Founded in 1984, NCMEC is the nation鈥檚 largest and most influential child protection organization, dedicated to finding missing kids, stopping child sexual exploitation, and preventing crimes against children. Fulfilling that mission requires a partnership among stakeholders across society. 鈥淧rotecting children is everyone鈥檚 responsibility. It requires both the public and private sector working together, bringing their expertise, tools, and resources to make a difference,鈥� DeLaune says.

In collaboration with law enforcement agencies, families, and child welfare organizations, NCMEC has contributed to the recovery of missing children in more than 400,000 cases.

Unfortunately, child exploitation has reached alarming new heights, fueled partly by the widespread use of social media and advanced technology. Paradoxically, these same digital tools are crucial in combating this issue. NCMEC harnesses online data and analytics to provide vital insights, recognize patterns, and develop global initiatives aimed at safeguarding children. This tech-driven approach enables NCMEC to stay at the forefront of child protection efforts worldwide.

Bringing critical information to light

Indeed, AI-driven technology enables data analysis tools that can comb through copious amounts of data to identify patterns and trends in child exploitation and abduction cases. This helps in pinpointing potential risks and focusing resources where they are most needed. 鈥淲e need technology that enables us to connect the dots, target cases where there is the most urgent risk to children, and act on them quickly,鈥� DeLaune explains. 鈥淲e have so much data coming in 鈥� more than human beings can sift through to surface the right information. It鈥檚 the proverbial needle in a haystack; but in this haystack, the needles we are searching for are children in need of assistance.鈥�

NCMEC has partnered with 成人VR视频 (TR) for 15 years, and according to DeLaune, partnerships with TR and others allow the organization to have access to tools that 鈥渉elp us do our job faster and get the right information out to law enforcement and the public. That鈥檚 been a game changer.鈥�

Also, NCMEC analysts use technology on a daily basis to support missing and exploited child investigations, according to Angela Aufmuth, Executive Director of Analytical Programs at NCMEC. 鈥淲hen a report on a missing or exploited child comes into the Center, time is of the essence. We need to analyze data rapidly,鈥� Aufmuth says. 鈥淲ith technology, we鈥檙e able to access data from multiple sources, quickly putting together pieces of the puzzle. This enables us to identify possible locations and persons of interest and get that information out to law enforcement agencies so they can perform their investigations in the field.鈥�

Technology can focus investigations

Of course, access to public records is vital. Technology allows NCMEC to quickly sift through data, such as records of deaths, to focus law enforcement efforts more effectively. Whether working on a missing child case, a case of suspected sex trafficking, a noncompliant sex offender, or a child abduction, having access to public records information is absolutely critical, explains Aufmuth.

鈥淭echnical solutions have given us the ability to access different types of data very quickly.鈥� she says, adding that data on deaths, for example, have been very useful. 鈥淲hen conducting noncompliant sex offender operations, law enforcement will give us a large amount of information,鈥� Aufmuth notes. 鈥淲e鈥檙e then able to batch that data against the technical resources, quickly identifying individuals who are deceased. This enables law enforcement to conduct investigations in more focused and efficient manner.鈥�

At NCMEC, the focus is entirely on supporting children and their families as they navigate through unimaginable hardships 鈥淗aving access to these technology tools is absolutely essential to our work. If we did not have access to the data and analysis they provide, we would not be able to support the families we serve and help bring their children home,鈥� Aufmuth explains.

DeLaune agrees, adding: 鈥淣CMEC is a lifeline for families searching for a child or helping them rebuild their life after an exploitation issue. And they are grateful for anyone who can enhance our ability to serve them. The families are counting on NCMEC 鈥� and in turn, NCMEC counts on technology partners to deliver results.鈥�

You can find more information about here.

The new rules 鈥� brought into force through directions made by the PSR and changes to the Faster Payments rules effected through 听补苍诲听聽of the Financial Services (Banking Reform) Act of 2013 鈥� replace the voluntary code introduced in May 2019, of which聽10 payment service providers were members.

APP fraud聽

APP fraud involves authorized payments made because of deception by fraudsters. It has been聽a growing problem聽in the payment services industry for years, and according to UK Finance’s 2023 fraud report, APP fraud losses surpassed card fraud losses in 2021.

In 2022, there were 207,372 incidents of reported APP fraud in the UK; and while most cases involved online fraud (78%), this was responsible for only 36% of reported losses, while telecommunications fraud, which accounted for 18% of cases, was responsible for 44% of losses.

