Online Fraud Charter 1701465900
Online Fraud Charter 1701465900
Online Fraud Charter 1701465900
Takedowns Take action against fraudulent content and users straight away
Law Enforcement Have dedicated liaisons who will respond to law enforcement requests
Intelligence Sharing Engage with initiatives to quickly share information about frauds
Transparency Provide information about fraud risks and what is being done to address them
Comms Deliver simple messaging to support the public to recognise and avoid online fraud
Horizon Scanning Contribute to horizon scanning exercises to stay ahead of the threat
Signatories
1
Signatories of this Charter are not limited to those outlined here. We urge others to agree to the actions
enclosed to better protect their customers and the wider public.
Opening Statement
The tech sector facilitates many positive changes to the way we live and the way we do
business. Online platforms and services are now integral to the everyday lives of UK citizens
and companies, and this Government wants them to be the best they can be.
However, online platforms and services are increasingly being exploited by criminals for the
purposes of fraud and money laundering. Fraud accounts for around 40% of all crime in
England and Wales,1 with an estimated 80% of that cyber-enabled including through online
platforms and services.2 In turn, these companies are well placed to help prevent online fraud
and to keep their users and the public safe from this crime.
Tackling fraud is a priority for the Prime Minister and this Government. In May 2023, the
Government launched its Fraud Strategy. Building on the successes of previous voluntary
charters with the retail banking, telecoms and accountancy sectors, the strategy set out plans
to deliver a voluntary Online Fraud Charter. Through this charter, firms show that they recognise
the risk of fraud and financial exploitation to the UK public on their platforms and commit to
tackling it.
The Online Safety Act (OSA) will also go far to improve the response to online fraud in the long-
term. Against the backdrop of an ever-evolving problem, this charter demonstrates the ambition
and willingness of signatories to work collaboratively with Government, ahead of regulation fully
coming into force, in a targeted manner reflecting each company’s unique business model.
Commitments
Each firm will implement the actions that apply to them, based on their unique business models.
The commitments and actions in this Charter are voluntary and are intended to be applied on a
proportionate basis and not all will apply to every company or in every circumstance. See
Categories of firms in the Definitions section.
This Government expects actions to be completed within 6 months of the Charter being
published, and ongoing where relevant. To avoid duplication or divergence from regulatory
requirements, reviews will be held after 6 months from publication and once Ofcom’s OSA
Codes of Practice for illegal harms are in force. See Reviewing and future iterations of the
Charter section.
Online fraud also has many of the same enablers and impacts as other cyber-facilitated crimes.
The commitments in this charter will therefore be hugely beneficial to preventing and mitigating
the impacts of other harmful crimes such as theft, extortion, sexually motivated crimes, abuse
and more.
For the purpose of this document, references to fraud and counter-fraud activity include money
mule recruitment.
1
Crime in England and Wales - Office for National Statistics (ons.gov.uk)
2
2020-21-Annual-Assessment-Fraud-Crime-Trends.pdf (actionfraud.police.uk)
2
Blocking
Standalone
e. Give users the choice to verify their identity on platforms to allow other
online dating
users to know they are genuine, allowing users to opt to interact with
service
verified people only.
providers
Social media/
f. Provide guidance to users for how to stay safe when buying and
networks with
selling items directly with other users on listings for high-risk and high-
peer-to-peer
value goods.
marketplaces
eCommerce
marketplaces g. Offer a mechanism for and/ or provide information on secure payment
and social services that can be used for purchases originating on relevant
media/ signatories’ platforms and marketplaces.
networks with h. Deploy verification measures of sellers using relevant signatories’
peer-to-peer platforms, services or marketplaces.
marketplaces
3
Reporting
Standalone f. Alert and provide education resources to users that have engaged in
online dating two-way communications (and have been confirmed to have sent or
service received contact information), with another user who the platform has
providers positively identified as likely to be involved in financial crimes.
Takedowns
4
Advertising
Law Enforcement
5
Intelligence Sharing
Transparency
7. Provide information about fraud risks on platforms, and what is being done to
address them.
6
Comms
8. Deliver simple messaging to support the public to recognise and avoid online
fraud.
The Government and law enforcement will provide toolkits and necessary resources whilst
involving industry in its upcoming fraud campaign(s).
Horizon Scanning
7
Reviewing and future iterations of the Charter
After 6 months from publication and following the consultation period for Ofcom’s Codes of
Practice, a review will be conducted to ensure Charter commitments are not duplicative or
divergent from regulatory requirements.
A further review will be held once the OSA is in full effect to ensure the Charter continues to
focus action on the most serious fraud trends and is best aligned with current regulations.
