Rights Group: APP Bank Fraud Cost Consumers £1bn

Financial institutions could have prevented hundreds of millions of pounds worth of fraud over the past three years by implementing a simple payee-checking service online, a consumer rights group has claimed.

Which? estimates that £1.1 billion has been lost to bank transfer fraud since 2017. In these cases, a scammer posing as a trusted entity tricks the victim to transfer money to a bank account under their control — known as “authorized push payment” (APP) fraud.

Because the victim has technically initiated the payment, up until recently they have had no way to claim these funds back.

However, things are changing: most UK bank users now receive a warning notice when making payments online, reminding them to check the details of any payee.

This is to be followed by a new Confirmation of Payee (CoP) initiative, whereby customers will receive a pop-up warning if the name of the payee doesn’t match the bank account details entered by the customer.

However, Which? is frustrated by the glacial pace of its implementation, with the system originally meant to go live in July 2019. It is now slated for March 31, 2020, but not all lenders will be forced to implement it.

“Only the six largest banking groups are being forced to sign up to CoP and there is even a chance that some won’t meet the new deadline,” it said.

The consumer rights group claimed that as much as £320 million in bank transfer fraud could have been prevented if such a system were put in place back in 2017. It should be noted that UK Finance estimates APP fraud at £354 million in 2018, the most recent year for which figures are available.

“This month will be decisive in demonstrating how well the industry is equipped to tackle the issue. It is vital for all banks to commit to basic name-check security, and the whole industry should sign up and follow through on the protections offered by the scams code,” argued Gareth Shaw, head of money at Which?

“If the banks fall short of making these commitments themselves, the government must step in and ensure these schemes are made mandatory. Anything less would be a betrayal of millions of people at risk of falling victim to increasingly sophisticated fraudsters.”

What’s Hot on Infosecurity Magazine?