Cases involving the passing-off of apps purporting to belong to financial institutions have been on the rise in recent years, with regulators and industry bodies having to issue alerts for consumers in 2018 and again in 2020.

Today, the risks around such passing-off centre on apps related to wealth management products and loans. In terms of wealth management, instances of misrepresentation or fake apps mainly concern banks, trust companies, private equity funds and other institutions that engage in the management or sale of asset management products. With regard to loans, the issues typically apply to banks, trust companies, consumer finance companies and other entities that are qualified to extend loans.

Due to the speed and convenience of internet finance, the harm caused is amplified. According to provisional data, one leading internet finance platform recorded 1,676 complaints from victims of the passing-off of its own app in the 18 months to December 2019, with a total of more than RMB14.6 million (USD2.2 million) in losses due to fraud.

Perpetrators of such acts may, of course, find themselves subject to criminal, civil and/or administrative liability. Acts such as obtaining public or private property through fraud, illegal taking of deposits from the public and unlawful operation in the guise of a financial institution’s app may constitute crimes.

The unauthorised use of a financial institution’s name constitutes a civil liability. If a perpetrator engages in financial activities without approval or exceeds its permitted scope of business, the administrative authority, such as the banking and insurance regulator or the industry and commerce authority may seek to exact administrative penalties.

But it is not only perpetrators who face liabilities. A financial institution that has its app passed-off may also be subject to different types of legal liability. If it has co-operated or is currently co-operating with the perpetrator in carrying on relevant business, it is possible that the acts engaged in by the perpetrator in passing itself off as the financial institution constitute apparent agency.

For example, if the financial institution previously co-operated with the perpetrator’s platform in offering a wealth management product, the act by the perpetrator of continuing to offer the wealth management product in the name of the financial institution may, because it constitutes apparent agency, also become effective for the financial institution.

Furthermore, the internet app store service provider may also find itself liable for tort to some degree. Chinese laws and regulations expressly specify that internet app store service providers are under obligation to review apps they support for issues such as genuineness, security and lawfulness. If it was found to be negligent in its review, the financial institution and users have the right to demand that the app service provider bear damages for tort.

The unique nature of the business model of financial institutions provides space for violating the law. For example, in internet finance business, a financial institution cannot set up the procedures for in-person signing as it would for a traditional bricks-and-mortar business. With online finance, consumers have almost no way of confirming the true identity of a financial institution. Even where the identity of an institution is being passed-off, it is quite possible to envisage that the consumer will believe the business to be genuine.

Flaws in financial infrastructure and laws and regulations are another issue. In recent years, online sales of asset management products and loans have grown rapidly, outpacing the development of the infrastructure to verify the identity of finance business participants. The information asymmetry between financial institutions and consumers has resulted in a situation where it is impossible to easily identify acts of passing-off financial institution apps.

On top of this, Chinese laws and regulations still contain flaws. For example, there still are no clear and detailed criteria or procedural regulations for the online sale of trust products by trust companies, and those laws and regulations fail to clearly define the liability of financial institutions.

The limited ability of consumers to distinguish between genuine and false apps is a further driver of the growth in fraudulent passing-off of apps. As the online finance business balloons, investors with little financial expertise are faced with ever-increasing complexity and range of financial products and so are even more bereft of the ability to distinguish between financial products, and so to recognise when an institution’s app is being passed-off.

First, the government and lawmakers should shore up the infrastructure and laws and regulations. We need to improve the collection of personal and enterprise credit data and the mechanism for sharing it, as well as the relevant laws and regulations in order to avoid the various problems caused by information asymmetry between parties to transactions and the lack of clarity in the responsibilities of the various entities involved.

Second, regulators should expressly specify the social responsibility of financial institutions. As financial institutions function to a certain extent as social service organisations, they should bear social responsibility and take a number of measures to guard against the passing-off of their apps.

In practical terms, that could mean the financial institution should announce the title of its official app and the way to download it. When it discovers the app is being passed-off, it should take all available measures to clarify the situation, including: Reporting the incident to the public security authority to ensure the perpetrator faces criminal action; taking appropriate civil action; and filing a report with regulators and other administrative authorities. Financial institutions should also take other measures, such as posting risk alerts on their websites and other channels to protect consumers.

Finally, the author recommends that the education of consumers should be improved. Regulators, financial institutions, industry associations and other players should strengthen the education of consumers so that they can avoid the risks to themselves that come from their lack of basic financial knowledge.