Latest news with #PaymentSystemsRegulator
Telegraph
2 hours ago
- Business
- Telegraph
Why banks may no longer refund fraud victims
Lenders are lobbying for new fraud reimbursement rules to be watered down over fears scam victims are being told to lie to their banks. Since last October, companies which handle payments have been required to give victims of 'Authorised Push Payment' (APP) fraud their money back, up to a limit of £85,000. In the first three months, 86pc of money lost to the scams – approximately £27m – was reimbursed to consumers by 60 firms. The current rules mean that, other than a £100 'excess' which firms can remove from payments, the only reasons that customers can be denied a payout are if they've ignored warnings, failed to quickly notify their bank of the fraud, refused to share information about the scam or do not consent to a police report being made. But in meetings in May, banks demanded that requirements for victims to act reasonably – and not to lie to their bank – were made stronger. This would mean that customers could be denied refunds in more cases. The Payment Systems Regulator (PSR) will hold an independent review of the mandatory scheme in October, and will then recommend changes. Problems raised include the high reimbursement limit, compliance monitoring by which administers the scheme, and the limited number of exemptions for refusing payouts. Lenders also said they should be able to give clear warnings about lying to them, as victims are often guided to do by fraudsters. One bank told industry magazine The Banker that: 'The [consumer negligence] bar is set so high that in almost all these cases a customer can be incredibly reckless, can lie to their bank, can ignore warnings and still get their money back.' Riccardo Tordera, director of policy and government relations at The Payments Association (TPA), said: 'The PSR says just 2pc of claims are rejected on this basis yet acknowledges no clear shift in consumer behaviour. 'Meanwhile, the Financial Ombudsman Service and the PSR both apply a stricter definition of gross negligence than common law, which could make enforcement of reimbursement policies challenging in a British court.' Under the previous voluntary code – called the Contingent Reimbursement Model (CRM) – customers could be refused for ignoring warnings or failing to verify the payee. Now the test is much stricter. Reimbursement numbers never jumped above 75pc under the old scheme – compared to 86pc for the mandatory payouts. APP scams see victims convinced to move their money themselves, eventually into a 'safe' account controlled by the fraudsters, at which point it is lost. Ticket sale scams, such as those experienced by Oasis and Taylor Swift fans, are also considered APP frauds. At first glance, the implementation has gone well. The amount lost in APP frauds dropped by 2pc between 2023 and 2024, according to UK Finance, and the number of cases fell by a fifth. But £450.7m was still lost to fraudsters last year. But the scheme has not been without its critics. Before the scheme was implemented, some parts of the industry warned of the potential problems of moral hazard – which is when consumers are incentivised to lie – and that fraudsters would pose as victims. This, it was claimed, would drive a significant spike in claims. But these fears have not materialised. Originally, the reimbursement limit was set to £415,000 – with firms expected to pay out just days after claims were made. But lobbying saw the limit dropped to £85,000, the same as the Financial Services Compensation Scheme (FSCS), which protects money deposited with banks. Smaller and medium-sized payment companies had said that one large claim could wipe them out. David Geale, managing director of the Payment Services Regulator (PSR), which is responsible for the scheme, said in May that: 'While it is too early to draw firm conclusions based on the period covered by this data, we have not seen evidence of spikes in claim volumes that some had feared would occur under the policy.' Before the scheme was introduced, there was a voluntary code which most of the major banks were signed up to, run by the Lending Standards Board. Sources at the LSB said last year, before reimbursement was mandatory, that they had not seen fraudulent claims. Rocio Concha, director of policy and advocacy at Which?, said: 'Based on the available data from the PSR, the new mandatory scheme appears to be performing well, with more fraud victims getting their money back. 'Sections of the industry had tried – without producing any evidence – to claim that mandatory reimbursement would lead to consumers acting irresponsibly or even teaming up with criminals to con banks out of cash. This seemed ludicrous at the time and initial insights have borne that out.' Ms Concha added that while the number of cases were down, there was another worrying trend. She said: 'Latest industry figures suggest more victims are being tricked into sending money to bank accounts overseas controlled by fraudsters. That is concerning as these transfers aren't covered by the new mandatory reimbursement rules.' A spokesman for the PSR said: 'We have always been clear that we would have an independent review following the implementation of the policy. 'If we think there are key learnings or adjustments to make to our policy, we will consider those carefully before making any changes.'
