Illustration of Swedish banks facing greater liability for authorized push payment fraud

Every holiday season, consumers worldwide rush to stores, scour websites, and enroll in buy now pay later (BNPL) plans to get last-minute gifts. Meanwhile, fraudsters are doing a different kind of shopping. Thanks to authorized push payment (APP) fraud and scams, fraudsters can quickly profit from the swirl of holiday activity, leaving consumers on the hook for financial losses. Now, a group of Nordic banks is preparing to join a growing group of banks worldwide that will assume liability for fraud and scam losses. 

This shift in liability follows a decision by Sweden’s Supreme Court earlier this year. In June 2022, the Court ruled that a bank customer who was deceived into sharing his BankID information with a fraudster acted “negligently” in 2018. However, the Court also found the victim didn’t knowingly share his information with an unauthorized figure. Under the Payment Services Act, the consumer was found liable for only SEK12,000 ($1,164 USD). The victim’s bank was forced to pay back SEK385,000 ($37,000 USD) to the customer.

Here’s why Sweden’s Supreme Court ruling is significant.

Shifting Liability for Authorized Push Payment Fraud 

Other Swedish scam victims shared similar stories. Victims are often called “negligent” and forced to take the full brunt of the financial losses. The Supreme Court’s recent ruling clarifies how consumers should be protected from scam liability under the consumer protection laws passed by the Swedish legislature. It also puts the burden of proof on banks to demonstrate if consumers act irresponsibly and if this makes them liable for all or some of their losses. This paves the way for thousands of Swedish consumers to get refunds from their banks and get some of their money back.

BankID fraud is significant in Sweden. One bank found profits from fraud increased by 186% in the first half of 2021 compared to the same period a year earlier. Approximately 11,600 reports of vishing attempts where fraudsters attempt to trick customers into revealing their BankID were reported in 2021. This is a jump of 108% from last year, according to figures from NOA’s National Fraud Center.

A Global ‘Scampocalypse’

The global scam threat is so serious that at least one report describes the moment as a “scampocalypse”. Nordic banks are joining a growing chorus of other financial institutions who are taking similar measures to accept greater liability for mounting APP fraud and scam losses.

Data from UK Finance confirms that APP fraud remains a top tactic for fraudsters. Losses from APP fraud reached £249.1 million in the first half of 2022. While this figure represents a decline in APP fraud, it remains a serious concern for the UK banking sector. 

In the US, the person-to-person network Zelle has come under fire from some lawmakers who found nearly $214 million was lost to scams in 2021 and in the first half of 2022. The US Consumer Finance Protection Bureau faces pressure to step up its regulations and cover scam victims. Scammers usually trick victims into sending money using a combination of social engineering and high-pressure tactics. All it takes is a few taps on their smartphone screen. 

Prepare for Greater Authorized Push Payment Liability

Sweden is currently leading the push to accept greater fraud liability for customer losses due to APP fraud and scams. As Sweden implements these changes, neighboring Nordic banks are expected to follow suit.

This forthcoming shift in liability will mean big changes for the Nordic banking sector. Banks will need to do more than protect themselves from authorized push payment fraud. They will also need to protect consumers from falling victim to different types of scams. This includes romance scams, elder fraud, purchase scams, and more. Others will use social engineering scams to pretend to be a representative of their victim’s normal bank. They’ll come up with an elaborate story like, “We think your account is compromised. Please move your money to a different account while we sort it out.”

4 Steps Nordic Banks Can Take to Protect Customers from Authorized Push Payment Fraud

Here are a few steps Nordic banks can take to protect their customers.

Appoint a ‘Profit Officer’

In the age of a “scampocalypse,” fraud losses are revenue losses. This means fraud prevention is profit generation. Banks should consider rebranding the traditional role of the fraud prevention officer into something more suited to this reality. Instead, name a “profit officer” who is responsible for more than overseeing fraud prevention at the organization. This person shares the responsibility of generating profits and revenues for the bank.

Minimize Customer Friction

As banks assume greater liability, they will need to implement greater fraud prevention and detection controls. Banks don’t want to invest in a solution that fails to catch fraud and results in losses. But at the same time, banks can’t afford to add friction to the customer journey. Today’s customers expect to be able to transact with ease using any payment method available (credit cards, BNPL, digital wallets, and more). Customers will get frustrated if they are unexpectedly asked for verification while they’re making a purchase online or in person. If they experience too much friction they may consider switching to another bank. Banks must ensure they understand each user’s risk level and have the right tools in place to protect consumers and their money from fraud and scams. They must also focus on allowing trustworthy customers to complete their purchases while blocking high-risk transactions. 

Train Bank Staff

Fraudsters are adept at tapping into everyday peoples’ fear and greed to lure them into authorized push payment scams. They use high-pressure tactics pretending to offer victims a chance to double or triple their investment if they act immediately. With the rise of real-time payment networks and faster payment options like Zelle, Venmo, and WhatsApp, fraudsters can profit faster than ever. To prevent fraudsters from profiting faster, banks should train their staff to understand different fraud methodologies and how to respond accordingly. Communicate the latest fraud and scam trends with staff to ensure they know how different types of fraud work and when to intervene to protect customers. Equip them with artificial intelligence (AI) and machine learning solutions to help them move away from manual processes and detect fraud more effectively. 

Work with an Experienced Fraud Prevention Partner

Of course, banks have bigger priorities than understanding the different fraud tactics that bad actors use. Most bank leadership would rather focus on scaling, expanding their customer base, and rolling out new financial solutions. That’s why it helps to work with experienced partners who understand the fraud landscape and can respond to new fraud threats as they emerge. 

With this shift, banks will give their customers one of the best gifts they could ask for: relief from scam liability. Protecting customers from scammers is likely to help spread holiday cheer. But it’s not the end of the story. Taking these extra will go a long way toward leaving fraudsters with a lump of coal for being so naughty.