Follow us

ICYMI


UK

BoE: Minutes of CBDC Technology Forum meetings

The Bank of England (BoE) has published the minutes of the Central Bank Digital Currency (CBDC) Technology Forum meetings that were held on:

PSR: APP scams – information on consumer communications for PSPs and 2023 performance report

The Payment Systems Regulator (PSR) has published a document to facilitate compliance with Specific Direction 20 (SD20) which requires sending payment service providers (PSPs) to inform existing consumers of their rights under the Faster Payments Scheme (FPS) authorised push payment (APP) scams reimbursement requirement.

The document does not preclude any additional communications PSPs may wish to provide to their customers in relation to SD20. PSPs should also have regard to the Consumer Duty requirements and any other relevant regulatory obligations.

The PSR has also released the latest figures which track the performance of payment firms in tackling APP scams and reimbursing victims in 2023. Victims reported 252,626 cases of APP scams totalling almost £341 million during the year. It presents data, based on accounts held with the largest UK banking groups, on reimbursement to victims and money sent and received as a result of APP scams.

Overall, there was an improvement in consumer outcomes as reimbursement by value increased from 61% in 2022 to 67% in 2023. The report also found that that a small number of payment firms received a disproportionately high number of scams relative to their size. [1 Aug 2024] #APPFraud #Payments

BoE consults on approach to innovation in money and payments

The BoE has published a discussion paper setting out its proposed approach to innovations in the payments and settlement landscape. In setting out its approach, the BoE has considered the payments landscape in the round: retail and wholesale payments; central bank, commercial bank and other privately issued money; and domestic and international contexts.

The paper sets out: the financial stability risk appetite for wholesale settlement in central bank money; the approach to exploring innovations in wholesale central bank money; and outcomes which the BoE seeks in the retail payments landscape, in order to deliver trust and confidence in money.

The BoE also confirmed that it will engage closely with HM Treasury (HMT) to meet its ambitions for the UK payments landscape as a whole, following HM Government's (HMG's) confirmation of its intention to take forward a National Payments Vision.

Feedback on the proposed approach is requested by 31 October 2024. [30 Jul 2024] #Payments #DLT #DigitalSecuritiesSandbox

Law Commission: Digital assets as personal property – supplemental report and draft legislation

The Law Commission of England and Wales has published a supplemental report and draft Bill that, if implemented, would confirm the existence of a third category of personal property into which certain digital and other assets could fall.

In June 2023, the Law Commission published a report on digital assets which recommended legislation establishing the existence of a 'third category' of personal property rights, capable of accommodating certain digital assets including crypto-tokens. This supplemental report explains that recommendation and appends the draft legislation intended to implement the recommendation.

A fuller explanation of the policy and legal background can be found in the original consultation paper from 2022, and the 2023 report. This recommendation and the draft legislation are now being considered by HMG. [30 Jul 2024] #DigitalAssets


Europe

ESMA paper: DeFi – a categorisation of smart contracts

The European Securities and Markets Authority (ESMA) has published a working paper on the categorisation of smart contracts, which are computer programmes stored on the blockchain that run when predetermined conditions are met. They are designed to facilitate financial transactions among blockchain users without the need for trusted intermediaries that characterises traditional finance.

The paper aims to aid regulators and supervisors in understanding and monitoring the technological complexity created by smart contracts to systematically evaluate the risks to investors and financial stability stemming from decentralised finance (DeFi). [1 Aug 2024] #DeFi  #SmartContracts

ECB/EBA: Joint report on payment fraud

The European Central Bank (ECB) and the European Banking Authority (EBA) have published a joint report on payment fraud. The report assesses payment fraud data reported semi-annually by payment service providers (PSPs) across the European Economic Area (EEA) for a variety of payment instruments. It also provides more detailed analyses on specific topics such as the main fraud types and the application of strong customer authentication (SCA), as well as some geographical and country-level analyses.

