/regulation & compliance

News and resources on regulation, compliance, legal and governance issues for banks and fintechs.

PSR enforces "step-change" in reimbursement rules for APP fraud victims

The UK's Payment Systems Regulator has confirmed plans to improve protections for victims of authorised push payments (APP) fraud will come into force in October 2024.

5 comments

PSR enforces "step-change" in reimbursement rules for APP fraud victims

Editorial

This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community.

In what it describes as a "step-change" in fraud protection that will see the vast majority of money lost to APP frauds reimbursed to victims, the watchdog has set a £415,000 maximum reimbursement level. Sending payment firms can - but do not have to - apply a claim excess of up to £100 if they choose to. This does not include claims made by vulnerable consumers.

Meanwhile, the cost of reimbursement will be split 50:50 between sending and receiving firms - putting incentives in at the receiving end for the first time

APP fraud has quickly become one of the most significant types of fraud in the UK, with losses totalling nearly £500 million in the last year. Consumer groups and politicians have been clamouring for banks to tackle a growing epidemic and to speed up the process of reimbursement for blameless victims.

Under the new rules, most APP fraud victims will be reimbursed within five business days and additional protections will be offered for vulnerable customers.

The PSR stresses that "consumers still need to take care when making payments" but "the onus will be on the bank to prove that they acted with gross negligence".

Chris Hemsley, managing director, PSR, says: "Our approach incentivises banks and other payment firms to prevent APP fraud from happening in the first place while ensuring victims are protected in a consistent way."

A Pay.UK spokesperson says: “We welcome the publication of the PSR’s finalised legal instruments for the APP reimbursement regime which place requirements on payment service providers to reimburse victims of APP fraud. We are playing our part, as directed by the PSR, in implementing the regime next year.

Sponsored [New Impact Study] Microservices Architecture: Future-Proofing Payments Technology

Comments: (5)

Andrew Smith

Andrew Smith Founding CTO at RTGS & ClearBank

I have spoken about making the receiving firm pay the compensation for a long time now. Moving to 50:50 is a good step change, but I still maintain that the receiving firm needs to be held more accountable - after all it has received the funds and it is holding those funds in many cases. It also ensures the level of monitoring on receipts is improved, which not only helps fraud, but also various other aspects of financial crime. 

The real step change though is when we finally stop making push payments based on account numbers, rather we make them based on a verifiable identity  - CoP helps, but its a sticky plaster over the bigger issue.

A Finextra member 

Now taking bets on the multiple increase in APP fraud once this comes in. 🧐 The biggest winners will be the criminals that will exploit this new (ill thought out) rule. The sensible thing to do by all FI’s to ignore the whole concept of FP and delay all payments - great move PSR, you have demonstrated how out of touch you have become.

A Finextra member 

The rule should be that the "finality of payment" rule is revoked for APP fraud and monies are returned to payer. Why should the banks take the blow if the monies still are on fraudster´s or the goal-keeper´s accounts? Banks should take the compensation only if the monies cannot be charged back all the way. The practice that banks pay up incentivise fraudsters to keep up the game. It is like a burglar defending the action by that "the stolen goods are being compensated by the home insurance anyway and therefore no victims". Furthermore there needs to be a deductible. 

Ketharaman Swaminathan

Ketharaman Swaminathan Founder and CEO at GTM360 Marketing Solutions

Banks will thank regulators / PSR for giving them the chance to delay payments and earn float income under the pretense that they're "carrying out extra due diligence on the authenticity of the payment".

PayPal, Visa and MasterCard will thank regulators / PSR for giving banks the opportunity to deflect ecommerce payments from A2A to PayPal and credit card modes under the pretense that PayPal and credit card provide greater scam / fraud protection, as Santander has already started doing (Source: Finextra). 

Like most Drunk Under Lamp Post regulation, this one is also likely to have unintended - but highly predictable - consequences that will vitiate the basic purpose of the regulation.

Ketharaman Swaminathan

Ketharaman Swaminathan Founder and CEO at GTM360 Marketing Solutions

@Finextra Member @ 10:37 +1.

That's what Zelle has done in USA: Changed an otherwise irrevocable method of payment to revocable in the event of APP Scam. Makes sense.

I see no reason why bank shareholders should pay the price for negligence of payors and / or populist Drunk Under Lamp Post regulation by government trying to curry favor with vote bank. 

[Webinar] Automated Testing: The road to Evergreen ComplianceFinextra Promoted[Webinar] Automated Testing: The road to Evergreen Compliance