News and resources on cyber and physical threats to banks and fintechs worldwide.
APP fraud victims to get mandatory reimbursement rights under new PSR rules

APP fraud victims to get mandatory reimbursement rights under new PSR rules

Victim of authorised push payment fraud will soon be entitled to full reimbursement under new proposals drawn up the Payment Systems Regulator.

Currently, over three quarters of bank customers have failed to win reimbursements from banks after falling victim to APP fraud, despite a voluntary code of practice that promises refunds in 'no blame' cases.

The latest proposals from the PSR would put mandatory reimbursement "in all but excetional circumstances" in place for all online and mobile payments. The watchdog also wants banks to improve the level of protection for APP scam victims and incentivise banks and building societies to prevent APP scams.

The PSR says it wants to see the requirements for mandatory reimbursement in place for consumers "as soon as possible", although this awaits the p[assing of legislative changes under the Government's Financial Services and Markets Bill.

Chris Hemsley, managing director at the PSR states: “Fraudsters have continued to devastate the lives of innocent victims through APP scams. We want to see all banks, building societies and other payment providers doing more to prevent APP scams from occurring in the first place. These proposals will mean everyone has more protection from scams. Our proposed rules will see everyone benefitting from strong protections, regardless of who they bank with.”

Comments: (2)

Jeremy Light
Jeremy Light - Fourdotzero - London 29 September, 2022, 20:211 like 1 like

This measure fails to get to the root of the problem which is banks struggling to detect the accounts fraudsters use to collect fraud and divert funds and then failing to block onward transmission of the funds. It's baffling why so little is said or done about this and whether some banks are worse than others at managing it (which fraud stats suggest is the case).

Reimbursement for victims is necessary and a good optic to show action is being taken but it will have no direct impact on fraudsters - it might even lead to APP reimbursement fraud.

Michael Fuller
Michael Fuller - None - London 30 September, 2022, 07:041 like 1 like

Faster Payment participation, either direct or indirect should be conditional on providing an up to standard Confirmation of Payee service.

Paying anyone who fails the CoP check could then at least be the 'exceptional circumstance' where reimbursement is not made.

PayUK real-time transaction monitoring to identify accounts with non standard activity linked to an enhanced CoP validation warning informed by that unusual activity would help.

As with safeguarding children, Data Protection should never a barrier to sharing data and concerns between banks/PayUK about individuals, to protect the vulnerable. Banking confidentiality needs to move with the times. Confirming the standing of your customer was never something that banks didn't do although Bank references became meaningless due to the fact that Banks didn't know much about the standing of their customers who had become just numbers to them. 'References' for payees need to go real-time (based on account data) and payment system design needs to incorporate fraud prevention as well as speed and messaging standards.

All elements of the transaction, not just the remitter, have a responsibility and a part to play to prevent the billions being lost to financial crime whether reimbursed or not.