Contingent Repayment Model (the voluntary code)

In 2019, seven payment service providers established a voluntary code for reimbursement of losses caused to customers by APP fraud. There are now聽10 members of the code representing 19 consumer brands, which are responsible for more than 90% of APP transactions in the UK.

The code implemented the Contingent Repayment Model, which had been proposed by the PSR and applied to all personal customers, charities with an annual income of less than 拢1 million ($1.2 million), and micro-enterprises. The code applies standards of conduct to payment service providers in connection with detection, prevention, and response to APP fraud, imposing requirements to take reasonable steps to detect APP scams, sending warnings to potential victims, and offering advice as to how potential victims should seek to protect themselves.

The code also imposed an obligation to reimburse customers’ losses caused by APP fraud, subject to certain conditions, including:

• • • payments must be made within the jurisdiction, so international payments are not included.
    • the payment service providers have the discretion to refuse reimbursement if the victim: i) ignored a warning given under the code; ii) ignored a clear negative confirmation of the payee result; iii) made the payment without a reasonable basis for believing the transaction to be genuine; iv) did not follow its own procedures; or v) itself was guilty of gross negligence in connection with the payment.

In the situation between the paying payment service provider and the recipient, if both are at fault, then they are both liable to cover 50% of the reimbursement each. If only one is at fault, that payment service provider must pay the whole reimbursement. If both are at fault and the customer is at fault, each party bears 33% of the responsibility (meaning the customer receives reimbursement of only 66% of the loss). If neither payment service provider is at fault, the compensation is paid from a pooling fund to which all members contribute.

Changes under new requirements

The requirements under the new rules apply to the same types of customers as those falling within the scope of the voluntary code and, like that code, apply only to payments made within the jurisdiction. However, the new requirements differ from the voluntary code most notably in the following ways:

• • • The rules are mandatory for all payment service providers using the Faster Payments system, rather than an opt-in, voluntary code.
    • They apply only to the Faster Payments system and no other payment systems (in practice this will cover most APP frauds: in 2021, 97% of such frauds used the Faster Payments system).
    • Decisions as to reimbursement are taken exclusively by the sending payment service provider, however ordinarily, that provider can claim back 50% of any reimbursement from the recipient payment service provider.
    • There is a 13-month deadline for claims (although payment service providers can voluntarily choose to give reimbursements for later claims).
    • A payment service provider must give reimbursement within聽five business days, although it can “stop the clock” to allow for investigations (to a maximum of 35 days).
    • Sending payment service providers will have the option of imposing a claims excess of a maximum of 拢100, and there will be a maximum level of reimbursement of 拢415,000 ($525,028) for each single APP fraud case.
    • The new requirements introduce the “consumer standard of caution” (detailed in a issued by the PSR).
    • Reimbursement can only be refused if the customer has failed to meet the consumer standard of caution through gross negligence, and then only if the customer is not vulnerable (so long as the vulnerability had a material impact on the customer’s ability to protect themselves from the scam).

What payment providers should do now

The precise wording of the new Faster Payments rules is yet to be published by Pay.UK (the PSR’s direction set a deadline of June 7 for implementation of the new rules), although draft rules have been published.聽Payment service providers will need to review the details of their obligations once the new rules are published on Oct. 7.

Before then, however, payment service providers should actively engage in developing their systems and processes, to be ready for the implementation date of the new requirements in the following three ways.

First, the new requirements create further incentives for (and obligations on) payment service providers to strengthen their APP fraud detection systems, both at the know-your-client (KYC) stage and in the processing of payment instructions.

Second, payment service providers need to design appropriate systems to provide warnings to customers and to set interventions by which a customer’s compliance with the consumer standard of caution can be assessed. To comply with the requirements, these warnings and interventions will need to be developed flexibly, especially in the context of vulnerable customers.

Third, payment service providers will need to develop systems to deal with reimbursement claims under the requirements. This will require clear policies and procedures for assessing a claiming customer’s compliance with the consumer standard of caution, identifying vulnerable customers, and analyzing whether any vulnerabilities were the cause of a failure to comply with the standard.

While payment service providers will be able to create computer systems to assist in this process, the assessment is ultimately an evaluative one and accordingly, appropriate training programs will need to be put in place for staff involved in dealing with claims, even if the payment service provider decides to use artificial intelligence-backed assistance.

This convenience has undoubtedly accelerated the pace of commerce, but it has also opened the door to new forms of fraud. Practices such as Know Your Vendor (KYV), Know Your Business (KYB), and third-party risk management are becoming more common, but it can be difficult for organizations to know where to start.

