Are You Saying I've Just Been Scammed? The Rise and Reality of Authorised Push Payment (APP) Fraud

APP fraud is no longer a rare occurrence—individuals often receive seemingly legitimate text messages or emails that might appear to come from their bank, a trusted service provider, or even a friend in distress. In response, many people transfer funds or disclose sensitive information, only to discover later that they have been deceived. This phenomenon, known as Authorised Push Payment fraud, is rapidly becoming one of the most pervasive and damaging threats in today’s financial landscape.

The convenience of financial innovations, such as fast payment systems, open banking, digital wallets, and mobile apps, has made transactions easier than ever. However, this ease of use also opens the door to sophisticated scams. APP fraud exploits trust, and the systems designed to facilitate secure payments. Despite its alarming rise, many remain unaware of the risks until they become victims.

The scale of APP fraud is staggering. According to the UK Finance Annual Report for 2024, APP fraud losses reached ￡459.7 million in 2023, with 232,429 reported incidents—a 12% increase from 2022. Despite ongoing efforts to combat this fraud, financial institutions have incurred significant losses, reimbursing ￡287.3 million to victims, an increase of 1% from the previous year.

How Does APP Fraud Work?

APP fraud occurs when scammers trick individuals into authorizing payments to them, often under pretences. Unlike other types of fraud where transactions happen without the victim’s knowledge, APP fraud involves the victim willingly initiating the payment.

Typically, the scam begins with an unexpected message—via email, text, or phone call—that appears legitimate and may claim to be from a bank, government agency, or well-known service provider. The scammer creates a sense of urgency or fear, convincing the victim that immediate action is required. This could involve claims of compromised accounts, outstanding debts, or emergencies involving loved ones.

A significant portion of APP fraud stems from purchase scams, which account for 76% of reported cases. In these scenarios, fraudsters pose as legitimate sellers on online marketplaces, offering goods or services that either do not exist or are never delivered. Victims, believing they are making genuine purchases, transfer money to the scammer’s account, only to find the seller has vanished.

Regulatory Response to APP Fraud

The rise in APP fraud has led to calls for stronger regulatory frameworks and more robust consumer protection laws. In the UK, the Payment Systems Regulator (PSR) has taken significant steps to address the issue. The Contingent Reimbursement Model Code (CRM Code), implemented in May 2019, outlines practices for reimbursing victims of APP fraud. Under this code, banks and payment service providers are generally required to reimburse customers who have been tricked into making payments, provided the victim has taken reasonable care to avoid the scam. Reimbursement is required unless there is clear evidence of gross negligence or fraud by the customer.

In June 2023, the PSR introduced new mandatory reimbursement requirements set to take effect in October 2024. Under these rules, sending Payment Service Providers (PSPs) must reimburse victims of APP fraud within five business days, except when additional time is needed to gather further information. Additionally, receiving PSPs will be required to cover 50% of the reimbursement cost. However, reimbursement will not apply if the customer has acted with gross negligence, committed fraud, made unlawful payments, or is involved in civil disputes such as dissatisfaction with legitimate services.

How to Protect Yourself from APP Fraud

While fraud tactics evolve, you can take several steps to protect yourself from APP fraud:

1. Verify the Source: Always double-check the authenticity of messages or requests involving money transfers or personal information. Contact the organization or individual directly using a known, official contact method.

2. Pause and Reflect: Scammers often create a sense of urgency to push you into quick decisions. Take a moment to reflect and trust your instincts if something feels off.

3. Educate Yourself: Stay informed about the latest scams and their methods. Awareness is a powerful defense against fraud.

4. Use Security Features: Enable two-factor authentication (2FA) on your accounts, use strong, unique passwords, and be cautious about sharing information online.

5. Report Suspicious Activity: Report any suspected scams to your bank, relevant authorities, and affected parties immediately. Early reporting can improve the chances of recovering lost funds.

Moving Forward

The success of APP fraud relies on exploiting human emotions and behaviors. Scammers create a false sense of urgency, manipulate fear, and mimic authority, knowing that people are less likely to scrutinize situations when they believe they are acting in their best interest or that of a loved one. Awareness and vigilance are key to protecting your finances in the digital world.

Financial institutions must educate their customers about APP fraud, continuously update them on emerging scams, and develop robust fraud detection strategies. Regulators should go beyond reactive measures and implement proactive strategies to address the root causes of APP fraud, especially those originating from online marketplaces. Holding marketplace operators accountable is crucial to curbing the rise of purchase scams and enhancing overall consumer protection.

?

?