You can use the search function to find a range of UK Finance material, from consultation responses to thought leadership to blogs, or to find content on a range of topics from Capital Markets & Wholesale to Payments & Innovation.
Since the launch of a voluntary industry Code on 28 May 2019 which set new standards for the prevention of APP scams, victims who are customers of the signatories of the Code have benefited from more consistent treatment and reimbursement while the Code has helped the signatories to focus further investment in preventative measures to help them avoid being scammed at all.
In July, UK Finance submitted a formal request to Pay.UK on behalf of seven of the Code signatories who have provided interim funding for the ?no-blame? scenario under the Code. This request proposed a change to the Faster Payments Service (FPS) Rules to finance a central fund to be used to reimburse victims of APP fraud in a ?no-blame? situation.
Pay.UK subsequently issued a consultation at the end of August 2019 and published its conclusion and recommendations on 15 November. The consultation identified that, as a result of a number of objections and issues with the change proposed raised by other FPS participants who are currently non-Code signatories, there is no industry consensus to finance a central fund to reimburse innocent victims of APP fraud.
Following the rejection of the request and proposal of suggested next steps from Pay.UK, the seven payment service providers who have provided interim funding for the ?no-blame? scenario under the Code since its launch on 28 May 2019, have agreed to continue the funding deadline to allow more time to consider Pay.UK's alternative recommendations on long-term funding arrangements. The strong view across the industry is that in addition to delivering consistent outcomes for customers any long-term funding arrangement should also take in to account the responsibilities that organisations outside the finance sector have in tackling fraud.
It is currently anticipated that the amount of interim funding for the ?no-blame? scenario, currently set to expire on 31 December 2019, will last until at least 31 March 2020, at which point progress will be reviewed. This will ensure that ?no-blame? customers of Code signatories who have fallen victim to APP fraud, where both the payment service provider and the customer have met the standards expected of them, continue to be reimbursed under the terms of the Code.
Commenting on this commitment to continue interim funding arrangements for cases of ?no-blame reimbursement? to 31 March 2020, Stephen Jones, Chief Executive of UK Finance said:
"The industry is committed to defending customers from fraud and preventing stolen money from going to criminals. More also needs to be done across industries to reduce the opportunity for customers to be scammed. There is strong agreement across the banking and payments sector that we, alongside third-party organisations who hold consumer data, must all work together to create a long-term, sustainable funding solution to compensate the victims of scams in ?no blame? situations, where both the payment service provider and the customer met the standards expected of them under the voluntary industry Code introduced in May.
"This voluntary agreement to continue the interim funding arrangements by seven of the Code signatories into March next year therefore provides important time for further proposals to be considered and implemented.
"UK Finance shares the Treasury Committee and Which? view that issues of liability and reimbursement should best be addressed by new laws rather than just a voluntary Code alone and will continue to call for new legislation to make the Code mandatory to ensure that victims are protected and reimbursed. We urge any future government to work together with the Payment Systems Regulator to make this happen."
Authorised push payment (APP) scams are when customers are tricked into authorising a payment to an account that they believe belongs to a legitimate payee - but is in fact controlled by a criminal.
APPs are made at the request of the customer and can be carried out over the phone, online, or in person. Consumers lost £208 million to APP scams in the first half of 2019, as a result of being tricked into authorising a payment to an account controlled by a criminal or purchasing goods from fake or unofficial sources.
The compromise of personal and financial data remains a significant driver behind fraud losses. Customer details are being stolen through data breaches at third parties outside the financial sector, while sophisticated ?digital skimming? attacks are being used to steal card data when consumers are shopping online. Criminals also continue to use social engineering techniques to trick customers into divulging their personal information or transferring money.
