FCA starts review of risks in UK mobile banking market

28 August 2013

The UK regulatory body, the Financial Conduct Authority (FCA), has released a report detailing its initial findings into a review of the possible risks surrounding the UK marketplace for mobile banking services. The report examines the opportunities for better security, fraud and technology weaknesses, consumer awareness training and enhanced anti-money laundering (AML), with a view to helping banks design better systems in the future.

The FCA report looks at the entire mobile banking market, including banks and new entrants such as mobile network operators (MNOs).

The UK regulator plans to conduct a more detailed assessment of the assessment at the end of this year and to test a number of the available mobile banking services, with a full review to follow in H1 2014.

Commenting on the decision to probe the growing mobile banking arena, Clive Adamson, director of supervision at the FCA, said it is "an exciting development in financial services, with increasing numbers of consumers attracted to the convenience of banking on the move. With the market growing, now is the right time for us to take stock and, as part of the FCA's forward looking approach, to ensure that consumers are appropriately protected."

"We want to make sure that the industry knows exactly what we're looking into," continued Adamson, "and consumers have a clearer idea of some of the potential risks."

The five key areas of investigation will be:

• Fraud – the potential risk that fraudulent access to mobile banking accounts could result in customers being unable to access their money or make payments, resulting in financial loss, inconvenience and stress.

• Security – the potential risk of consumers receiving malware or a virus when downloading a mobile banking application.

• Technology risk/interruption to service – the potential risk of a systems failure or an IT problem preventing consumers from accessing their accounts.

• Consumer awareness and understanding – the potential risk that while services are new and consumers are less familiar with using them, it is more likely that payments will be made in error, such as paying the wrong person or paying an incorrect amount.

• Anti-money laundering systems and controls – the potential risk that mobile banking is used for the facilitation of money laundering activities, particularly where a mobile payment service is not linked to the customer’s current account and there aren’t additional checks to verify the identity of the payee and recipient.

Reaction and News Analysis
According to George Tubin, a senior security strategist with Trusteer, mobile banking continues to gain momentum, presently growing faster than any other delivery channel, but financial institutions (FIs) contemplating expanding their capabilities in this field should consider the evolving threats and examine the FCA report.

“Fortunately, new security measures are available to mitigate the risks associated with advanced mobile banking and payment features,” he says. “The key to protecting the mobile channel is to realise that it is deeply connected to the online channel … effective protection must consider risk indicators that span both channels and extend to both.”

Dorian Wiskow, client managing director for financial services at Fujitsu UK & Ireland, welcomed the FCA report by highlighting the importance of the sector. “Mobile banking offers the financial services community, especially retail banks, the opportunity to increase revenue, meet customers’ expectations and underpin investor returns – indeed research from Fujitsu last year showed that 64% of retail banks see mobile as important for customers and this will grow to 80% in three years.

“The FCA’s decision to review the banking sector’s ability to protect against the vulnerabilities that mobile banking brings, is therefore a positive move,” continued Wiskow. “Banks carry a weight of responsibility handling and processing such huge volumes of customer data and insight. Not having the correct infrastructure in place to protect this data - and ultimately their reputations - is a significant risk.”

Become a bobsguide member to access the following

1. Unrestricted access to bobsguide
2. Send a proposal request
3. Insights delivered daily to your inbox
4. Career development