Page 75 - ITU-T Focus Group Digital Financial Services – Recommendations
P. 75
ITU-T Focus Group Digital Financial Services
Recommendations
Title of recommendation Coordination of risk management and fraud mitigation
Working Group Consumer Experience and Protection
Theme Fraud
Audience for recommendation Regulators
Regulators overseeing different aspects of the DFS market should coordinate efforts among themselves for risk
management and fraud mitigation, and they should coordinate with law enforcement agents such as police,
investigative bodies, and the prosecutorial authority. Regulators should also encourage DFS providers to col-
laborate on fraud detection and mitigation, such as through the establishment of a “Fraud Forum” or other
cooperation arrangements.
The World Bank/Bank for International Settlements report on Payment Aspects of Financial Inclusion (PAFI)
22
states that sound risk management, mitigation of fraud and abuse, and protection of consumers are key
supervisory and oversight considerations for retail payment services. These objectives are challenged by the
fact that DFS providers and their services may be subject to diverse forms of regulation and supervision, such as
telecommunications, banking, payments, and insurance. CGAP confirms that the increased number of entities
10
involved in delivering DFS may create gaps in oversight and accountability and elevate risks to customers. For
example, liability for the loss of customer funds due to fraud may be unclear due to the participation of several
parties (including agents) delivering the service. These risks may be heightened for inexperienced users of
financial services.
In light of the issues, regulators should formally coordinate oversight of DFS providers’ fraud mitigation and risk
management efforts to avoid gaps and inferior treatment for digital versus non-digital financial services. This is
in line with the G20 High-Level Principles on Financial Consumer Protection, which emphasize the need for
13
cooperation by regulators of different segments of the financial and non-financial (e.g., telecommunications)
sectors. Laws related to fraud and other criminal activities should also be adapted to the use of digital delivery
channels. In addition, regulators should seek ways to cooperate in DFS fraud detection and mitigation efforts to
develop a more complete picture of risks. This could include both formal information sharing agreements and
mechanisms such as working groups, conferences, and newsletters to learn about emerging risks and issues.
DFS providers should be encouraged to collaborate on fraud and security prevention, as well. CGAP reports
10
that Bangladesh, Pakistan, and Tanzania have formal industry discussion and coordination processes, and
Kenya holds forums for stakeholders to share and discuss market trends and issues such as fraud. The South
Africa Bank Risk Information Centre (SABRIC) is a consortium of four major banks working together to combat
bank-related crimes.
Another example of collaborative fraud prevention comes from Tanzania. CGAP reports that to combat SIM
10
card swaps, Tanzanian providers have imposed a quarantine period after switching SIM cards. During this time,
the mobile money PIN cannot be changed. Some use “IMSI locking,” which locks the SIM and blocks access
to the account until the customer has confirmed that the SIM swap was legitimate and has the SIM in hand,
at which point the new SIM will be linked to the account.
22 Committee on Payments and Market Infrastructures World Bank Group, (2015): Payment Aspects of Financial Inclusion https://
www. bis. org/ cpmi/ publ/ d144. pdf
69