The total value of fraudulent credit transfers, direct debits, card payments, cash withdrawals and e-money transactions in the EEA amounted to €4.3 billion in 2022 and €2 billion in the first half of 2023. Most payment fraud in terms of value was related to credit transfers and card payments, while card payments also accounted for most in terms of volume. [1 Aug 2024] #Payments #Fraud

ESMA: Opinion on global crypto firms using non-EU execution venues – MiCAR

ESMA has issued an opinion which addresses the risks presented by global crypto firms seeking authorisation under the Markets in Crypto-Assets Regulation (MiCAR) for part of their activities (crypto brokerage) while keeping a substantial part of their group activities (intra-group execution venues) outside the EU regulatory scope.

In light of the risks associated with global crypto firms’ complex structures where execution venues fall outside of the scope of MiCAR, ESMA recommends national competent authorities (NCAs) be vigilant during the authorisation process and assess business structures of global firms to ensure that they do not bypass obligations established in MiCAR.

The opinion calls for a case-by-case assessment, outlining the specific requirements that should be met regarding best execution, conflicts of interest, the obligation to act honestly, fairly and professionally in the best interests of clients and the obligation relating to the custody and administration of crypto-assets on behalf of clients. [31 Jul 2024] #Crypto #MiCAR

ACER: Open letter on the notifications of algorithmic trading and direct electronic access

The European Union Agency for the Cooperation of Energy Regulators (ACER) has published an open letter which clarifies the obligations for market participants to notify national regulatory authorities and ACER on their usage of algorithmic trading and direct electronic access.

The letter provides examples of activities that fall under the new notification obligations for algorithmic trading, helping market participants comply with the revised Regulation on Wholesale Energy Market Integrity and Transparency (REMIT). ACER aims to revise the existing guidance on the application of REMIT to incorporate the changes introduced by the revised REMIT by the end of 2024.

ACER also intends to publish an open letter in September 2024 to clarify the obligations detailed in Article 9(1) of REMIT, which require that non-EU market participants must designate their representative in the EU, as well as the obligations for persons professionally arranging or executing transactions. [30 Jul 2024] #AlgorithmicTrading 


Australia

Australian Assistant Treasurer speaks at National Press Club on scams

Stephen Jones MP, Australian Assistant Treasurer and Minister for Financial Services, has given a speech at the National Press Club in Canberra on measures against scams. Mr Jones noted the increasing prevalence of, and opportunity for, scams in a digital, globalised economy, and set out government actions and proposals to target and prevent scams. Policies canvassed include:

  • ongoing responses to a review of the Privacy Act 1988 (Cth), including stricter requirements over personal data and higher penalties for breaches;
  • the establishment of a National Anti-Scam Centre to enable greater real-time reporting of scams and information sharing between stakeholders;
  • an increased focus on prevention before scams succeed;
  • the establishment of 'fusion cells' targeted at particular types of scams (such as investment scams and employment scams); and
  • further tools for regulators to prevent or take down scam assets such as websites and phone numbers.

Future measures foreshadowed by Mr Jones include mandatory industry codes to mandate the addressing of vulnerabilities, and reform to the circumstances in which victims of scams can seek compensation.  [31 Jul 2024] #Fraud #Payments


Hong Kong

HKMA, Police and HKAB announce expansion of Suspicious Account Alert to internet banking and physical branch transactions, and other initiatives to protect customers from fraud risk 

The HKMA, in collaboration with the Hong Kong Police Force (Police) and the Hong Kong Association of Banks (HKAB), has announced that 32 banks and 10 stored value facility (SVF) operators will extend the coverage of the Suspicious Account Alert to internet banking and physical branch transactions with effect from 4 August 2024, to provide enhanced protection to customers against rising fraud risks.  

The Suspicious Account Alert, launched in November 2023 (see our previous update), warns customers of 'High Risk' of fraud based on information from the Police’s Scameter (a scam and pitfall search engine), and initially covered fund transfers using Faster Payment System (FPS) proxy IDs (such as mobile phone number, email address, and FPS Identifier).  As of end-June 2024, over 655,000 alerts were issued, with an average of 3,000 alerts per day.  

