After-Payment Practices

Practice 14: Complaint and Resolution Mechanisms

[Liability] [Rules]

The IIPS requires DFSPs to provide complaint and dispute resolution mechanisms that are clearly communicated, easy and free for end users, and appropriate to the local context.

In cases where fraud has occurred, effective complaint and dispute resolution mechanisms contribute to restoring end user trust in the system. The IIPS’ relevant scheme rules should be consistent with any regulatory guidelines, which are often provided in consumer protection regulations.

Complaint mechanisms provided by DFSPs enable end users to request a return of funds due to fraudulent activity. End user rights in making complaints need to be clearly communicated. Further, the mechanisms should be easy to use, provided through appropriate channels, and free to end users.

The IIPS should also provide tools to DFSPs that support initiation of an investigation and request of funds in cases of confirmed fraud.

Example: The Special Mechanism for Return [of Funds] provided by Brazil’s Pix.

Complaints may result in a dispute. Fraud dispute resolution processes enable parties involved in the dispute to arbitrate whether a transaction is fraudulent. Effective fraud dispute resolutions require clear rules and procedures to determine if fraud was present (the burden of proof sits with the DFSP), and mechanisms for timely return of funds to the end user. The rules for funds return should be clear on timelines. Consideration should be given to immediate funds reimbursement.

An independent dispute arbitrator (Ombudsman) and process should provide a secondary mechanism for addressing disputes that are not adequately resolved at the DFSP level. The Ombudsman role may be played by various entities, such as the central bank, consumer protection authority, or a body with representation from various entities that are not selected by and do not include the DFSPs.  The independence of the body must be assured through a rigorous process for structuring its governance, selecting representatives, and designing the dispute process. The Ombudsman’s role should be made known to the end users and its dispute process easy to access, user friendly, and efficient.

The IIPS should advocate for and collaborate with ecosystem stakeholders to put such a body in place and ensure its independence.

Example: India’s NPCI provides guidelines and tools to enable end user complaints as well as a multi-layered resolution mechanism that includes an Ombudsman.

Practice 15: Data Reporting

[Rules] [Data]

The IIPS mandates participants to submit ON- and OFF-US transactions to the scheme and report confirmed fraud to the scheme, which will use the data for permitted purposes, including fraud mitigation.

The robustness and effectiveness of IIPS fraud tools depend on availability of transaction data. For IIPS tools to develop transaction screening rules and apply them to the identification of transactions that are suspicious, a baseline needs to be established over time using transaction data, inclusive of all transactions (ON- and OFF-US, non-fraudulent and fraudulent).

Data sharing needs to align with data protection regulations, which often allow exceptions for fraud mitigation. As such, the IIPS should only use the data for fraud mitigation purposes.

Example: Both the FedNow and Pix systems include a requirement for DFSPs to report fraudulent payments.

Next Topic in this Section: Partner Initiatives in Fraud Mitigation