Daily Mail
27-05-2025
- Business
- Daily Mail
How £1.1bn was lost to fraud in 2024 as purchase scams soar
Fraud continues to blight the nation with more than £1billion stolen by criminals in 2024 for the second year in a row, according to new figures from UK Finance. Britons lost £1.17billion to fraud last year, a figure which remains at similar levels to 2023 when £1.2billion was stolen. UK Finance divides fraud into two categories: authorised and unauthorised. Authorised fraud is when someone is tricked into paying money to a scammer's account, or handing over a password. In other words, they take some kind of action or volunteer information which makes the fraud possible. Unauthorised fraud refers to cases where the victim is not directly involved, for example purchases being made on a stolen credit card - this type of activity jumped last year. When this happens, banks and credit card companies are legally obliged to protect them from losses. But within the last year they have also had to reimburse victims of authorised fraud. In October 2024 the Payment Systems Regulator (PSR) introduced new reimbursement rules for APP scam victims. In total, £267.1million of APP fraud was reimbursed to victims by banks in 2024, around 59 per cent of all money stolen from APP fraud. When the new rules came into force on 7 October 2024, within first three months of the rules being in place 86 per cent of money stolen through APP fraud was returned to victims. Unauthorised fraud makes up bulk of fraud losses Within the total figure of £1.2billion, unauthorised fraud losses reached £722million in 2024, up 2 per cent on to 2023. While cases of unauthorised reports climbed to 3.13million in 2024, up 14 per cent on 2023. UK Finance said the rise in cases and losses was due to a jump in remote purchase fraud, a trend which had been falling in recent years. In this type of fraud, criminals use stolen card details to buy something on the internet, over the phone or through mail order. Overall, remote purchase fraud case numbers increased 22 per cent to nearly 2.6million, and losses increased 11 per cent to just under £400million. Card ID theft - which involves stealing personal details - saw cases and losses drop after a spike in 2023. Losses fell 26 per cent to £58.7million, with case volumes falling 23 per cent to just over 109,000. Contactless card fraud losses fell by one per cent - the first time a reduction has been reported for this category since 2020. Remote banking losses also fell by seven per cent, with cases dropping by 17 per cent. Banks stopped £1.45billion of unauthorised fraud losses in their tracks through impletmenting advanced security systems. Yet Santander's fraud boss said Chris Ainsley said £1billion being lost to fraud in 2024 was 'a real let down'. He said: 'while banks prevented that figure more than doubling by the amount of unauthorised fraud they stopped; it is yet another clear sign that we need significantly more cross industry collaboration to put the brakes on this harrowing crime.' APP fraud cases ease to lowest level since 2020 APP fraud losses dropped in 2024, falling two per cent to £450.7million. The number of APP fraud cases fell by 20 per cent to under 186,000 - the lowest figure since 2020. UK Finance said the drop was driven by banks investing in technology that can identify and flag fraudulent activity and raising awareness of scams among customer. Investment fraud - when a criminal convinces their victim to move their money to a fictitious fund or to pay for a fake investment - was responsible for the most APP fraud losses. Some £144.4 million was stolen through this type of fraud in 2024, an increase of 34 per cent from 2023, despite a 24 per cent reduction in cases. Purchase scams, when a victim pays in advance for goods or services that never arrive, continues to be the most common type of authorised fraud. Purchase scam losses rose by one per cent to £87.1 million, though case numbers fell 16 per cent. The number of impersonation scams, where criminals impersonate a bank or the police and convince someone to transfer money, fell again in 2024 with losses and case numbers dropping 16 per cent and 32 per cent respectively. There was an uptick in international payments made as part of APP fraud, with criminals likely trying to get people to send money outside of the UK. International payments accounted for 11 per cent of APP losses in 2024, up from 6 per cent in 2023. The report found that 70 per cent of of authorised push payment cases started online - for example on a website or social media, and 16 per cent emerged through telecoms networks. Fraud remains 'chronically unreported' Under reporting of fraud remains a problem when it comes to fraud prevention. One in seven are exposed to potentially fraudulent suspicious emails every day. Yet 43 per cent of people wouldn't report fraud if they were the victim or witnessed it, research from Nationwide found. Nationwide fraud boss Jim Winters says: 'While it's positive to see authorised push payment cases coming down following regulatory changes and investment in technology, fraud related crimes remain chronically unreported.'
