Community

Hi Bill, I completely understand where you are coming from - my original hopes for this was that the recipient bank would take 100% of the loss as long as the sending bank could show they'd 'done everything viably possible' to persuade their customer to take the care needed.  But we are where we are - and my opinion is that this is our 'starting point'.  

I really hope (because I'm an optimist, although I've been an eternal one (having been patient for almost 40 years in this trade!) that this will help make fundamental changes in the ability for banks to share intelligence.  Once we get to a point where intelligence is being shared, those organisations who are simply 'not doing enough' (be it at persuading their customers not to make mistakes, or substantially improving their onboarding operations) will be easily identified, and the 'liability share' appropriately adjusted over time.  

I agree - if the fraudsters couldn't get their hands on a bank account, there would be no APP fraud.... but we're miles away from that right now.

Interesting conversation above.  I am in favour of a postponement and adjustment for all the reason cited by the UK Payments Association.  I am a strong believer that when there is a means for a fraudster to be successful, we have to start somewhere to close that loop.  OK, the 'loop' in this case is a vulnerable account owner who gets sucked into what they believe is a credible situation (and there are various ways to interpret vulnerable, I know) - but at the end of the day, criminals are getting money for very little effort.  I have never agreed that the liablity should be equally split between the sending and receiving banks (only) - but what this ruling HAS done is make the whole industry look at how they monitor (properly!!!) every account - and include AML-type activities on ALL their portfolio in order to close the ability for fraudster to have control of accounts into which they persuade the victim to move their money.  I hope this postponement is awarded.  I hope the big tech players are pulled into the mix and the liability is adjusted in the right way.  I hope there is time for the banks to get organised, logistically.  I hope the limit recommendations come into force.  

In my opinion, this has the potential to be a game-changer, forcing banks with weaker onboarding processes to pull up their socks; persuading the industry to look to intelligence sharing in real time.  If this doesn't persuade us to do that - nothing will.

Giles, I'm sorry to hear that your son was scammed of his entire bank account contents.  It's an interesting angle you talk about here - securing the inbound call to a consumer from 'the Bank' with legitimate and well advertised authentication through the banking app.  This would go a really long way to eliminate the bank impersonation scams that are so rife right now.  If this is a capability that could be applied, then the banks need to take a good hard look at what appears to be double standards here.  Thank you for your comment.

Banks have the ability to monitor incoming funds as much as they can monitor outgoing - so they should do so.  If a recipient bank account accumulates a 'dodgy' reputation over time, then surely that recipient bank should decline future incoming transactions to the 'dodgy' account as soon as its risk score reaches a pre-determined 'reject' threshold.  If banks do that, then they have a better case to answer if they choose to reject a claim.  By not doing this, they're not doing all they can to protect account holders.  

Interesting blog Richard, thank you.  I hadn't thought about the 'walk-off' losses, although I should have been aware given my son is a London cabbie, and has experienced this first hand.  It is absolutely misleading to assume the familiar 'ping' when the card is recognised is indication that the transaction has completed.  He has experienced many times when the fare has left the cab and the transaction has failed.  This should be looked at more closely by the industry to find a solid resolution.