The COVID-19 pandemic accelerated the shift to digital commerce and payment, but also the card-not-present and friendly fraud that comes with it. We look at five key threats to e-commerce merchants and their acquirers into next year.
A global pandemic and a war in Europe are events that we probably didn’t expect to see, let alone in such close succession. So much so there’s been much talk about the ‘new normal’ and operating in business-as-unusual times.
However, risk managers are used to grappling with change and uncertainty. They’ve learned to expect the unexpected, all in the name of maximising up-side and minimising downside risks. And are therefore uniquely placed to help guide their organisations in taking advantage of the opportunities that 2023 brings.
Here are five key trends to consider over the next 12 months for those working at merchants, acquirers or payment service providers (PSPs).
1. Rise of digital payments, commerce and fraud
National lockdowns during the COVID-19 pandemic, hygiene concerns around cash and higher contactless card limits were just some of the factors that accelerated the shift to digital commerce and payment. E-commerce grew 17% and digital payments 19% globally in 2021, according to McKinsey data.
Unsurprisingly, card-not-present fraud has also grown. E-commerce losses to online payment fraud were estimated at $20 billion globally in 2021. That’s a rise of nearly 15% compared to the $17.5 billion recorded the previous year. Phishing, pharming, card testing, identity theft and first-party misuse remain the most prevalent fraud attacks, each affecting more than 3-in-10 online retailers globally, an MRC report found.
As fraud levels increase, so does the likelihood of falling victim to it. Acquirers are advised to keep up to date with the fraud threat landscape. And mitigate their risk exposure by continuing to follow good practice around data security, customer due diligence at onboarding and merchant monitoring.
2. Increase in chargebacks and friendly fraud
The growth in digital payments and commerce has also been accompanied by an increase in chargebacks. Between 2019 and 2021, annual Visa card-not-present sales grew more than 50%, while disputes grew nearly 30% globally.
There’s also the growing problem of friendly fraud, also known as first-party misuse or chargeback fraud. This is when a cardholder disputes a legitimate purchase that they intended with their issuer to get free goods. Friendly fraud could account for as much as 16% of fraud disputes, the MRC found.
The card schemes are keen to ensure the experience of accepting cards is as attractive as paying with them. As a result, both Mastercard and Visa have announced new rules to minimise friendly fraud, which come into effect in 2023.
To help manage chargebacks in one convenient place, Web Shield has developed an out-of-the-box chargeback management portal. Get in touch for a presentation and to find out how easy it is to implement your own card-agnostic, branded dispute resolution management platform.
3. More crypto volatility and regulation expected
Crypto assets are known for their volatility and 2022 was no exception. After peaking in November 2021, the combined market value of crypto assets had fallen by almost 75% by November 2022, according to tracker CoinGecko. Although this is less than the 88% devaluation during the 2018 ‘crypto winter’, more than $2 trillion was wiped off the market.
Two significant events contributed to this. Firstly, the crisis of algorithmic stablecoins. These are designed to support a 1:1 peg with fiat currencies through blockchain algorithms, rather than equivalent cash reserves. In May 2022, TerraUSD lost its dollar peg, triggering widespread market uncertainty, mass liquidations and falling prices.
This was followed by the collapse of the FTX crypto exchange in November 2022. Once valued at $40 billion, FTX was operating not just as an exchange, but also issued its own currency, offered custody for customers’ assets and was linked to a crypto hedge fund. It filed for bankruptcy after being unable to meet its obligations when customers rushed to withdraw their assets.
There have been inevitable calls for more regulation of crypto assets, but also more enforcement of existing financial services regulations. While more regulatory clarity is expected in 2023, regulations will most likely apply nationally, and regionally at best, making cross-border compliance complex.
Acquirers are advised to stay abreast of changing crypto regulations in the markets where they and their merchants are active. The Web Shield Regulatory Monitoring database of legal opinions for cryptocurrencies helps make compliance more straight-forward for those engaged in the crypto sector.
4. Illegal drug market rebounds after COVID-19
New trafficking routes, the expansion of online sales and the availability of a wider range of drugs are just three trends driving the post-pandemic growth in the illegal drug market.
Changes to cannabis legalisation in North America and Europe have led to market innovation and more cannabis products, such as edibles, food and e-liquids for vaping. But also, the adulteration of herbal cannabis with synthetic cannabinoids, which can be highly potent and toxic.
The changing position on CBD/THC creates new risks for users, merchants and their acquirers. Web Shield is developing a tool to help acquirers and PSPs expand confidently into the world of CBD/THC merchants. A Web Shield Online Academy course ‘Understanding Drug Merchants’ has recently been released while extra functionality within our High-Risk Verification opens doors to the CBD market.
5. Ever-present threat of money laundering
Money laundering is the crime that powers all other acquisitive crimes. After all, criminals must make their criminal proceeds look legal to be able to retain and enjoy them without the fear of detection or confiscation. As such, money laundering is a perennial, cross-cutting fraud threat.
Acquirers must be alert to the fact that any merchant account can be used to cash out the proceeds of crime. This happens with and without merchant collusion, in the physical world and online.
Underwriters are advised to really get under the skin of a merchant’s business. Who owns it and what is their background and experience? What are they selling, to whom, how and where?
Include clauses in the merchant agreement requiring merchants to advise you of any changes in their business. And that they ensure that contracts merchants sign with third-party agents also include such clauses. Beyond that, monitor, monitor and monitor.
Three Web Shield Online Academy courses around anti-money laundering are available: ‘Fundamentals of Anti-Money Laundering’, ‘Managing Money Laundering Risks’ and ‘Money & Transaction Laundering in Payments’.
Fraud is a growing problem. Nearly half (46%) of organisations have experienced some form of fraud or other economic crime within the last 24 months, according to a PwC survey. However, at the same time, most fraud types and threats are not particularly new or novel.
The key threats posed by e-commerce, crypto and drugs merchants are well-known. They involve the age-old card scheme requirement for the sale to be legal in both the country of the buyer and the seller. And regulated products being sold through the unregulated e-commerce channel.
It pays to be vigilant and monitor the threat landscape, but also to have confidence in the robustness of your day-to-day risk management controls. Know-your-customer checks, anti-money laundering controls, and merchant monitoring are not particularly new or novel. Yet it is only those with robust processes in place and confidence in them, who can take more calculated risks to survive and thrive in these business-as-unusual times.