The Independent
15-05-2025
- Business
- The Independent
‘High proportion' of APP scam victims getting their money back under new rules
A 'high proportion' of scam victims are getting their money back since new mandatory fraud reimbursement rules were launched last October, according to the regulator overseeing the policy. The rules, overseen by the Payment Systems Regulator (PSR), require banks to give people their money back when they have been tricked into transferring it to criminals. An authorised push payment (APP) reimbursement limit of £85,000 has been applied under the rules, although banks can choose to go further than this and repay higher amounts. Posting a 'snapshot' of what the regulator has seen so far, its managing director David Geale said on the PSR's website: 'We are pleased with what we've seen in the data and heard from stakeholders in the first few months, which demonstrates that the policy has been successfully implemented – and more consumers have been protected. 'This is testament to the efforts of industry to deliver the best outcomes for victims of APP scams and work with us to resolve any issues.' Under the new code, reimbursement costs are split between the sending and receiving banks – giving the receiving firm an added incentive to stop the scam happening in the first place. Mr Geale said: 'A high proportion of APP scam victims are being reimbursed consistently across a larger number of PSPs (payment service providers). 'And while it is too early to draw firm conclusions based on the period covered by this data, we have not seen evidence of spikes in claim volumes that some had feared would occur under the policy. 'Additionally, now that both parties in the payment journey (the sending PSP and the receiving PSP) share the cost of reimbursing victims, there is a much stronger incentive for all PSPs to prevent APP scams from occurring in the first place. 'We are pleased to see PSPs starting to collaborate more in the effort to fight this fraud.' Looking at compliance data reported by payment service providers, the regulator said that in the first three months of the initiative, 86% of money lost to APP scams was returned to victims, totalling around £27 million. The regulator said it is not possible to make direct comparisons with data from before its policy due to methodology changes, however 'we note that reimbursement for consumers in 2023 was 68% (by value), as per UK Finance's annual fraud report 2024 data'. Before the mandatory rules came into force, many banks had signed up to a voluntary reimbursement agreement. However, consumer campaigners raised concerns about banks not applying this consistently. The PSR said that before the policy went live, some organisations were concerned that there would be a sharp rise in the number of APP scam claims. But, on its website, it said: 'We have seen no evidence of any increase to date.' However, claim volumes 'have steadily increased each month and we expect this to continue in the short to medium term as victims become more aware of the policy,' according to the PSR. Firms can opt to apply an excess of up to £100 when reimbursing customers, but this cannot be applied to vulnerable customers. Some firms have waived the excess. Some APP fraud victims may also be refused reimbursement if they are deemed to have been 'grossly negligent'. The PSR's website said: 'Just 2% of total claims were rejected because the consumer standard of caution has not been met. We also heard from industry stakeholders that they did not see a significant shift in customer behaviour as a result of the policy. 'However, we are seeing differences in how frequently firms are applying the exemptions. This is backed up in the data we are seeing: only 23% of firms that received a claim in the period used this exception as a reason for rejecting reimbursement. 'We're working with firms and other stakeholders, including the Financial Ombudsman Service, and will keep under review whether more clarity is needed on when this exception should be applied.' Rocio Concha, Which? director of policy and advocacy, said: 'Which? campaigned for years to make reimbursement mandatory, so it's encouraging to see that the new rules appear to be having a positive impact, with more APP scam victims getting their money back and a more consistent approach from banks and payment providers.'
