UK Regulator Consults On APP Fraud Reimbursement Rules

August 17, 2023
The Payment Systems Regulator (PSR) has launched two consultations on its new authorised push payment (APP) fraud reimbursement requirements as an industry insider tells VIXIO it "misses the point entirely".

  • Regulator proposes "gross negligence" criteria, consults on excess, top reimbursement
  • Rules will cover payment service providers as well as banks
  • Expert warns regulations miss the point as they do not address causes of APP fraud

The Payment Systems Regulator (PSR) has launched two consultations on its new authorised push payment (APP) fraud reimbursement requirements as an industry insider tells VIXIO it "misses the point entirely".

On Tuesday (August 15), the PSR published two proposals concerning the value of claim excess and maximum APP fraud reimbursement for Faster Payments, and "gross negligence".

At the same time, the PSR is asking questions, on behalf of the Bank of England, on the topic of a maximum reimbursement level for CHAPS.

In June, the PSR published a final policy statement confirming that sending banks will have the option to apply a claim excess under the new reimbursement requirements, except in cases where the consumer is vulnerable.

The regulator also decided that there will be no minimum threshold for claims but there will be a maximum limit.

In its first consultation, the PSR is now asking stakeholders whether an excess should be a fixed amount or a percentage of the reimbursement claim amount.

“We recognise that these options would deliver very different outcomes,” the regulator said.

Specifically, the fixed excess would likely operate as a de facto threshold, taking lower-value frauds out of scope, while the percentage excess would have more impact on higher-value fraud, it explained.

The regulator believes that “a single claim excess, set at the appropriate level, will clearly communicate to customers the need to exercise proper caution”.

The PSR also proposes that the maximum reimbursement level should be in line with the prevailing Financial Ombudsman Service limit of £415,000 per claim. Around 98 percent of APP fraud falls within this limit, according to the regulator.

In the second consultation, concerning the consumer standard of caution, the PSR explains its policy approach to defining gross negligence and proposes draft guidance.

As per the June policy statement, sending payment service providers (PSPs) should generally reimburse APP fraud victims unless the consumer is acting fraudulently, known as first-party or friendly fraud, or the consumer has acted with gross negligence. The exception of gross negligence does not apply to vulnerable consumers.

The PSR now proposes that gross negligence should be established if the consumer fails to do either one of the following actions: the consumer should have regard to specific, directed pre-payment warnings raised by their PSP; they should report the matter “promptly” to their PSP but in any event no later than 13 months after the payment was authorised; and the consumer should respond to any reasonable requests for information made by their PSP.

“Where a PSP can demonstrate that a consumer has, through gross negligence, not met one or more of the three requirements, the PSP is not obliged to reimburse the consumer,” the document proposes.

There were 207,372 incidents of APP fraud reported in 2022 resulting in gross losses of £485.2m, the PSR said.

Although the focus on the impact of fraud reimbursement sits mainly with the banks, the opening up of Faster Payment in recent years to non-banks means the rules will have a direct impact on some payment firms.

The PSR told VIXIO: “Our requirements cover all financial firms which operate using Faster Payments (FPS).

“This doesn’t only include banks but all types of payment service providers that use FPS, including e-money institutions for example.”

The wrong target

The proposals are “undoubtedly well-intentioned” and “put together by well-meaning people”, according to Gary Prince, CEO of The Payment Firm, a UK e-money institution (EMI).

However, they “miss the point entirely as they do not look to address the causes of APP fraud,” Prince told VIXIO.

The banks are “the last link” in the process and are “already overwhelmed” with the number of cases, he added.

“Everyone is ignoring the herd of elephants sitting in the corner — the mobile network operators, tech giants and their social media platforms which are the conduits for all of the fraud,” Prince said.

In its latest annual fraud report, UK Finance found that around three-quarters of online fraud starts on social media.

Since then, several big banks and the banking lobby group itself have raised the alarm against the social media platforms of Meta.

In June, TSB said that scams originating from the platforms of Meta account for 80 percent of the fraud it refunds within its three biggest fraud categories: purchase, investment and impersonation.

Facebook marketplace is “a cesspit of fraud” which can operate without undertaking any merchant validation checks, Prince noted.

“They are all sat there just holding their hands up saying it is nothing to do with them.”

As almost total liability is now resting on banks, they will likely look to “massively increase friction and delay into the payment journey” to ensure that the money is being paid to the correct person for the right reasons, Prince noted.

Meanwhile, James Nurse, managing director of FINTRAIL, warned that the reimbursement requirements may actually lead to an increase in fraud due to “conscious negligence” and friendly fraud.

“We are likely to see an increase in customers committing fraud knowing that they will get reimbursed for goods, services and other general payments,” Nurse added.

Our premium content is available to users of our services.

To view articles, please Log-in to your account, or sign up today for full access:

Opt in to hear about webinars, events, industry and product news

To find out more about Vixio, contact us today
No items found.