From 4 August 2024, the alert mechanism is extended to cover retail customers’ fund transfers at bank counters, and online fund transfers within the same bank or inter-bank/SVFs, using account numbers of the payees.  Customers will receive an alert message indicating a high fraud risk if the payee’s account number, mobile phone number, email address or FPS Identifier are labelled as 'High Risk' in the Scameter, regardless of whether the transfer is conducted at branch or through online channels.  Participating SVFs will implement a similar alert mechanism and provide relevant details to their respective customers. 

Two other new initiatives are also introduced to further enhance protection for bank customers: 

  • The 'Scameter+' mobile application will now provide more timely alerts of fraudulent bank websites or phone numbers.
  • To provide a more secure authentication method for customers using mobile banking apps in light of evolving malware threats, the authentication of online credit card transactions is required to be conducted via banks’ mobile banking applications instead of SMS one-time passwords.  [1 Aug 2024] #Fraud #InternetBanking #Payments

Sanctions update – Yemen

The SFC has issued a circular to inform licensed corporations, licensed virtual asset service providers and associated entities regarding two amended lists of 'individuals and entities' under sections 30 and 31 of the United Nations Sanctions (Yemen) Regulation 2019, which have been published on the website of the Commerce and Economic Development Bureau.

The SFC and the Insurance Authority have updated their webpages to reflect the above amendments.  [1 Aug 2024] #VATP #VirtualAssets

SFC warns public of suspected virtual asset-related fraud 

The SFC has warned the public of an entity operating under the name of 'Proxinex' for suspected virtual asset-related fraud.  It has posted Proxinex and its respective website on the SFC’s Suspicious Virtual Asset Trading Platforms  (VATP) Alert List.  

The SFC suspects that Proxinex recruited an agent to lure investors into depositing funds with Proxinex via dating apps.  The agent may have fabricated documents purportedly issued by a local financial regulator and a financial institution to embellish the agent’s personal profile. 

Investors reported difficulties in withdrawing virtual assets from Proxinex, and they were later told that their 'accounts did not exist' at all.  [29 Jul 2024] #VATP #Fraud #VirtualAssets


India

RBI: Digital payments – draft framework on alternative authentication mechanisms

The Reserve Bank of India (RBI) has published a draft framework on alternative authentication mechanisms for digital payment transactions as part of its drive to prioritise the security of digital payments. This draft framework contains proposals to widen the choice of authentication factors available to payment system operators (PSOs) and users.

Responses are requested by 15 September 2024. [31 Jul 2024] #Payments

RBI releases draft directions on due diligence of AePS touchpoint operators

As part of its work to enhance the robustness of Aadhaar Enabled Payment System (AePS), the RBI has published for feedback draft directions on due diligence of AePS touchpoint operators. The draft directions aim to streamline the process for onboarding of AePS touchpoint operators and on-going due diligence, with a view to combatting frauds perpetuated through AePS, such as identity theft or the compromise of customer credentials.

Responses are requested by 31 August 2024. [31 Jul 2024] #Payments #Fraud

RBI: Master Directions on cyber resilience and digital payment security controls for non-bank PSOs

The RBI has published Master Directions on cyber resilience and digital payment security controls for non-bank PSOs. The Master Directions include robust governance mechanisms for identification, assessment, monitoring and management of cyber security risks. They also cover baseline security measures for ensuring system resiliency as well as safe and secure digital payment transactions. [30 Jul 2024] #Cyber #Payments

SEBI launches SEVA chatbot for investors

SEBI has announced the launch of SEBI’s Virtual Assistant  (SEVA) – an Artificial Intelligence (AI) based conversation platform for investors. The Beta version of the chatbot includes features such as  citations for generated response, speech-to-text and text-to-speech functionality for accessibility, follow-up questions, and more. The chatbot is presently enabled to answer questions relating to general information the on securities market, the latest master circulars, grievance redressal process, among other topics.  SEBI intends to add additional areas in the future. [29 Jul 2024] #AI #SEVA