Finextra
08-05-2025
- Business
- Finextra
FCA appoints David Geale executive director, payments and digital finance
The FCA has appointed David Geale as permanent executive director for payments and digital finance, and managing director of the Payment Systems Regulator (PSR). 0 This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author. In his role David will be responsible for helping to deliver the National Payments Vision and driving the FCA's work on open banking and digital finance. David will also play a key role in the work to consolidate the PSR into the FCA, as announced by the Government in March. He will also be responsible for supervising payments and cryptoasset firms under the recently announced regime. Aidene Walsh, chair of the PSR said: 'David has played a key role in fostering greater alignment and strengthening the relationship between the FCA and the PSR. This will be increasingly important as we move towards consolidation while at the same time continuing to deliver the important work that the PSR does, including on APP fraud and card processing fees.' Nikhil Rathi, Chief Executive of the FCA said: 'David brings a wealth of experience that will be vital as we deliver the National Payments Vision as well as unlocking the potential that open finance and open banking can bring.' David Geale said: 'I'm delighted to be taking on this new role at such an important and exciting time for both organisations, and the payments sector as a whole. I look forward to working with colleagues, consumer groups and the wider industry as we take the next steps in our work.' David was previously director of retail banking at the FCA. He has worked at the FCA and its predecessor, the FSA, for more than 20 years, carrying out a number of roles in policy and supervision. He was involved in leading and delivering policies such as the Retail Distribution Review and policy changes during the UK's exit from the European Union. More recently, David has led the FCA's work on developing a regime for cryptoassets as well as savings rates and reforming the mortgage market as set out in the FCA's letter to the Prime Minister on growth. David has been acting as the managing director of the PSR since June 2024. Following David's appointment, Emad Aladhal has been appointed permanent director of retail banking with Andrea Bowe becoming permanent director, specialist directorate. Both have been carrying out the roles on an interim basis. Background Details of the consolidation of the PSR can be found hereLink is external . Prior to being interim director of retail banking, Emad was director of the FCA's specialist directorate, which included financial crime, Office for Professional Body Anti-Money Laundering Supervision (OPBAS), financial resilience, client assets, resolution and insolvency, and technology, resilience and cyber. Emad previously co-led the FCA's strategy commitment on reducing and preventing financial crime, and is now part of the director team on helping consumers. Prior to re-joining the FCA in 2017, Emad was a compliance director at a top-tier investment bank, and has prior extensive experience as a regulatory consultant, where he has advised on various aspects of regulation, which included advising on the UK administration of a failed large investment bank during the last financial crisis. Andrea has spent the last 18 years at the FCA, including 14 years in FCA enforcement and advancing to influential positions, including chief of staff to Nikhil Rathi, Chief Executive. Andrea led Nikhil's transition into the FCA and subsequently co-led the FCA's ambitious transformation programme. During this time, she was also interim director of FCA communications. In her current role as director of the specialist directorate in supervision, policy and competition, she has responsibility for prudential policy, standards and supervision, cyber and operational resilience, client assets, resolution and insolvency and financial crime, fraud and OPBAS. She co-leads the FCA's current 5-year strategy commitment to fighting financial crime, contributing to the UK's national Economic Crime Plan and Fraud Strategy. She is chair of the International Organisation of Securities Commission's (E)MMoU Monitoring Group and Monitoring Steering Committee, responsible for monitoring the operation of, and compliance with, the (E)MMoU, including decision making on disputes and matters of non-compliance.
