The UK’s high street banks have been called out for “shockingly low” reimbursement rates for Authorized Push Payment (APP) fraud.
APP fraud is an increasingly popular type of scam in which the fraudster — posing as a trusted entity such as a family member or business — tricks the victim into transferring money to a bank account under their control. It cost an estimated £479m in 2020.
Until a voluntary banking code of conduct was recently introduced, victims had no course to reclaim funds because they technically initiated the payment.
When the code was rolled out 14 months ago — in combination with pop-up warnings online if payee names and account details don’t match — it was hoped things would change.
However, that doesn’t appear to have been the case, according to consumer rights group Which?.
“Banks found victims at least partly responsible for their losses in 77% of cases assessed in the first 14 months of the code. Two banks found the customer fully liable in more than nine in 10 decisions,” it noted, citing official figures.
“Financial Ombudsman Service (FOS) data indicates that banks are getting most of these decisions wrong: 73% of complaints about APP fraud were upheld in favour of consumers in 2020-21.”
Which? argued that scammers have an increasingly formidable array of tools and techniques at their disposal to trick victims into making payments. These include number spoofing, hijacking email accounts via phishing, SIM swap fraud and more.
Banks are taking too long to adjudicate in fraud cases, and their final decisions lack consistency, making reimbursement a “lottery,” the group said.
“The Payment Systems Regulator (PSR) is due to make an announcement imminently on how to improve consumer protections against APP fraud – and Which is calling for strong and urgent action from the regulator to ensure that banks do more to protect consumers, and treat victims fairly and consistently,” it concluded.
“Instead of continuing to pursue another version of a code, we believe the right option to address the serious shortcomings of bank transfer scam protections is for the PSR to introduce mandatory consumer protections across all payment providers, including a reimbursement obligation.”
Eset cybersecurity specialist, Jake Moore, argued that consumers must also get more cyber-savvy.
“Scammers often use fear, scarcity or credibility as a way to socially engineering their prey into following simple orders,” he added. “However, people must question the motive at all times and err on the side of caution with any call or text before they move any money or hand over sensitive information.”