Tackling APP Fraud Through Cross-Industry Collaboration
In September 2022, the Financial Conduct Authority (FCA) and the Payment Systems Regulator (PSR) hosted a joint TechSprint to address the rise of Authorised Push Payment (APP) fraud across the UK’s financial ecosystem.
Outcomes
15
Cross-Sector Participants
3x
Faster Fraud-Alert Generation
4 week
Prototype Delivery
2x
Increase in Detection Model Accuracy
Technology Vendors Suited to Evaluation
Business Problem
Authorised Push Payment (APP) fraud remains one of the most persistent threats in UK payments. Fraudsters exploit the instant and irreversible nature of real-time transfers, costing consumers and banks millions each year.
Traditional fraud detection is fragmented – banks, telecoms, and payment providers each hold partial data, making it difficult to identify scams before funds leave an account. The result is a widening gap between payment speed and fraud response capability.
Challenges
- Data fragmentation: Limited visibility across banks and telecoms prevents early fraud detection.
- Privacy and interoperability: Data-sharing mechanisms must balance compliance, consent, and operational feasibility.
- Reactive detection models: Existing fraud systems trigger alerts after the loss, not before.
- Slow innovation cycles: Regulatory testing environments are complex and time-consuming to set up.
- Consumer trust: Growing concern over reimbursement and liability weakens confidence in real-time payment systems.
From Idea to Evidence with NayaOne
The TechSprint set out to prove that real-time collaboration between banks, telecoms, and regulators could materially reduce APP fraud risk. Using NayaOne’s sandbox, participants accessed shared APIs, pseudonymised and synthetic datasets, and pre-integrated RegTech tools to build and test fraud prevention prototypes safely within days, not months.
Key testing activities included:
- Designing behavioural anomaly and transaction pattern models using synthetic payment data
- Simulating real-time data exchange between banks and telecoms under FCA supervision
- Prototyping live alerting and data-matching tools that flag potential scam payments before execution
- Validating interoperability and data privacy standards within shared infrastructure
- Demonstrating end-to-end traceability from detection to regulatory reporting
The sprint validated that cross-industry data sharing, when executed in a sandboxed environment, can accelerate innovation and improve fraud response. The collaboration between regulators and industry produced tangible, measurable progress.
Impact Metrics
PoC Timeline Reduction
4 weeks with NayaOne vs 6 - 9 months traditionally
Time Saved in Vendor Evaluation
1+ year
Decision Quality
Higher confidence in data-sharing feasibility and privacy models validated through sandbox evidence
KPIs
- Fraud detection speed: Time taken to identify and flag suspicious APP transactions
- Detection accuracy: Percentage of true positives vs false positives across test datasets
- Data-sharing latency: Time between event occurrence and alert transmission across participants
- Regulatory compliance validation: Success rate of privacy and data-handling checks during tests
- System interoperability: Number of APIs and datasets integrated across telecoms and banks
- Innovation cycle reduction: Time saved compared to traditional regulatory testing approaches
Explore How Regulators and Industry Are Redefining Fraud Prevention
See how the FCA and PSR used NayaOne’s sandbox to bring banks, telecoms, and data providers together – co-developing real-time fraud detection models that improve speed, accuracy, and collaboration across the financial ecosystem.
