The Payment Systems Regulator has issued its most prescriptive set of scam prevention mandates to date, requiring all firms operating within Faster Payments to implement real-time fraud screening and transaction-level risk scoring by September 2025. The directive, published in May, sets minimum standards for outbound payment checks and requires receiving firms to demonstrate they have adequate systems to detect and block mule accounts. Non-compliance could result in penalties of up to £5 million or 10 per cent of annual revenue.

For many smaller fintechs and electronic money institutions, the mandates represent a significant operational challenge. Firms that previously relied on batch-processing compliance checks must now invest in streaming data infrastructure capable of evaluating transactions in milliseconds. "This is a step change in what the regulator expects from the entire payments ecosystem, not just the large banks," said David Sheridan, head of financial crime at consultancy Thistle Initiatives. Several regtech providers, including Featurespace and Sardine, have reported a sharp uptick in enquiries from firms seeking to meet the deadline.

The PSR's approach has drawn broad support from consumer advocates but some criticism from industry bodies representing smaller firms. The Electronic Money Association warned that the compliance costs could prove disproportionate for early-stage companies, potentially driving consolidation in the sector. Nevertheless, the regulator has signalled that it will not extend the implementation timeline, arguing that the scale of fraud losses demands urgent action across the entire payment chain.