, contact a consultant here.


Time to connect