RBI: Digital payments Index

The RBI has published its Digital Payments Index (RBI-DPI) as at March 2024 (last published in September 2023), which captures the extent of digitisation of payments across India. The RBI-DPI index has increased across all parameters, driven by significant growth in payment performance and payment infrastructure across India over the period. [26 Jul 2024] #Payments 


Philippines

BSP: AFASA becomes law

The Bangko Sentral Ng Pilipinas (BSP) has announced that the Anti-Financial Account Scamming Act (AFASA) was signed into law on 20 July 2024. AFASA aims to combat financial cybercrimes, safeguard the interests of financial consumers, and uphold the integrity of the financial system. [1 Aug 2024] #Cyber 

BSP approves amended SEP guidelines under NRPS

The BSP has approved amended guidelines on the 'Settlement of Electronic Payments' (SEP) under the National Retail Payment System (NRPS) framework as part of ongoing efforts to ensure integrity and efficiency of the payment system. The amended guidelines require prior approval from the BSP for new rules or enhancements to the settlement of e-payments under the Manual of Regulations for Payment Systems (MORPS). The intention is to ensure that all enhancements to the settlement guidelines of automated clearing houses (ACHs) are thoroughly reviewed and approved by BSP prior to implementation.  [1 Aug 2024] #Payments


US

SEC charges crypto startup with fraud and unregistered offering of crypto securities

The SEC has charged a social media platform founder for perpetrating a multi-million-dollar fraudulent crypto scheme involving a social media platform and a native token of the same name. The SEC’s complaint further alleges that, to avoid regulatory scrutiny, the founder portrayed the social media platform and token as a decentralized project with “no company behind it … just coins and code,” and launched the project using a pseudonym to further this illusion.

According to the SEC’s complaint, starting from November 2020, the founder raised more than $257m from unregistered offers and sales of the token, while falsely telling investors that proceeds would not be used to compensate him or other social media platform employees. In reality, the complaint alleges, the founder spent more than $7m of investor funds on personal expenditures.

In a parallel action the U.S. Attorney’s Office for the Southern District of New York has announced charges against the founder. [30 Jul 2024] #Crypto #Fraud

CFTC: Federal Court orders El Paso man and his firm to pay over $31m for forex and crypto fraud

The CFTC has announced that the U.S. District Court for the Western District of Texas entered an order on July 9, assessing monetary relief totalling over $31 million against a crypto firm and its founder to pay, jointly and severally: over $6m in restitution to 199 defrauded victims; over $6m in disgorgement with dollar for dollar credit for any restitution payments to victims; and over $18m civil monetary penalty (which is three times the amount of unlawful gains from their fraudulent foreign currency (forex) and crypto scheme).

The initial consent order found the defendants engaged in a fraudulent scheme commencing in September 2020 and accepted more than $7.2m of investment funds from clients and paid bogus “investment profits” to other clients in a manner akin to a Ponzi scheme. The order found the they did not invest their clients’ funds as represented and instead used them to pay personal expenses.

In a parallel action, the Department of Justice (DoJ) charged the founder of the company with five counts of wire fraud. On February 29, the founder plead guilty to these charges and was sentenced to 84 months in prison and an additional three years of supervised release. He was also ordered to pay over $9m in restitution to victims. [26 Jul 2024] #Crypto #Forex #Fraud

Key contacts

Cat Dankos photo

Cat Dankos

Regulatory Consultant, London

Cat Dankos
Rashid Ahmed photo

Rashid Ahmed

FSR & CCI Professional Support Paralegal, London

Vasuki Balasubramaniam photo

Vasuki Balasubramaniam

FSR & CCI Professional Support Paralegal, London

Cat Dankos