In 2023, the Payment Systems Regulator (PSR) confirmed that there were new requirements for banks and payment companies which were set out to ensure that victims of push payment fraud can get their money back. This new level of protection for scam victims is one of the first in the world in the battle against authorised push payment fraud.
Authorised push payment (APP) fraud has become one of the more significant types of fraud and scam in recent years, both in the UK and across the globe. Push payment fraud continues to have a hugely devastating impact on victims and, in the last year alone, losses have totalled almost £500 million.
In May 2022, Treasury announced that it has the intention to legislate in order to allow PSR to require victim reimbursement for authorised push payment fraud. These new requirements will set a change in the way that push payment fraud reimbursement will work.
With so many people being affected by authorised push payment fraud, our latest blog looks at the changes introduced to the payment requirements and what these changes could mean for victims of authorised push payment fraud.
What Is Authorised Push Payment Fraud?
Authorised push payment fraud is when someone is tricked into sending to a scammer who poses as a genuine payee. This type of fraud happens to thousands of businesses and individuals each year and the latest figures have shown that in 2022, £485.2 million was lost to authorised push payment fraud through 207,000 reported cases.
PSR has said that it expects to see more being done by financial institutions in order to stop authorised push payment fraud from happening and hopes to see better protection for people if they do fall victim to this type of fraud. There are roughly 8 different types of APP scams, with 2 main objectives:
- Malicious Payee, where people are tricked into purchasing goods or services which don’t exist or are never received.
- Malicious Redirect, which is where fraudsters impersonate bank employees in order to get someone to transfer money from their account to that of the fraudster.
What Are The New Payment Requirements?
- There will be new rules in Faster Payments, which is where the majority of advanced push payment fraud occurs.
- All payment firms will be incentivised to take action following reports of authorised push payment fraud.
- Customers will be more protected using consistent standards, with most victims being reimbursed within 5 working days, as well as having additional protections offered to more vulnerable customers
- The industry will have clearer guidelines in which they are to follow, largely around how to apply a claim excess and the maximum amount of reimbursement.
These new rules will be imposed on the system which handles Faster Payments, which is where the vast majority of authorised push payment fraud (around 90%) has occurred, with reimbursement requirements coming into effect next year. It has been said that all payment firms will now be incentivised to take action following authorised push payment fraud being reported.
It’s important to make clear that this only focuses on APP fraud and other payment systems, including cheques, BACS, Mastercard and Visa will not be covered under these new rules and requirements.
PST is also looking at a wider range of changes which should:
- Lead to the publication of data later in the year which shows how well businesses are protecting their customers.
- Continue with the widespread rollout of Confirmation of Payee which is the name-checking service that has been designed to help prevent authorised push payment fraud.
- Support and encourage the creation of improved intelligence to help spot fraudulent transactions.
Next Steps
When these changes are implemented, they should give everyone across the payments system the initiative to act when it comes to preventing authorised push payment fraud from occurring in the first place. These changes put the UK right at the forefront of the global fight against authorised push payment fraud.
In terms of what happens next, there is a timeline of actions planned for the future.
In July, PSR will consult on the draft legal instruments in order to put the reimbursement requirements in place.
In August, PSR will consult on the maximum level of claim excess and reimbursement which can be requested following authorised push payment fraud, as well as further guidance on the customer standard of caution.
In October, PSR will provide the final legal instructions to Pay.UK and offer further consultation to PSPs.
By the end of 2023, PSR will publish the claim excess and the maximum amount of reimbursement offered, as well as further guidance on the customer standard of action.
In 2024, the new reimbursement requirement will come into effect.
As well as reimbursement, PSR is also set to increase the level of transparency through the publication of data as to how well businesses are protecting customers from fraud.
How To Get Money Back Lost Through Authorised Push Payment Fraud
There are two different types of fraud – authorised and unauthorised. Under the PSR rules, banks must refund victims of authorised push payment fraud in full, as long as they haven’t been grossly negligent. If your bank refuses a refund, then you can complain to the financial ombudsman. At WRS, we’re happy to offer advice if you have lost money through authorised push payment fraud, or other online scams. Contact our team today!
