News and resources on cyber and physical threats to banks and fintechs worldwide.
PSR consultation on bank scams draws to a close

PSR consultation on bank scams draws to a close

The UK's Payment Systems Regulator is to begin collating views from a public consultation on the protection and reimbursement of victims of authorised push payments fraud and consumer protection in bank-to-bank payments.

The amount of money lost to victims of authorised push payments fraud in the UK rose to £479 million in 2020, as criminals used the Covid-19 pandemic to target people online.

The introduction of a Contingent Reimbursement Model (CRM) has seen some victims getting their money back, but consumer groups says the implementation of the code by banks is patchy at best, with many customers left holding the bag.

The PSR is proposing that banks publish their APP scam data, including reimbursement and repatriation levels, and adopt a standardised approach to sharing data which will help identify these scams in the first place. It also suggests making reimbursements mandatory at a minimum standard by changing payment system rules.

Chris Hemsley, managing director of the PSR says: "We want to make it harder to commit these devastating crimes and also see victims properly protected.

"In this call for views, we set out a suite of measures that could have a significant impact on both reducing fraud and improving the protections for everyone."

In addition to APP scams protections, the PSR is also looking at the levels of protection available to consumers when they make an account-to-account payment using a smartphone app or online banking.

Says Hemsley: "We want to understand what protections our banks and building societies should have in place and how we can support this emerging payment method for everyone’s benefit."

After two months collating responses, the call for views closes at 5pm today.

Comments: (2)

Andrew Smith
Andrew Smith - RTGS & ClearBank - London 09 April, 2021, 09:47Be the first to give this comment the thumbs up 0 likes

If we want to make it harder we need to move to a verified identity paying another verified identity, not rely on "name of account holder" and a good old meaningless sort code and acc. Only then will we be able to cryptographically ensure people are paying who they actually believe they are paying.

A Finextra member
A Finextra member 13 April, 2021, 10:231 like 1 like

Faster payments, API:s, open banking, the internet and its poor identification options, have created the rocket fuel for push payment fraud and this is strengthened as we speak by the request to pay boom. The demand for "frictionless payment" is the main root cause for fraud in A2A and the "fintechs" are catalysts in the development. Unlike card schemes, the A2A does not have any good "merchant onboarding" rules and liability shipf on payee bank and also lacks charge-back options due to the legal requirement of "finality" of A2A. Politicians have pushed regulators into this due to the objective to bash banks by giving payment access to un-regulated "fintechs" and attempt to shoot down the "american card schemes" without consideration of the effects on opening the flood gates for organized crime.