Unlocking the future of payments: The role of AI in transforming transactions

The payments industry has a strong track record of using AI to help spot and stop fraud. As well as continuing to invest in the arms race against fraudsters, payments firms are now also exploring a more diverse array of AI use cases. The more these opportunities impact customers, the more firms need to consider the regulatory risks associated with AI.

Rising pressure

When it comes to tackling fraud, payments firms face the twin pressures of more sophisticated fraudsters and more legal exposure for reimbursing fraud victims.

Fraud is on the up. In its 2023 fraud strategy, the UK government notes how the adoption of new technologies by consumers, businesses and criminals has driven recent increases. This includes authorised push payment fraud where victims are tricked into transferring money to accounts controlled by fraudsters. AI-enabled fraud is a real concern. As criminals exploit generative AI to more convincingly con consumers, the volume of fraud victims is expected to grow further.

The regulatory liability on payment firms for fraud is also increasing. For example, from October 2024, UK payment providers will need to reimburse more victims of fraud. The reimbursement requirement applies to bank transfers in the Faster Payments system (where most APP fraud occurs) with only limited exceptions. Meanwhile, the Financial Conduct Authority has recently warned firms to improve their anti-fraud controls and how they protect vulnerable customers.

Fighting AI with AI

Payment firms are incentivised to stop fraud happening in the first place. AI algorithms can help detect and prevent fraud by analysing transaction patterns and flagging anomalies in real time. The aim is not only to secure execution of transactions but also to minimise false declines, improving the approval rate of genuine transactions.

Many providers are investing in AI as a tool for fraud detection and prevention. For example, Mastercard has recently launched a GenAI model which it claims can scan one trillion data points to predict whether transactions are legitimate. Visa is working with Pay.UK on AI technology for Faster Payments which generates a risk score indicating the likelihood of a payment being fraudulent. Visa predicts its tool could help save the UK over £330m a year by preventing fraud.

Firms are also teaming up. Industry initiatives support federated learning of AI models. Payment providers can collaboratively train AI algorithms across a much wider pool of anonymised customer data, allowing the technology to spot fraudulent transactions more effectively.

Beyond fraud use cases

The payments industry has used AI to combat fraud for several years. Now firms are exploring the next generation of AI tools and how they could support their business beyond risk management use cases. For example:

• Payment processes: AI can help deliver more frictionless payments by routing payments through the most efficient channels and automating invoice processing, payment approvals and reconciliation processes.
   
• Customer support: AI-powered chatbots and virtual assistants are increasingly adept at handling customer inquiries.
   
• Data analytics: GenAI can support interrogation of large volumes of data to source information about, for example, payment trends, transaction values and customer behaviours.

Pause for thought

As they deepen their reliance on AI systems, firms must carefully consider the regulatory risks. Payment providers should be able to demonstrate that they have appropriate controls in place to manage the AI they use. This includes having robust governance processes in place and ensuring the operational resilience of their systems, especially where AI services are provided by third parties. Firms should include AI systems in their implementation of the EU’s Digital Operational Resilience Act and the UK operational resilience rules.

AI that can impact consumer outcomes needs particular care. For example, payment firms should consider their obligations under the FCA’s Consumer Duty in the UK and under current and future European payments regulation (PSD2 / PSD3). Over time, AI-specific regulations will add further complexity to firms’ compliance framework. Firms should aim for an AI compliance strategy which integrates financial regulatory concerns with data protection and other areas of legal risk.

Read more on AI in financial services: What role could GenAI play in how banks manage risk? | Linklaters and AI in Financial Services 3.0 (linklaters.com)