At a glance
- The UK’s pioneering APP fraud reimbursement regulation, which takes effect in October this year, is being watched internationally
- The UK’s Payment Systems Regulator has published the final details of the regulation, and is encouraging banks to begin reimbursing fraud immediately
- The PSR aims to ensure incentives are in place for the payments industry to invest in robust detection and prevention systems
The UK’s Payment Systems Regulator (PSR) says international banking bodies in countries including Australia and EU states are monitoring the UK’s pioneering consumer protection regulation covering authorised push payment (APP) fraud. The regulator says the UK is leading the charge globally in tackling the problem.
The PSR’s regulation, which comes into effect on October 7 this year, will enforce an upper claim limit of £415,000 for APP fraud compensation, matching the upper limit of the Financial Ombudsman Service. All UK banks are preparing for the new requirement, according to the regulator, with TSB already reimbursing 91% APP fraud losses by monetary value and 94% of all such cases.
TSB introduced its own fraud refund guarantee in April 2019, pledging to refund all innocent victims of fraud. “We took this distinct approach because we recognised that fraud has become increasingly complex and difficult to spot and more customers were losing money due to the sophistication and sheer number of frauds that they faced,” a bank spokesperson says.
According to the PSR, payments resulting from APP fraud represented less than 0.1% of overall Faster Payments volumes in 2022, but Faster Payments were used for 98% of APP fraud payments. The contingent reimbursement model was introduced by the PSR in 2018 when banks were able to sign up voluntarily to be members of the code that protected APP scam victims.
“The PSR has always been clear that more needs to be done to provide a consistent level of protection to victims of APP scams,” says Claire Simpson, senior manager at the PSR. “In 2023, we worked with the UK Treasury on applicable elements of the financial services and markets bill. This removed some provisions in the law that had, until then, prevented us from making reimbursement mandatory. This meant that we were able to confirm our plans in June last year and we set about consulting on different measures.”
Under the regulations coming into force in October, there will be a claim excess of up to £100 that banks may choose to deduct from any reimbursement, although this excludes claims made by “vulnerable customers”.
The PSR claims its recently published final decisions strike “the right balance between encouraging people to be careful while making sure there are high levels of protection, particularly for those who lose large sums of money to APP fraud”.
Last month, the PSR published final details on APP fraud consumer protection regulation, which explained how this will work in practice, including its decision that industry rules needed to change to require all firms to offer protection to all customers.
Ms Simpson stresses the importance of making sure the right incentives are in place to detect and prevent APP scams from happening because she says there is mounting evidence of “much more” such activity from payment companies. “We’re splitting liability between the sending and receiving firms to make sure there are the right incentives within these firms to invest in strong detection and prevention systems to prevent these crimes from being perpetrated in the first place,” she says.
“We’re taking a realistic approach for the effective implementation of these measures, while also being very mindful of the fact that we want protection for consumers to be delivered as quickly as possible in the most efficient way.”
While the requirement comes into effect on October 7, 2024, there is nothing stopping banks from doing the right thing now and reimbursing victims of APP fraud, she says.
The regulator also wishes to make it simpler for people to understand the manner in which their bank, building society or other payment firm responds to APP scams, she says. “Last October we published the first set of data, which broke APP fraud down on a bank-by-bank basis. Now every bank is required to advertise that information on their website to enable consumers to see how well they’re dealing with APP fraud. We will continue to publish that report on an annual basis.
“But we also think it’s important people can understand how an APP fraud may begin, so we will adapt our reporting to also include origination of fraud data, such as whether the fraud started from social media, or through telecommunications activity.
“We’re the first country to be taking such measures, so there has been a lot of interest in our plans. For example, we’ve been having conversations with Australia about what we’ve learned and how we are moving things forward. Inevitably, what works in the UK may not be the same as in other places and it’s down to those international jurisdictions to find the right path for themselves.”