Governance
The Joint Fraud Taskforce (JFT), chaired by the UK Home Office Minister for Security, will hold
companies to account for delivering the actions.
Ofcom, as the independent regulator, will consult on and then publish the Codes of Practice
which will set out the recommended steps online services may follow to comply with these
duties.
In contrast to the OSA, the Online Fraud Charter is specifically configured to drive voluntary and
more targeted action amongst a smaller, targeted subset of online platforms and services.
In this context, it is important to highlight that fulfilment of this charter’s commitments will not
automatically equate to compliance with fraud-related duties under the Online Safety Act, and
the associated recommended steps set out in Ofcom’s Codes of Practice, as the codes are
separate and distinct from the Charter. For the avoidance of doubt, where there is direct
conflict, regulatory requirements will take precedence.
8
Definitions
Categories of firms
❖ All firms: All signatories of this charter.
❖ eCommerce marketplaces: Companies providing a platform that enables consumer-to-
consumer and/ or business-to-consumer sales.
❖ Firms with paid advertising services: Companies running or offering AdTech
intermediary services to deliver paid-for marketing/ advertising content. There is no
expectation for signatories to take on responsibility for the activities of organisations outside
of their control so for the purpose of this charter this excludes firms acting as publishers
using third party AdTech intermediary services or eCommerce marketplaces.
❖ Social media/ networks: Companies offering services to create and share content and/ or
platforms enabling user-to-user communication. For the purpose of this charter this includes
entertainment platforms offering some or all of these services.
❖ Social media/ networks with peer-to-peer marketplaces: As above with the addition of
offering a platform that connects people who own a product or offer a service with people
who want to buy, rent or otherwise own it.
❖ Standalone online dating service providers: Companies whose main business operation
is to promote and provide mechanisms to facilitate online dating.
3
Fraudulent dishonesty and engaging in fraudulent behaviour defined in England, Wales and Northern Ireland by the
Fraud Act 2006 and in Scotland under Common Law. Broader financial fraud in the UK is defined through Financial
Services Act 2012 S89-90, Financial Services and Markets Act 2000 S23-25.
4
Money laundering through the use of money mule networks defined in UK law under the Proceeds of Crime Act
2002 S327-329.
5
National Cyber Strategy 2022, published 15 December 2021, GOV.UK website, National Cyber Strategy
(publishing.service.gov.uk)
9
Online fraud risks
Fraudsters are adaptable and the ways in which they commit their crimes are numerous. Below
are some common typologies both in terms of volume and harm. Industry has a unique insight
into fraud typologies, so signatories will continue to identify and define the risks they see on their
platforms and services.
❖ Purchase fraud – Criminals rely on the anonymity of the internet to sell non-existent
products or products that never arrive. Data from banks suggests these are overwhelmingly
committed on social media platforms and online marketplaces, with one major UK bank
finding over 80% of all purchase scams reported to them happened on online platforms.
❖ Romance fraud – Criminals go to great lengths to exploit online platforms to target often
vulnerable individuals, using social media and dating apps to find and contact victims. They
will manipulate people into trusting them and believing they are in a genuine relationship.
These victims will then be pressured into sending money to the fraudster through highly
manipulative and emotive requests. These criminals often move onto other online platforms
and messaging services to further engage with victims over a longer period to elicit further
money.
❖ Investment fraud – Criminals offer lucrative and often convincing investment opportunities.
Once a victim engages, they will be contacted by the fraudster who will pressure them into
investing, typically increasing amounts, into a fictitious fund or service. These frequently
occur on search functions through adverts and search results, social media through adverts
and user-generated content, and publishing websites through display adverts.
❖ Impersonation fraud – Criminals pretend to be a trusted figure, ranging from a celebrity or
legitimate organisation such as a bank, to deceive victims into sending money for ultimately
bogus reasons. Criminals use fake social media accounts and posts, take out online adverts
and appear in search results to lure in victims.
❖ Phishing – Criminals communicate with people to encourage them to take an action that
may lead to them being defrauded, such as clicking a bad link that will download malware or
direct them to a fraudulent website that will harvest their details. This can happen through
almost all online communication channels including email, online messaging, social media
and through links in search results and online advertising.
❖ Money mules – Money mules are individuals who move the proceeds of crime on behalf of
criminals, sometimes in exchange for payment or other benefit. This can include via physical
cash and financial products such as bank and cryptocurrency accounts. Children and adults
at risk can be coerced, controlled, manipulated or deceived into facilitating the movement of
funds and in such cases, these people are victims of money-laundering linked financial
exploitation.
10