The voluntary Code sets out increased consumer protection standards which will help reduce the occurrence of APP scams. To help protect customers, payment service providers that have signed up to the Code commit to:
Importantly, any customer of a bank or payment service provider (PSP) which is signed up to the Code will be fully reimbursed if they fall victim to an APP scam, provided they did everything expected of them under the Code. Eight payment service providers, representing 17 consumer brands (listed below), committed to implementing the Code in May 2019.
Under the terms of the Code in situations where both the customer and their payment service provider meet the required standards set out in the Code, a customer of a firm signed up to the Code who falls victim to APP fraud will still receive their money back.
At the launch of the Code, to fund this compensation to victims, an interim funding arrangement was established by a number of the launch signatories of the Code to provide reimbursements from implementation until a new long-term funding arrangement could be implemented by no later than the end of 2019.
Today, the seven launch signatories who have provided interim funding for the ?no-blame? scenario under the Code have agreed to continue the funding deadline to 31 March 2020 while the industry, Pay.UK, regulators and government continue to discuss and agree the long-term funding solution.
<p>For more information please call the UK Finance press office on 020 7416 6750 or email <a href="mailto:press@ukfinance.org.uk">press@ukfinance.org.uk</a></p> <ol><li>UK Finance is the collective voice for the banking and finance industry. Representing more than 250 firms across the industry, we act to enhance competitiveness, support customers and facilitate innovation.</li> <li>Pay.UK has now <a href="https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2F74n5c… an alternative approach</a> and the industry will give it careful consideration. However, any funding mechanism must deliver consistent outcomes for customers and take into account the responsibilities that organisations outside the finance sector have in tackling fraud.</li> <li>The following PSPs committed to implementing the Code from 28 May 2019:<br /> <table border="0" cellpadding="1" cellspacing="1" style="width:350px;"><tbody><tr><td style="width: 200px;"><strong>PAYMENT SERVICE PROVIDER</strong></td> <td style="width: 137px;"><strong>BRANDS</strong></td> </tr><tr><td style="width: 200px;">Barclays</td> <td style="width: 137px;">Barclays</td> </tr><tr><td style="width: 200px;">HSBC</td> <td style="width: 137px;">HSBC UK, First Direct, M&S Bank</td> </tr><tr><td style="width: 200px;">Lloyds Banking Group</td> <td style="width: 137px;">Lloyds Bank, Halifax, Bank of Scotland, Intelligent Finance</td> </tr><tr><td style="width: 200px;">Metro Bank</td> <td style="width: 137px;">Metro Bank</td> </tr><tr><td style="width: 200px;">Nationwide</td> <td style="width: 137px;">Nationwide</td> </tr><tr><td style="width: 200px;">RBS</td> <td style="width: 137px;">Royal Bank of Scotland, Natwest, Ulster Bank</td> </tr><tr><td style="width: 200px;">Santander</td> <td style="width: 137px;">Santander, Cahoot, Cater Allen</td> </tr><tr><td style="width: 200px;">Starling Bank</td> <td style="width: 137px;">Starling Bank</td> </tr></tbody></table><p> </p> </li> <li>The following PSPs established a fund in May 2019 in order for customers in the ?no blame? scenario to be reimbursed:</li> </ol><ul class="rteindent1"><li>Barclays</li> <li>HSBC</li> <li>Lloyds Banking Group</li> <li>Metro Bank</li> <li>Nationwide</li> <li>RBS</li> <li>Santander</li> </ul><p class="rteindent1"><strong>The finance industry is committed to tackling fraud and scams by:</strong></p> <ul class="rteindent1"><li>Investing in advanced security systems to protect customers, including real-time transaction analysis, behavioural biometrics on devices and technology to identify the different sound tones that every phone has and the environment that they are in.</li> <li>Delivering the Banking Protocol ? a ground-breaking rapid response scheme through which branch staff can alert police and Trading Standards to suspected frauds taking place. The system is operational in every police force area and <a href="https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2F74n5c…; £23.2 million in fraud and enabled 134 arrests in the first half of 2019.</li> <li>Sponsoring a specialist police unit, the Dedicated Card and Payment Crime Unit (DCPCU), which tackles the organised criminal groups responsible for financial fraud and scams. In the first half of 2019, the unit <a href="https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2F74n5c…; an estimated £6.8 million of fraud, secured 39 convictions and disrupted 13 organised crime groups.