NZ Herald
04-05-2025
- Business
- NZ Herald
Banking on blame: Scam reforms too little, too late
Then there's the issue of having to prove banks didn't fulfil their commitments - a further hurdle for those already out of pocket. Worse still, victims must also prove they took 'reasonable care' - unlike the UK, where only 'gross negligence' bars reimbursement. In short, we're miles behind international best practice. Hell hath no fury like a scammed woman scorned For me, the issue hits a nerve. Last year, I fell victim to a phishing scam involving a hideous toaster, Facebook Marketplace, and a convincing copycat online-banking website. Plugging in my details to get the appliance-of-hell to be delivered resulted in a loss of $12,500 two days later, as well as my sanity and appreciation for New Zealand music. Fun fact: I recently learned those 'recording for training purposes' disclaimers can include your time on hold. Swearing into a phone to the dulcet tones of Brooke Fraser is, in fact, on the record. Long story short: because I 'consented' to what's known as an Authorised Push Payment (APP), the bank's seldom-read T&Cs could mean I could lose my savings, period. Yet, notifications of the activity for the two-day lag were few and far between. Should the payments have been frozen, delayed, or blocked? I was fresh out of luck. After two weeks of gun-blazing emails, 40-odd phone calls, and a seven-page brief, I was incredibly fortunate to receive a full ex gratia payment. For those who lost $200 million to scams last year, the line between informed consent and deception seems fickle and arbitrary at best. What's more, scamming is on the rise, with latest crime and victim survey data suggesting 11% of adults experienced fraud or cybercrime for the year ending October 2024. The rate was 7.7% in 2018. Only 10% of last year's victims reported the events to the police. A patchwork of protection Enter the Banking Ombudsman Scheme (BOS), which offers a dispute resolution service between banks and customers. Last year, it saw record numbers of complaints. Scams accounted for 45% of complaints, with victims losing an average of $80,174 - up from $57,000 the previous year. Of the 3704 complaints received, only 5.6% were formally investigated, although 94% were resolved through the scheme's early resolution service. But here's the kicker: the BOS decisions are final, with no right of appeal. Equally, it can only investigate complaints involving losses of up to $500,000 and only from member banks. That leaves overseas banks, fintech apps, telcos, and Big Tech effectively unaccountable. Lagging behind Further afield, the UK tried - and failed - to introduce a voluntary reimbursement scheme for APP scams in 2019 through the Contingent Reimbursement Model Code. Citing patchy uptake and inconsistent application, parliament pulled rank and created the Payment Systems Regulator. This was after the UK Supreme Court ruled in favour of the banks back in 2023. In the landmark case of Phillip v Barclays, the Supreme Court overturned the UK Court of Appeal's decision, which found the bank owed a scam victim a duty not to carry out their payment instructions if there were reasonable grounds to believe they were being defrauded. The Supreme Court said the court's job was to interpret the contractual arrangements between the two parties. Ultimately, the victim instructed the bank to complete the fraudulent transaction, end of story. Large-scale policy decisions about the 'growing social problem' of scams were for parliament and regulators to decide, not courts, the decision read. And so it was. As of October last year, all major UK banks are now legally required to reimburse victims of APP fraud in most cases. Liability is split 50/50 between the sending and receiving institutions, with exceptions only for gross negligence. The burden has flipped - it's now on the banks, not customers. Australia is catching up. In November, the government launched plans for a Scam Prevention Framework that could see banks, social media companies, and telcos facing fines of up to A$50 million ($54m) for failing to reasonably prevent, detect, disrupt, respond to, and report scams. Where to from here? Will our Government ever take on telcos and tech giants like Meta and Google, the platforms fuelling this crisis? Judging by the weak progress on the Digital Bargaining Bill and limp proposals to strengthen the banking code, it seems the current approach protects financial institutions and Big Tech over people. In an era of instant payments and increasingly sophisticated deception, it's no longer a question of if you'll be targeted, but when. Meanwhile, law enforcement, but more importantly, lawmakers, are falling dangerously behind. Until the balance shifts and victims are adequately protected, 'banking on blame' will continue to serve the bottom line, not your wallet.
