Self-policing of online adverts simply won’t do


Matt Burton

Chief Risk Officer

The issue of fraudulent online advertising has been rumbling on for years now, but it really has been the last two years that we’ve seen a dramatic pick up in activity, particularly with adverts that feature an impersonation of a financial services firm.

As early as March 2020, Andrew Bailey, while chief executive of the FCA, described the challenge of tackling fraudulent online adverts as like playing a game of “whack-a-mole”.

Hampered by the perimeter and lack of legal powers, the only weapon in the FCA’s arsenal is a website warning and the hope that their own adverts warning people of the dangers of ‘too good to be true’ online ads are seen by people before it is too late. In the last five years, FCA impersonation scam warnings have increased considerably, with an explosion in the past two years:


Of course, not all of these impersonation attempts will feature an online advert to lure people in, but many will. It is the weapon of choice to ensure maximum visibility for a scam attempt. In short, this is not a new problem. Tech companies have known for years that there is an issue with fraudulent adverts appearing on their sites, and people losing money as a result. Google, to its credit, took action in September this year by introducing a new requirement for all financial services adverts to be from FCA authorised firms, or from an approved third-party of an FCA authorised firm.

However, the other tech companies have waited until the very last minute. It was only after the Online Safety Bill Committee said in December that the online world should no longer be the land of the lawless, and recommended that adverts are included in scope of the Bill, that they decided to give self-regulation a go.

Facebook, Microsoft and Twitter have all now announced that they will adopt the same policy as Google to ensure a degree of verification before adverts go on their sites.

While this is commendable, it should not be used as an excuse by the government not to act on the Committee’s recommendation. Self-regulation can only go so far.

For a start, self-regulation only covers those firms that have decided to adopt the new policy. Instead, legislation will cover all companies offering online adverts and so will protect everyone when they go online. Likewise, we need a system that is policed by an independent regulator and with punishments for the companies that are found to be in the wrong. This cannot be achieved by self-regulation, but is exactly what can be delivered by the forthcoming Online Safety Bill.

The Bill will shift the burden of responsibility away from consumers protecting themselves against scams, and onto the tech companies and social media platforms, who will have a legal responsibility to tackle harmful content online.

While the Bill currently includes scams that appear through ‘user-generated content’, i.e. an individual posting about a dubious investment scheme or blatant scam, it will not cover scams that appear in adverts or cloned websites. This anomaly must now be rectified by the government.

It is through this incentive structure that we’ll create an online environment in which people can trust what they see to be genuine and can trust that if they find an investment online that at least the provider will be FCA authorised. Otherwise, we risk the “whack-a-mole” problem causing havoc for years to come. Matt Burton is chief risk officer at Quilter.

This article first appeared in Money Marketing on 11 January 2022.