A new code of conduct for the way banks treat victims tricked into transferring cash to a fraudster's account will come into force in September to tackle a surge in so-called 'transfer scams'.
Under rules announced today by the Payment Systems Regulator (PSR), banks will in some situations have to reimburse customers who are hit by 'authorised push payment' (APP) scams, though the exact terms of the new code are still to be decided.
It follows a consultation by the PSR and the Financial Conduct Authority (FCA) on the best action to be taken against the scams, which under current rules can leave unsuspecting customers out of pocket.
For help on how to protect yourself from fraud, see our 30+ Ways to Stop Scams guide.
What are 'authorised push payment' scams?
APP scams occur when someone transfers money from their own bank account to one belonging to a criminal. The lost money is then quickly transferred to numerous other accounts, often abroad, and withdrawn by the crooks.
At the moment, banks can decide whether or not to refund lost cash, which often depends on whether they consider the customer has been negligent or not and whether they can recoup the funds.
The latest official figures show £101 million was unwittingly handed over to criminals through APP scams between January and June 2017, and only a quarter of this was recovered by banks. Over this period around 17,000 consumers were victims - and they lost an average of £3,000 each time.
The FCA and PSR have been investigating how banks deal with this type of scam since September 2016, after consumer group Which? submitted a super-complaint calling for banks to shoulder more responsibility.
What's happening now?
The PSR is setting up a steering group of industry and consumer bodies which will be responsible for drawing up the code.
An early version is due to be in force from September this year, with a revised version scheduled for early 2019. It will set out a 'contingent reimbursement model', outlining the exact circumstances where a customer should be refunded.
The Financial Ombudsman Service will also be able to take the code into account when looking into new complaints about APP scams.
How to avoid being a victim
Industry body UK Finance has worked with the Government to produce help-sheets and a website to try to prevent consumers falling victim to this kind of scam. They include:
- Remember that just because someone knows some personal details – such as your name and address or your mother's maiden name – that doesn't mean they are genuine.
- Banks or trusted organisations such as the police will never contact you asking for your PIN or full password, or to transfer money to a safe account.
- Always question uninvited approaches asking for information – it could be a scam. Instead contact the company directly using a trusted email or phone number to check the request is genuine.
- Never automatically click on a link in an unexpected email or text.
If you think you've been a victim or fraud, or if you suspect a fraudster has targeted you, report it immediately to your bank and then contact Action Fraud (you can call it on 0300 123 2040).
What does the regulator say?
Paul Smith, head of policy of the PSR, said: "This is about making a positive difference for people to protect them from APP scams. The banks have already made some changes but, from September 2018, this industry code will see better protections available to everyone. We expect the code to evolve over time to make sure methods of preventing APP scams are up to date.
"By creating this steering group, we are bringing the right people together to put protections in place to prevent APP scams from happening, and reduce their impact when they do happen.
"This is a complex piece of work and we have set a challenging timeline, but it is essential we see, as soon as possible, a model that is effective in protecting people."