</li> <li>Helping customers stay safe from fraud and spot the signs of a scam through the <a href="https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2F74n5c… Five to Stop Fraud</a> campaign, in collaboration with the Home Office.</li> <li>Introducing a <a href="https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2F74n5c… code</a> to better protect customers and reduce the occurrence of authorised push payment (APP) fraud. The code became effective for signatory firms on 28 May 2019.</li> <li>Working with the Financial Conduct Authority on the <a href="https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2F74n5c… implementation</a> of Strong Customer Authentication, new EU-wide rules aimed at reducing fraud by verifying a customer?s identify when they make certain higher-value online purchases.</li> <li>Hosting and part-funding the government-led programme to reform the system of economic crime information sharing, known in the industry as Suspicious Activity Reports, so that it meets the needs of crime agencies, regulators, consumers and businesses.</li> <li>Working with Pay.UK to implement <a href="https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2F74n5c…; target="_blank">Confirmation of Payee</a> (COP), an account name checking service for when a payment is being made that will help to prevent authorised push payment fraud. In August, the <a href="https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2F74n5c… Systems Regulator (PSR) gave a specific direction</a> requiring the six largest banking groups in the UK to be able to respond to CoP requests from 31 December 2019 and send CoP requests and notify the payer of the outcome from 31 March 2020.</li> </ul><p class="rteindent1"><strong>Authorised push payments voluntary code:</strong></p> <ul class="rteindent1"><li>A new industry voluntary <a href="https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2F74n5c…; was launched in 28 May 2019 that has introduced significant new consumer protections against authorised push payment (APP) fraud. The Code was developed by a Steering Group comprising of representatives from consumer groups and payment service providers (PSPs).</li> <li>Customers of a payment service provider that is signed up to the Code will be fully reimbursed if they fall victim to an APP scam, provided they did everything expected of them under the Code.</li> <li>Eight payment service providers, representing 17 consumer brands and over 85 per cent of authorised push payments, have signed up to the Code so far. A list of signatories can be found <a href="https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2F74n5c…; <li>As of 1 July 2019, the Lending Standards Board (LSB) took over responsibility for the governance and oversight of the Contingent Reimbursement Model Code for Authorised Push Payment Scams (CRM Code).</li> <li>In situations where both the customer and their payment service provider meet the required standards set out in the Code, a customer of a signatory firm who falls victim to an APP scam will still receive their money back. To fund this compensation, as an interim arrangement a number of the launch signatories of the Code established a ?no blame? fund to provide reimbursements from implementation until a new long-term funding arrangement is in place. Pay.UK recently considered a change request made by seven banks and building societies that proposed a per-transaction fee for certain Faster Payment transactions, which could provide a long-term, sustainable funding arrangement for the reimbursement of APP scam victims in these situations. As part of considering this request, Pay.UK published a <a href="https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2F74n5c… for information</a> to obtain insight from stakeholders on the proposal. On 15 November 2019, Pay.UK <a href="https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2F74n5c… its conclusion</a>.</li> <li>The theft of personal and financial information through social engineering caused by data breaches outside the financial sector is a major contributor to the fraud losses and therefore any long-term funding arrangement should also consider how companies outside the payments industry can contribute where they may be liable for APP fraud.</li> <li>Data on reimbursements made under the Code is due to be published in 2020.</li> </ul>
22.04.24
19.04.24
17.04.24
By downloading this document, you understand and agree that any sharing, distribution or republishing of the content, without prior written authorisation from the author or content managers at UK Finance, shall be constituted as a breach of the UK Finance website terms of use.
