Original URL: https://www.theregister.com/2013/08/29/fca_identifies_screen_size_risks_associated_with_mobile_banking_and_payments/

Finance watchdog: Big fingers + tiny mobe screen + banking = doesn't end well

I meant to send £100 to 'The Dev', not £1,000 to Silent Kev

By OUT-LAW.COM

Posted in Personal Tech, 29th August 2013 06:58 GMT

Companies providing mobile banking services must consider how to overcome limitations in mobile device screen sizes in order to help consumers avoid making erroneous payments, the Financial Conduct Authority (FCA) has said.

In an interim report (12-page/724KB PDF) it published as part of its ongoing review into mobile banking, the FCA flagged up a number of risks associated with carrying out banking and payment activity on mobile phones and called on companies involved in providing such services to help tackle and resolve those risks.

One of the issues raised by the regulator was in relation to challenges presented by small screens and keypads on mobile devices.

"While many of these services are relatively new, there is a greater chance that consumers may encounter difficulties using mobile banking, compared with more traditional services," the FCA said. "This could result in consumers making errors, such as paying the wrong recipient or entering an incorrect amount."

"Mobile phones, with their smaller screens and limited keypad, may make these errors more likely, therefore it is important for us to understand how firms are mitigating this risk. We also want to understand whether firms have appropriate processes in place to resolve mistakes if they do occur," it added.

The FCA also raised concerns about the potential for fraud, the risk to data security and the potential for service disruption around mobile banking services.

In addition, it warned that companies face challenges when using third-party providers to deliver mobile banking services and said that companies also need to take steps to meet anti-money laundering rules after identifying potential problems in the verification of payments made via mobiles.

"For firms to comply with their legal and regulatory requirements they must have systems and controls in place to identify, assess and mitigate the risk of financial crime," the FCA said.

"Mobile banking and payments are new services for firms and consumers to access and transfer funds. Therefore we need to ensure that firms have proportionate and risk-sensitive systems and controls in place.

"From our research, we believe this is especially relevant for mobile banking services that are not linked to the customer’s current account. We will consider the extent to which firms should carry out additional checks to verify the identity of the payee and recipient. Mobile banking may also make it challenging for firms to identify and report suspicious transactions," it said.

"We have seen firms take measures to prevent the risk of money laundering through mobile banking and we know that having robust systems and controls can be an effective mitigant against such risks. It is important that these risks are adequately mitigated, especially where firms are moving into more advanced forms of mobile banking, such as facilitating overseas payments," the regulator added.

Banking law expert Tony Anderson of Pinsent Masons, the law firm behind Out-Law.com, said that advancements in technology present a regulatory challenge to banks. He predicted that new product designers will work more closely with in-house compliance and legal teams at banks when developing new mobile banking and payment services now that the FCA is taking a greater interest in the area.

"Changing technology presents both opportunities and threats to banks," Anderson said. "Mobile banking is a feature increasingly demanded by consumers that want the ability to transact on-the-go at a time of their own convenience and banks that get their mobile banking services right, through apps and other software, stand to gain a competitive advantage."

Anderson added: "At the same time, banks need to be sure that they meet all their regulatory obligations when providing services via this evolving technological landscape. How can they be sure, for example, that they can comply with rules around data security when new devices are launched to the market or when users change between handsets?

"The FCA’s review will prompt banks to assess their arrangements with third parties. They will want to ensure that their arrangements with both device and product providers address issues such as the liability for outages and other technological glitches that impact on mobile banking consumers."

The regulator said that it will now analyse how a sample number of mobile banking service providers meet the challenges it has identified in order to establish whether they are "meeting our expectations and treating their customers fairly".

As part of this testing, the FCA said it would evaluate the strategies companies have in place for mobile banking, including in relation to their decision making and product governance. It also plans to look at the way the providers design mobile banking products to see how they address risks that arise, as well as assess how the companies deal with complaints from mobile banking customers.

The FCA will also test whether the information companies are displaying to mobile banking customers is "clear, fair and not misleading, and whether the content is appropriately aimed at the target audience".

The regulator is due to publish a final report from its review before the summer next year.

Copyright © 2013, Out-Law.com

Out-Law.com is part of international law firm Pinsent Masons.