Fightback against bank transfer scams steps up with launch of new code
Blameless scam victims who are tricked into transferring money directly to a fraudster should find they are better protected under a new voluntary industry code which comes into force from Tuesday.
According to consumer group Which?, £674 is typically lost every minute to this “devastating” crime – with victims having faced a “gruelling battle” to get their money back in the past.
People who have transferred large sums of money to fraudsters have faced never seeing it again – because they have authorised their bank to make the payment.
By contrast, with scams where money is stolen from people’s bank accounts without their knowledge, victims can generally expect to be refunded.
The new code aims to make sure that customers making payments are not penalised for fraudsters’ criminal actions – even in circumstances where the customer’s bank has done everything reasonably expected of it to protect the customer.
The industry has committed to provide initial funding for these “no blame” situations until the end of 2019.
Trade association UK Finance has said the initial “no blame” funding is intended to provide the necessary time for the industry to work with the regulators and Government to deliver sustainable long-term funding for this reimbursement fund by January 2020.
Sophisticated authorised push payment (APP) scams trick people into transferring money, perhaps because they think they are paying a bank, a business or HM Revenue and Customs (HMRC).
Stephen Jones, chief executive of UK Finance, said: “Protecting customers from the threat of scams and stopping money going to criminals are amongst the finance industry’s foremost priorities.
“Over the last year, the industry has been working in partnership with consumer groups, including Which?, to develop the code, which helps strengthen standards for customer protection and reimbursement.
“The new code delivers a commitment from all firms who sign up to it to reimburse victims of authorised push payment scams in any scenario where the customer has met the minimum standards expected of them under the code.”
He said the industry will continue to “fight fraud on every front”, including investing in advanced security systems and new ways to track stolen funds and supporting the Government in improving how intelligence is shared.
According to Which?, providers which have committed to signing up to the code include Barclays, Lloyds Banking Group, HSBC, Metro Bank, Royal Bank of Scotland, NatWest, Santander and Nationwide.
Which? has said losses to bank transfer fraud are “spiralling out of control”, with £354 million lost in the past year alone – most of it stolen from personal accounts.
The fightback against APP scams should also eventually see the introduction of a name-checking service called “confirmation of payee”.
The Payment Systems Regulator (PSR) has proposed that the UK’s six biggest banking groups, which are involved in about 90% of bank transfers, fully put the confirmation of payee measures in place by March 31 2020.
Confirmation of payee works by making sure the name of the account someone is sending money to matches the name they have entered.
Alerts will notify the payer when there has not been a match – meaning corrections can be made before the payment is sent rather than people trying to claw the money back after the cash has been transferred.
Which? said that last year just 23% of losses were returned, meaning many victims were left out of pocket by scams.
It said people must be quickly and fairly reimbursed.
The consumer group, which previously made a “super-complaint” to regulators about the issue, also wants to see banks publish victim and reimbursement figures on a regular basis.
Gareth Shaw, head of money at Which?, said: “Three years after Which? launched a super-complaint highlighting the devastating impact of bank transfer fraud, it’s good that consumers are finally getting greater protections and many should be spared from losing life-changing sums of money.
“The code will be judged a success if it halts this worsening crime and results in all blameless victims being fairly and swiftly reimbursed – and we want to see all remaining banks signing up as a bare minimum to reassure their customers that they will be protected.
“Banks must now ensure vital name check security measures are introduced on time and quickly agree long-term funding plans for all reimbursements – as there can never be a return to the dark days of banks turning away the victims of this ruinous crime.”
Chris Hemsley, co-managing director of the Payment Systems Regulator said: “APP scams can have a devastating impact on the people who fall victim to them.
“The code is a major step up in protections and it reflects our strong belief that if somebody has done everything they can reasonably do to protect themselves, they should be reimbursed.
“I welcome the commitment that these banks have made to their customers.”