A Revolutionary Reimbursement Policy to Combat Authorised Push Payment (APP) Scams

The Payment Systems Regulator (PSR) is implementing a groundbreaking reimbursement policy to tackle the growing menace of authorised push payment (APP) scams. This new requirement mandates payment service providers (PSPs) to reimburse victims of APP scams, marking a significant shift in consumer protection and industry responsibility. By embedding this policy within the Faster Payments system, the PSR aims to enhance fraud prevention measures while providing critical financial redress to victims.

What Are Authorised Push Payment (APP) Scams?

Authorised push payment scams occur when individuals or businesses are deceived into transferring money to fraudsters posing as legitimate payees. These scams have become increasingly sophisticated, exploiting trust and creating scenarios where victims willingly send funds to criminals. The impact of APP scams is severe, with the latest figures showing a staggering ￡459.7 million lost to these scams in 2023 alone . The emotional and financial toll on victims can be devastating, underscoring the urgent need for robust protective measures.

APP scams typically fall into two main categories:

1. Malicious Payee Scams: In these scams, fraudsters trick victims into purchasing goods or services that do not exist or are never delivered.
2. Malicious Redirection Scams: Here, fraudsters impersonate trusted entities, such as bank staff, convincing victims to transfer funds to a fraudulent account, often under the guise of protecting their money.

Given the increasing frequency and sophistication of APP scams, the PSR expects financial institutions to take more decisive action in preventing these scams and ensuring that victims are adequately protected.

The New Reimbursement Requirement

At the core of the PSR’s strategy is the introduction of a mandatory reimbursement framework, which will come into effect on 7 October 2024. This policy represents a comprehensive response to APP scams, holding PSPs accountable for reimbursing victims, with specific exceptions to encourage consumer vigilance. The key components of the policy include:

1. Consumer Standard of Caution Exception: PSPs may refuse reimbursement if a consumer is found to be grossly negligent, such as by ignoring explicit warnings or failing to report the scam promptly. However, vulnerable consumers are exempt from this exception, ensuring they are fully protected.
2. Claim Excess: PSPs can impose a claim excess of up to ￡100, though this will not apply to vulnerable consumers. This measure is intended to promote consumer caution while still ensuring broad access to reimbursement.
3. Maximum Reimbursement Level: The reimbursement cap is set at ￡415,000 per claim, covering the vast majority of scams. The PSR will monitor the impact of this limit and adjust it as needed to respond to high-value fraud cases.

Getting the Right Protections for Everyone

The reimbursement requirement reflects a significant policy shift that began in May 2022 when the Treasury announced its intention to legislate for mandatory victim reimbursement. The Financial Services and Markets Bill, which received Royal Assent in June 2023, empowered the PSR to enforce this requirement. Following extensive consultations, the PSR finalised its policy position in June 2023 and issued a final policy statement in December 2023, setting the stage for the new rules to take effect in October 2024.

In the lead-up to implementation, the PSR has published a detailed roadmap outlining the steps firms must take to comply with the new requirements. This roadmap provides clarity on policy details, legal instruments, and upcoming consultations, ensuring a smooth transition to the new regulatory environment.

A Culture Shift in Payments and Fraud Prevention

The new reimbursement requirements are designed to prompt a cultural shift within the payments industry, emphasising fraud prevention and consumer protection. Key features include:

• Enhanced Protections Across Faster Payments: The policy introduces new rules within the Faster Payments system, which processes the majority of APP fraud. These rules strengthen Pay.UK ’s ability to combat fraud, ensuring more rigorous oversight and enforcement.
• Shared Responsibility for Reimbursement Costs: Both sending and receiving PSPs will share reimbursement costs equally (50:50), incentivising all parties to take proactive measures against fraud.
• Consistent Minimum Standards for Consumer Protection: Most victims of APP fraud will be reimbursed within five business days, with additional safeguards for vulnerable customers. The PSR will also issue further guidance on claim excess and reimbursement caps.
• Industry Collaboration and Guidance: The PSR is working closely with Pay.UK and industry stakeholders to ensure timely implementation. Banks and building societies are encouraged to continue enhancing their fraud detection and prevention capabilities in anticipation of the new rules.

A Broader Initiative to Enhance Consumer Protection

Beyond the reimbursement requirement, the PSR is spearheading a broader set of initiatives to improve fraud prevention across the payments landscape:

• Regular Publication of Performance Data: The PSR will regularly publish data on how well firms protect their customers, fostering greater accountability and transparency.
• Expansion of Confirmation of Payee (CoP): The CoP service, which helps verify payee details before payments are made, will be rolled out more widely to prevent APP scams and misdirected payments.
• Improved Intelligence Sharing: The PSR is encouraging better intelligence sharing among payment firms to detect and prevent fraudulent transactions before they occur.

The PSR’s new reimbursement policy represents a transformative approach to combating APP scams. By mandating reimbursement and requiring PSPs to take on greater responsibility for fraud prevention, the policy not only offers vital protections to consumers but also drives a fundamental shift in the industry’s approach to security. As the first of its kind, this policy sets a new global standard for financial regulation, aiming to reduce the incidence of APP fraud and restore consumer confidence in the payments system.