Regulations, including the INFORM Consumer Act, guide different KYV practices to help protect consumers. Businesses can learn a lot from looking at passed and proposed legislation to help them develop their own KYV policies and practices.

The INFORM Consumer Act

The Integrity, Notification, and Fairness in Online Retail Marketplaces for Consumers (INFORM ACT) is designed to protect consumers from online fraud. The Act regulates 鈥渉igh-volume, third-party sellers鈥� which includes 鈥渙nline marketplace participants that conduct 200 or more transactions resulting in total revenues of $5,000 or more during a continuous 12-month period.鈥� The newly passed INFORM Consumers Act goes into effect June 27, 2023, when online marketplaces will be required to collect, verify, and disclose the following information about their customers and suppliers:

• • • bank account information;
    • government-issued IDs;
    • Tax ID or taxpayer identification number; and
    • contact information, such as work email and phone number.

The INFORM Act will create a regulatory framework to support manufacturers by protecting them from fraudulent activities in online marketplaces. It requires several different practices including ID verification, process transparency, active reporting and enforcement — practices that any company can learn from. The act also aims to protect consumers from fraudulent activities by requiring specific actions that require online marketplaces to know who their vendors and suppliers are. Those actions include:

ID verification 鈥� Online marketplaces will be required to verify the collected information within 3 days of receiving it. This added friction in the process should deter sellers of stolen or counterfeit goods from using platforms that require the verification of seller identity. Additionally, this verification needs to happen annually, requiring marketplaces to keep a consistent process of validating their third-party vendors.

Transparency 鈥� High-volume third-party sellers will be required to disclose specific information about themselves including their name, address, contact information and if they also engage in manufacturing, importing, or reselling of consumer goods. While some exceptions apply, this level of disclosure provides a more complete picture and transparency of the vendors that buyers engage with on online marketplaces.

Reporting mechanism & enforcement 鈥� Online marketplaces are required to promote their reporting mechanism so consumers can easily report fraudulent activity by email or phone. This will remind and encourage consumers that they can take direct action against potential third-party sellers.

The Federal Trade Commission (FTC) will be responsible for the enforcement of the INFORM Act under broader regulations covering unfair and deceptive acts or practices.

Proposed legislation with Know Your Vendor practices

The INFORM Act is not the only legislation that is targeting fraudulent activities through these types of actions. The proposed SHOP SAFE act (Stopping Harmful Offers on Platforms by Screening Against Fakes in E-commerce Act) aims to hold online platforms potentially liable for third-party vendors selling unauthorized trademark goods on their site that may harm the health and safety of consumers.

The SHOP SAFE act provides requirements for online marketplaces to take to avoid this liability. Those actions include verifying the seller鈥檚 identity, requiring a valid US address or registered agent, and implementing prescreening measures to deter fraudulent vendors.

Like the INFORM act, the SHOP SAFE Act utilizes vendor data collection and ID verification to protect consumers. Additionally, it requires online marketplaces to implement additional prescreening measures. The SHOP SAFE Act focuses on health and safety products. Prescreening measures can be tailored to a specific product or industry to safeguard consumers.

Another potential regulation that utilizes screening is the ENABLERS Act which aims to prevent money laundering in the United States real estate business. It was added to the annual National Defense Authorization Act by the House of Representatives in 2022, but it was removed by the Senate before final passage. While still under consideration, if the proposed ENABLERS Act passes it will require additional KYV practices including ID verification and screening, in this case for sanctioned people or businesses. The ENABLERS Act also implies the need for verification of the ultimate beneficial owner of companies buying real estate, an additional due diligence step.

What companies need to know

Businesses of all sizes need to implement third-party risk management practices that make sense for their company. These practices should protect firms from financial, regulatory, and reputational risk. The practices being used by regulators provide a framework to get started. Those steps include:

• • • ID verification to ensure you know with whom you are doing business;
    • Screening procedures that are tailored to your specific product or industry;
    • Transparency for vendors and consumers so they know whom to contact; and
    • Regular audits to make sure your practices are up to date.

Finally, effective vendor management practices are paramount for businesses to shield themselves from financial, regulatory, and reputational risks. The regulatory framework provided by the INFORM Consumer Act, the proposed SHOP SAFE Act, and the ENABLERS Act can serve as a guide for businesses to develop their own vendor management policies and practices. By conducting ID verification, implementing tailored screening procedures, ensuring transparency, and conducting regular audits, businesses can build trust with their customers and safeguard their operations.