The GDPR says that personal data should be kept for no longer than is necessary for the purposes for which it was collected. The Money Laundering Regulations say that CDD documents must be kept for at least 5 years. So how long should you retain client ID documents for?
On the face of it, there appears to be a conflict between two key pieces of legislation. Which should you comply with in order to avoid a fine or other regulatory sanction?
Fraudulent criminal gangs are targeting growing numbers of students who are struggling to make ends meet amidst the sustained rise in the cost of living.
Every year the Credit Industry Fraud Avoidance System (“CIFAS”) publish their figures in their Fradscape report. For 2022 the 9 month report has just been released using figures from the CIFAS National Fraud Database and the Enhanced Internal fraud Database along with intelligence provided by CIFAS members. The report analyses how levels of fraudulent conduct have changed over the first 9months of 2022 compared to 2021.
On 12 November 2022 the House of Lords Fraud Act 2006 and Digital Fraud Committee published their report “Fighting Fraud: Breaking the Chain” (the “Report”).
Arun Chauhan of Tenet was one of the witnesses giving evidence to the Committee in his role as a trustee of the Fraud Advisory Panel. Arun says that the Report should be the wake up call the Government need to realise how damaging fraud is for consumers and businesses.
The Sole Practitioner of the Year award celebrates innovative and pioneering practitioners, who provide exceptional solutions and foster unique ways of working within the constantly evolving industry.
In Food Navigator, Arun Chauhan, founder and director at Tenet Compliance & Litigation, has recently outlined some of the key fraud risks facing businesses within the food sector and how these can be mitigated.
But how can you protect against email hacking and authorised push payment fraud?
Authorised push payment fraud is where fraudsters manipulate an individual into sending a payment, under false pretences, to a bank account controlled by them. These fraudsters may hack into email accounts to convincingly deceive their victims into sending payments.
As the payment is authorised in real-time – it is irrevocable by the individual or their bank – meaning that there is no financial recovery for those affected.
Individuals making a payment to bank details received via email must remain vigilant in order to protect themselves against this type of fraud.
Three top-tips for push payment fraud protection
If you receive bank details by email – for a first-time purchase to new or amended details – verify these with the sender using another means of communication (such as a verified number for a call).
Send a low-value test payment – perhaps of £0.01 – to ensure the bank details you have are correct.
Check for anomalies on the email address that sent the details – in any event, check for different characters being used in a changed address.
Although this type of fraud is by no means new – it is certainly on the rise. Recently, the Payment Systems Regulator (PSR) drafted a new code in order to assure greater support and protection for those who fall victim to push payment fraud. Until this code is implemented by banks, however, individuals must treat vigilance as their primary protection.
