Authorised Push Payment (APP) scams resulted in £354m worth of losses last year, with only £83m being refunded back to customers, according to trade body UK Finance.
APP scams occur when a fraudster tricks you into authorising a payment to their account. They will often do this by convincing you they are someone else – perhaps a company you have done business with before, a friend or even a solicitor (some victims have even lost house deposits this way). Alternatively, they could be someone trying to sell fake products (e.g. tickets to concerts which have sold out).
Until now, it has been almost impossible for victims to claim reimbursement from their bank, unless there was a clear fault in the way the bank handled the payment.
This guide will explain all the different ways you are now protected against authorised push payment scams.
As of 28th May 2019, a new voluntary code for banks has been introduced by The Authorised Push Payments Scam Steering Group (established by the Payment Systems Regulator in 2018). Eight major financial providers (representing 17 brands) – Barclays, HSBC, Lloyds, Metro Bank, Nationwide, RBS, Santander and Starling Bank – have already committed to implementing the new code immediately.
|Payment Service Provider||Brand|
|Lloyds Banking Group||Lloyds Bank
Bank of Scotland
|Metro Bank||Metro Bank|
|RBS||Royal Bank of Scotland
|Starling Bank||Starling Bank|
As soon as you realise you have been a victim of an authorised push payment scam, you need to report it to your bank as normal – the quicker you do this, the better.
Under the new code, banks will have a new set of criteria to assess whether a customer is eligible to have their money reimbursed. Previously, banks would only refund the customer if there was an obvious fault in the way the bank handled the transaction. Now, any customer who has been defrauded in this way and has taken reasonable care, or has any element of vulnerability, should be reimbursed under the new scheme.
As it stands currently, the financial providers involved have established a ‘central pot’ of money which can be withdrawn from by the banks to refund victims in cases where neither the customer or the bank are to blame. A long-term funding solution for this is currently in the works and should be established in early 2020.
It has been said that a decision as to whether a customer should be reimbursed will be made within three weeks of receiving the report. This could take up to seven weeks for complicated cases and, if the case is disputed and goes to the Financial Ombudsman Service, it could take much longer (an exact amount of time for this has not currently been stated).
Anyone who has been a victim of an APP scam before 28th May 2019, when the code was introduced, won’t be able to have their case reconsidered under the new rules as they will not be applied retrospectively.
Also, any customer that the bank decides has been ‘grossly negligent’ and hasn’t taken the appropriate levels of care towards their own safety will not be reimbursed.
Customers of any bank who has not signed up to the code, currently including Co-op bank and Virgin, will also not be protected. These banks, however, have said they may sign up in the future.
A new system called ‘confirmation of payee’, developed by Pay.UK, is due to be implemented next year as another level of protection against authorised push payment scams.
When you make an electronic payment, you give your bank the sort code, account number and name of the person or business you want to pay. Currently, only the sort code and account number are used to determine where the money is being sent and banks are not able to check the account holder’s name.
Under the new ‘confirmation of payee’ rules, the name you provide will be checked against the name on the account you are sending money to. This will be checked by the recipient’s bank who holds this information. When you try to make a payment, you will be given one of three answers:
At the moment, confirmation of payee is being focused on protecting ‘push payment’ transactions, which are payments that you initiate and authorise from your account, such as one-off bank transfers and some standing order payments. Payments like direct debits are not included under the scheme at the moment but may be in the future.
Confirmation of payee adds another hurdle for fraudsters to overcome. You will receive an alert if the names don’t match which gives you the opportunity to cancel the transaction before the payment is made if you are concerned you are sending money to the wrong account.
If you received a ‘yes’ that the names match before you proceed with the transaction, then it later transpires that the payment was in fact made to a fraudster, you will have proof that you acted with care and responsibility so will be much more likely to get your money back.
TSB have taken their customers’ protection against scams to another level by introducing their ‘refund guarantee’ earlier this year. In April 2018, TSB suffered an IT meltdown which left millions of customers unable to access their money or log in to their online banking accounts. The announcement of the new guarantee forms part of TSB’s mission to rebuild their image with Chief Executive, Richard Meddings, saying this is about “giving peace of mind to our customers and doing the right thing.”
The refund guarantee will protect victims against all types of financial fraud, even when the payment was authorised by the customer or an “honest mistake” was made. Basically, if you’re an innocent victim of fraud, even if you clicked on something you shouldn’t or shared personal information without thinking, you will be compensated by the bank.
TSB say that you should report the fraud as soon as possible after you become aware of it. They will investigate the claim quickly and refund the money as soon as possible. They will also provide you with any suitable advice to make sure you don’t fall for the same scam again and may help you in resetting your log-in details.
Claims against this guarantee will be capped at £1,000,000.
TSB will not refund customers if they were involved in committing fraud in any way – as you’d expect. Customers that abuse the guarantee, for example by repeatedly ignoring safety, will also be unlikely to gain compensation. Any cases where a decision was reached on reimbursement before 14th April 2019, when the guarantee was implemented, will not be able to have their case overturned under the new rules as they have not bee applied retrospectively.
Scammers will often make contact through phishing emails, and gain the valuable information they need to defraud their victims through hacking email accounts.
Once they have access to an email account, they will often be able to find information about the companies and organisations you do business with or anything currently going on which may require payments to be made.
Find it useful? Please share!
Find it useful? Please share!
Last updated: 23 January 2020 | © KIS Bridging Loans 2020 |