Oireachtas Joint and Select Committees

Wednesday, 24 May 2023

Joint Oireachtas Committee on Finance, Public Expenditure and Reform, and Taoiseach

Authorised Push Payments Fraud: Banking and Payments Federation Ireland

See the whole debate « Previous speaker Next speaker »

Mr. Richard Walsh:

The intention would be to have it open to anyone who has a legitimate interest, particularly in account opening. I refer to anyone who is opening accounts and needs to register a customer. They would often use documentation in a process that we call "KYC", know your customer. People would be familiar with the process whereby if they are opening a bank account, they have to present documentation such as a passport, utility bills and proof of address. What we are seeing with the shared fraud database is fraudsters will often either steal identities or forge these documents.

When they do that, they will then bring that set of forged or compromised credentials around to many banks and credit unions and An Post. They may even bring these credentials into mobile operators so they can get high-end phones on monthly repayments. The purpose of the shared fraud database is that if one of these institutions has a strong suspicion that such credentials are either compromised or forged, it can then register it on the central database. Any other institution will then be able to see this as a red flag. The instruction is to treat this with extra caution if an account is being opened.

I might add that there is a second-use case in this. It is quite common to hear stories of people who have been on calls with fraudsters for up to 40 minutes. The fraudsters will present themselves as being from a bank or financial institution. They will get copies of the customer's passport, utility bills and security questions and it is only after such a call ends that the customer will often realise something was off about it. He or she will then ring the bank and discover it was a call from a fraudster and not from that institution. In that case, the bank would be able to offer to place this customer and his or her details on the central database for protection against someone else opening an account in that name. The customer would be clearly marked as a victim and would not be treated in any negative way by any other institution. This is just for the customer's protection.

Comments

No comments

 

Log in or join to post a public comment.