Interim funding for APP scam victim compensation to continue to 30 June 2021

A group of seven signatories to the voluntary Authorised Push Payment (APP) Contingent Reimbursement Code have agreed to extend until 30 June 2021 the interim funding to compensate eligible victims of APP scams where the customer, sending and recipient banks have met the standards expected of them expected under the Code.

The Code, jointly developed by the banking industry and consumer groups, was launched on 28 May 2019 and sets out increased consumer protection standards to help protect customers from APP Scams. Payment service providers that have signed up to the Code commit to:

  • protect their customers with procedures to detect, prevent and respond to APP scams, providing a greater level of protection for customers considered to be vulnerable to this type of fraud;
  • prevent accounts being used to launder the proceeds of APP scams, including procedures to prevent, detect and respond to the receipt of funds from this type of fraud; and
  • compensate customers if they fall victim to an APP scam, provided they did everything expected of them under the Code.

The voluntary Code sits alongside industry action to tackle fraud and scams including working closely with the government and law enforcement through the national Economic Crime Plan.

However, as identified by the APP Steering Group that developed the Code there are many situations where both the customer and the banks involved have all met the standards of the Code - often where there are vulnerabilities which lie outside the control of the financial sector which have been exploited by criminals. It is these cases which are funded through the interim funding arrangement.

Since the Code was introduced last year, over £89.2 million has been reimbursed to thousands of customers. The industry is calling for further action to be taken with new legislation to drive consistent outcomes for consumers and firms.  

To ensure customer reimbursement takes place whilst regulators and the government deliver a long-term, sustainable funding arrangement, seven payment service providers (PSPs) have provided interim funding since the Code was launched. They have agreed to extend the interim funding arrangements for a further six months until 30 June 2021. This is intended to provide further time for legislation to be agreed and implemented, placing the voluntary Code on a statutory footing.

Katy Worobec, Managing Director of Economic Crime at UK Finance, said:

?Fraud is a crime which has a devastating emotional impact on victims and its proceeds fund serious criminal activities which damage our society. The industry's primary focus is therefore on stopping fraud in the first place, supporting the prosecution of criminals responsible and helping customers know steps they can take to stay safe.

?It is right that those who fall victim to these scams through no fault of their own should be compensated. However, over a year since its launch, the voluntary Code is not working as intended, with a lack of consistency in customer outcomes and a lack of clarity for signatories in how they should implement it.

?While a long-term, system-wide solution to tackling this threat is developed, the seven Code signatories that have provided interim funding for compensation since launch have therefore extended this temporary arrangement for a further six months. This will give the government time to introduce new legislation and to engage with regulators on a long-term, sustainable funding model and we will continue to work closely with them to do so.?

Under the Code, signatory payment service (PSPs) providers compensate victims of APP fraud provided the customer has met the standards expected of them under the Code. In situations where both the victim and their bank have met the required standards, the customer is compensated for the money lost and the PSP then reclaims the sum from the interim fund.

