New legislation may be needed to address APP fraud

New legislation may be needed to address APP fraud

Moves to reimburse consumers who fall victim to push payment fraud has come a step closer with the publication of a draft voluntary code drawn up by a steering group of UK banks and consumer rights campaigners.

Open for consultation until 15 November, the draft code is intended to protect consumers from authorised push payment (APP) fraud, which happens when businesses or individuals are conned into sending money to a fraudulent account to pay for goods or services.

Statistics released by UK Finance this week show that, in the first half of 2018, consumers lost £92.9 million because of this type of fraud.

The new guidelines have been drawn up in a bid to make it harder for criminals to commit APP fraud, and sets out how consumers can be vigilant and take reasonable steps to protect themselves whilst giving them greater levels of protection and support from their banks.

Importantly, the code proposes the principle that where a consumer has met their requisite level of care, they should be reimbursed.

For their part, banks will be required to apply analytics and employee training to better detect and respond to push payment fraud and to freeze and return payments deemed suspicious.

Banks represented on the working group have committed to begin work on implementing the agreed standards during the consultation period, although the new guidelines will not come into force until early next year.

One sticking point which has yet to be resolved occurs in instances where a victim of an APP scam has met their requisite level of care, and so should be reimbursed, but no bank or other Payment Service Provider involved in the payment journey has breached their own level of care. The Steering Group has not been able, so far, to resolve the question of who should meet the cost of reimbursements in these circumstances.

In addition, more work is needed to agree a mechanism for how disputes between banks and other payment service providers can be resolved, and to agree the governance of the code once it is finalised.

Stephen Jones, chief executive of UK Finance says new regulations may be needed to resolve the current absence of a legal definition of "gross negligence" and to give PSPs more clarity over their liability. Legal changes to enable banks to freeze the proceeds of fraud and move fraudulently obtained money from an account for reimbursements will also be required.

"It has become clear through our discussions that some of the issues identified must be resolved by new regulation, rather than just a Voluntary Code alone," he says. "This will ensure that consumers and financial institutions can be certain in what circumstances victims will be compensated and how this compensation is funded in circumstances where all parties have acted reasonably in making the payment."

New regulations would help to resolve the current absence of a legal definition of "gross negligence" and give PSPs more clarity over their liability

Comments: (1)

Eli Talmor
Eli Talmor - ID-Bound - Haifa 28 September, 2018, 10:14Be the first to give this comment the thumbs up 0 likes

In other words who should the consumer blame if malware sends his money to fraudsters?