Plans to force banks to refund all scam victims will backfire, experts have warned, as sophisticated fraudsters will take advantage of the new rules.
Those who are targeted by “Authorised Push Payment” (APP) fraud will be entitled to get their money back in all but a very small number of cases, when new rules come in later this year.
But industry experts have warned the new rules will mean that fraudsters could pretend to be legitimate victims in order to claim reimbursements. People could also be “puppeted” by scammers, who could talk them through the reimbursement process before going on to steal that money too.
Riccardo Tordera, of the Payments Association, which represents financial firms, said: “These changes will only serve to exacerbate the issue, enabling malicious actors to pose as victims to exploit the system.”
This has not been a problem for firms that are already signed up to a voluntary compensation scheme, it is understood. But there will be more payment providers to which the new rules will apply, offering more potential targets for fraudsters.
There have already been warnings that the new rules, which come into force on October 7, could delay bank transfers for as long as four days if they are deemed suspicious, in order to give the sending bank time to reclaim the funds. Currently, banks have only 24 hours to spot and investigate fraud.
Mr Tordera said: “The new regulation may well result in the rejection of many legitimate transactions to avoid liability. Mitigating for these concerns will therefore result in slower payments, which would not necessarily result in a safer industry – just a slower one.”
APP fraud is sophisticated and can take many forms. It includes romance scams, purchase scams, such as when fake tickets for concerts are sold, and investment scams, where the victims are often sent “dashboards” that purport to show the performance of their money which has in reality disappeared into a complex labyrinth of crypto accounts.
Under the new rules, unless a victim ignores warning messages from their bank, fails to promptly notify their bank of the fraud, refuses to share information about the fraud with the payment provider or refuses to share details with the police, they will be entitled to a refund of the money they lost.
To deny a payout, the onus will be on the bank to prove that the victim acted with “gross negligence”. And if the customer is vulnerable, it will be even harder for payment providers to refuse a refund.
The payment provider sending the money will share responsibility for compensating the victim with the bank the money was sent to.
There is also concern that the new rules do not do enough to encourage firms to focus on cutting down scams and educating customers.
In theory the new rules, by making firms pay out when their customers are scammed, make fraud much more expensive, encouraging payment providers to take it seriously and put preventative tools in place.
But banks argue that simply putting pressure on payment providers will not work. Many have already introduced preventative measures tailored to individual customers to try and break the spell of the scammers, including in-app warnings and stronger identity verification.
Instead, they say, fraud needs to be stopped further up the chain, by social media companies.
Despite the Government’s “Online Fraud Charter”, a voluntary agreement launched last November with 11 major tech companies, the majority of scams still originate online. More than three quarters of all APP fraud originated online in the first half of 2023, according to trade body UK Finance.
The sheer number of scams has mushroomed. While rates of reimbursement by banks have increased under the “Contingent Reimbursement Model”, so has the rate of fraud.
In 2018, before any voluntary rules were introduced, reimbursement rates sat at 19pc. By 2022, this had increased to 62pc. Although there is a suggestion that banks refunding victims were targeted less by fraudsters, the rates of APP fraud spiralled from £228.4m in 2018 to £505.9m in 2021.
A UK Finance spokesman said: “The financial services sector is the only one that reimburses victims, paying hundreds of millions each year, despite the fact the majority of fraud originates through online platforms or telecommunications.
“These sectors need to do a lot more to stop fraud and contribute to the cost of reimbursement.”
Mr Tordera, of The Payments Association, agreed: “What is lacking in these proposed changes is accountability for social media platforms where a huge percentage of fraud takes place.”
A spokesman for the Payment Systems Regulator, a government body, said the new requirements were significantly increasing protection for consumers and would encourage firms to focus on prevention.
“Our approach incentivises all payment firms to prevent APP fraud from happening in the first place, and ensures victims are protected in a much more consistent way.
“We want to get to a place where all firms implement adequate preventative measures to stop the fraud from happening in the first place.”
Disclaimer: The copyright of this article belongs to the original author. Reposting this article is solely for the purpose of information dissemination and does not constitute any investment advice. If there is any infringement, please contact us immediately. We will make corrections or deletions as necessary. Thank you.