The Bank of Ireland UK has been issued a substantial financial penalty of £3,779,300 by the Payment Systems Regulator (PSR) for failing to implement a critical anti-fraud service on time. The bank missed the regulatory deadline by more than a full year, exposing customers to heightened risks of financial scams and misdirected payments.
Regulatory Breach and Financial Impact
According to the PSR, Bank of Ireland UK was directed to have a system in place for sending and receiving confirmation of payee requests by October 31, 2023. However, the bank only implemented this safeguard 14 months after the deadline, in late 2024. This significant delay meant that the protective measure was not applied to transactions involving over 1.14 million new payees, with total payments amounting to approximately £6.9 billion.
What is Confirmation of Payee?
Confirmation of payee is an essential account name checking service designed to protect consumers during payment transactions. It aims to reduce the risk of financial loss from authorised push payment (APP) scams, where criminals impersonate legitimate organisations to deceive individuals into sending money. The service also helps prevent misdirected payments, thereby increasing customer confidence when transferring funds electronically.
Regulator's Stance on Compliance
David Geale, managing director at the PSR, emphasised the importance of this tool in combating fraud. "Confirmation of payee is a vital tool to combat fraud and misdirected payments, giving people confidence that their money is going exactly where they intend," he stated. "Bank of Ireland UK had plenty of time to put the system in place. Missing the deadline by more than a year put its customers at increased risk of fraud."
The PSR noted that payment service providers were given "ample time" to comply with the requirement, which was confirmed back in October 2022. Geale further warned that the regulator would not hesitate to use its powers to intervene when firms fail to meet these critical consumer protection standards.
Settlement and Penalty Reduction
Bank of Ireland UK agreed to settle at an early stage of the enforcement decision-making process, qualifying for a 30% early settlement discount. Without this discount, the PSR would have imposed a much heavier financial penalty of around £5.4 million. This settlement highlights the bank's acknowledgment of its regulatory failure while mitigating the total fine through cooperative engagement.
The case underscores the ongoing challenges financial institutions face in meeting regulatory deadlines for fraud prevention measures. It also serves as a stark reminder of the consequences of non-compliance, particularly in an era where digital payment fraud is increasingly prevalent. Consumers rely on these safeguards to protect their hard-earned money from sophisticated criminal schemes.
