Feeds

Finance watchdog: Big fingers + tiny mobe screen + banking = doesn't end well

I meant to send £100 to 'The Dev', not £1,000 to Silent Kev

Securing Web Applications Made Simple and Scalable

Companies providing mobile banking services must consider how to overcome limitations in mobile device screen sizes in order to help consumers avoid making erroneous payments, the Financial Conduct Authority (FCA) has said.

In an interim report (12-page/724KB PDF) it published as part of its ongoing review into mobile banking, the FCA flagged up a number of risks associated with carrying out banking and payment activity on mobile phones and called on companies involved in providing such services to help tackle and resolve those risks.

One of the issues raised by the regulator was in relation to challenges presented by small screens and keypads on mobile devices.

"While many of these services are relatively new, there is a greater chance that consumers may encounter difficulties using mobile banking, compared with more traditional services," the FCA said. "This could result in consumers making errors, such as paying the wrong recipient or entering an incorrect amount."

"Mobile phones, with their smaller screens and limited keypad, may make these errors more likely, therefore it is important for us to understand how firms are mitigating this risk. We also want to understand whether firms have appropriate processes in place to resolve mistakes if they do occur," it added.

The FCA also raised concerns about the potential for fraud, the risk to data security and the potential for service disruption around mobile banking services.

In addition, it warned that companies face challenges when using third-party providers to deliver mobile banking services and said that companies also need to take steps to meet anti-money laundering rules after identifying potential problems in the verification of payments made via mobiles.

"For firms to comply with their legal and regulatory requirements they must have systems and controls in place to identify, assess and mitigate the risk of financial crime," the FCA said.

"Mobile banking and payments are new services for firms and consumers to access and transfer funds. Therefore we need to ensure that firms have proportionate and risk-sensitive systems and controls in place.

"From our research, we believe this is especially relevant for mobile banking services that are not linked to the customer’s current account. We will consider the extent to which firms should carry out additional checks to verify the identity of the payee and recipient. Mobile banking may also make it challenging for firms to identify and report suspicious transactions," it said.

"We have seen firms take measures to prevent the risk of money laundering through mobile banking and we know that having robust systems and controls can be an effective mitigant against such risks. It is important that these risks are adequately mitigated, especially where firms are moving into more advanced forms of mobile banking, such as facilitating overseas payments," the regulator added.

Banking law expert Tony Anderson of Pinsent Masons, the law firm behind Out-Law.com, said that advancements in technology present a regulatory challenge to banks. He predicted that new product designers will work more closely with in-house compliance and legal teams at banks when developing new mobile banking and payment services now that the FCA is taking a greater interest in the area.

"Changing technology presents both opportunities and threats to banks," Anderson said. "Mobile banking is a feature increasingly demanded by consumers that want the ability to transact on-the-go at a time of their own convenience and banks that get their mobile banking services right, through apps and other software, stand to gain a competitive advantage."

Anderson added: "At the same time, banks need to be sure that they meet all their regulatory obligations when providing services via this evolving technological landscape. How can they be sure, for example, that they can comply with rules around data security when new devices are launched to the market or when users change between handsets?

"The FCA’s review will prompt banks to assess their arrangements with third parties. They will want to ensure that their arrangements with both device and product providers address issues such as the liability for outages and other technological glitches that impact on mobile banking consumers."

The regulator said that it will now analyse how a sample number of mobile banking service providers meet the challenges it has identified in order to establish whether they are "meeting our expectations and treating their customers fairly".

As part of this testing, the FCA said it would evaluate the strategies companies have in place for mobile banking, including in relation to their decision making and product governance. It also plans to look at the way the providers design mobile banking products to see how they address risks that arise, as well as assess how the companies deal with complaints from mobile banking customers.

The FCA will also test whether the information companies are displaying to mobile banking customers is "clear, fair and not misleading, and whether the content is appropriately aimed at the target audience".

The regulator is due to publish a final report from its review before the summer next year.

Copyright © 2013, Out-Law.com

Out-Law.com is part of international law firm Pinsent Masons.

Application security programs and practises

More from The Register

next story
iPad? More like iFAD: We reveal why Apple fell into IBM's arms
But never fear fanbois, you're still lapping up iPhones, Macs
For Lenovo US, 8-inch Windows tablets are DEAD – long live 8-inch Windows tablets
Reports it's killing off smaller slabs are greatly exaggerated
Microsoft unsheathes cheap Android-killer: Behold, the Lumia 530
Say it with us: I'm King of the Landfill-ill-ill-ill
Cheer up, Nokia fans. It can start making mobes again in 18 months
The real winner of the Nokia sale is *drumroll* ... Nokia
Seventh-gen SPARC silicon will accelerate Oracle databases
Uncle Larry's mutually-optimised stack to become clearer in August
EU dons gloves, pokes Google's deals with Android mobe makers
El Reg cops a squint at investigatory letters
Apple orders huge MOUNTAIN of 80 MILLION 'Air' iPhone 6s
Bigger, harder trouser bulges foretold for fanbois
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.