Contact Information

UK Finance Press Office
020 7416 6750

Notes to editor

<p>UK Finance is the collective voice for the banking and finance industry. Representing more than 250 firms across the industry, we act to enhance competitiveness, support customers and facilitate innovation.</p>
<ol><li>Nine financial institutions, representing 19 brands, are signatories to the authorised push payments scams voluntary Code:</li>
</ol><p>Barclays Bank UK PLC</p>
</ul><p>The Co-operative Bank plc</p>
</ul><p>HSBC UK Bank plc</p>
<ul><li>HSBC UK</li>
<li>First Direct</li>
<li>M&S Bank</li>
</ul><p>Lloyds Banking Group</p>
<ul><li>Lloyds Bank plc</li>
<li>Bank of Scotland plc</li>
<li>Intelligent Finance</li>
</ul><p>Metro Bank plc</p>
<ul><li>Metro Bank</li>
</ul><p>National Westminster Bank Plc</p>
<ul><li>Royal Bank of Scotland plc</li>
<li>National Westminster Bank Plc</li>
<li>Ulster Bank (Northern Ireland)</li>
</ul><p>Nationwide Building Society</p>
</ul><p>Santander UK plc</p>
<li>Cater Allen Limited</li>
</ul><p>Starling Bank</p>
</ul><ol start="2"><li>Authorised push payment (APP) scams are when customers are tricked into authorising a payment to an account that they believe belongs to a legitimate payee ? but is in fact controlled by a criminal. <a href="…;£207.8 million</a> was lost to authorised push payment (APP) fraud in the first half of 2020.</li>
</ol><p>An industry voluntary <a href="…; was launched on 28 May 2019 that introduced new consumer protections against authorised push payment (APP) fraud. The Code was developed by a Steering Group comprising of representatives from consumer groups and payment service providers (PSPs).</p>
<p>Customers of a PSP that is signed up to the Code will be fully reimbursed if they fall victim to an APP scam, provided they did everything expected of them under the Code. </p>
<p>Nine PSPs, representing 19 consumer brands and over 85 per cent of authorised push payments, have signed up to the Code so far. A list of signatories can be found <a href="…;
<p>Customers received <a href="…;£47.9 million in compensation</a> in cases assessed under the Code in the first half of this year. This accounted for 38 per cent of the £126.5 million in losses in cases assessed under the Code during this period. It means a total of £89.2 million has been reimbursed to customers under the APP voluntary Code since it was launched on 28 May 2019. This figure does not include all money returned to APP fraud victims in all cases, for example in some instances where the customer was found at fault under the Code but the bank was able to trace and return the original stolen funds.</p>
<p>In situations where both the customer and their payment service provider meet the required standards under the Code, a customer of a signatory firm who falls victim to an APP scam will still receive their money back. To fund this compensation, a number of launch signatories of the Code established an interim funding arrangement to provide reimbursement until a long-term solution is in place. Today, the seven launch signatories who have provided interim funding in these situations under the Code have agreed to continue the funding deadline to 30 June 2021. They are:</p>
<li>Lloyds Banking Group</li>
<li>Metro Bank</li>
</ul><p>Starling Bank, which was also one of the original Code signatories, will continue to reimburse customers through the interim funding arrangement in situations where both the customer and their payment service provider meet the required standards under the Code. Since signing up to the APP voluntary Code in December 2019, the <a href="… Bank has implemented a self-fund model</a> to reimburse customers in this situation.</p>
<ol start="3"><li>£47.9 million of losses were reimbursed to victims under APP voluntary Code in first half of 2020, equivalent to 38 per cent of losses in these cases. This is double the 19 per cent of APP losses that were reimbursed before the Code was introduced. £41.3 million of losses were reimbursed to victims under APP voluntary Code between (28 May 2019 and 31 December 2019. </li>
</ol><ol start="4"><li>The finance industry is committed to tackling fraud and scams by:</li>
</ol><ul><li>Investing in advanced security systems to protect customers, including real-time transaction analysis, behavioural biometrics on devices and technology to identify the different sound tones that every phone has and the environment that they are in.</li>
<li>Working closely with the government and law enforcement to tackle fraud through a national <a href="… Crime Plan</a>, including regularly exchanging information and coordinating responses to emerging threats such as scams linked to Covid-19.</li>
<li>Delivering the <a href="… Protocol</a> ? a ground-breaking rapid response scheme through which branch staff can alert police and Trading Standards to suspected frauds taking place. The system is now operational in every police force area and has prevented £116 million of fraud and led to 744 arrests since it began being rolled out in 2016.</li>
<li>Working with text message providers and law enforcement to <a href="…; scam text messages including those exploiting the Covid-19 crisis. 821 unauthorised sender IDs are currently being blocked to prevent them being used to send scam text messages mimicking trusted organisations, including 70 related to Covid-19</li>
<li>Working with the regulator <a href="…; to crack down on number spoofing, including through the development of a ?do not originate? list. Ofcom has said this work has led to significant successes in preventing criminals from spoofing the phone numbers of trusted organisations. For example, when HMRC added numbers to this list they reported reducing ?to zero the number of phone scams spoofing genuine inbound HMRC numbers.?</li>
<li>Helping customers stay safe from fraud and spot the signs of a scam through the<a href="… Five to Stop Fraud</a>  27 major banks and buildings societies have signed up to the new <a href="… Five Charter</a>, bringing the industry together to give people simple and consistent fraud awareness advice.</li>
<li>Sponsoring a specialist police unit, the Dedicated Card and Payment Crime Unit (DCPCU), which tackles the organised criminal groups responsible for financial fraud and scams. In the first half of 2020, the unit <a href="…; an estimated £12.5 million of fraud, secured 30 convictions, and disrupted seven organised crime groups (OCGs).</li>
<li>Introducing a <a href="… code</a> to better protect customers and reduce the occurrence of authorised push payment (APP) fraud. The code became effective for signatory firms on 28 May 2019.</li>
<li>Working with Cifas on the Don?t Be Fooled campaign, which aims to inform students and young people about the risks of giving out their bank details, and deter them from becoming money mules. The campaign website is here: <a href=""></a></li&gt;
<li>Working with Pay.UK to implement the <a href="… Insights Tactical Solution (MITS)</a>, a technology that helps to track suspicious payments and identify money mule accounts.</li>