Incidence of authorised push payment fraud, when criminals deceive people to send payment to an account they control, is soaring.
Authorised push payment (APP) fraud has reached unprecedented levels in the UK, as criminal organisations have adapted to and capitalised upon the impact of Covid-19 over the past year. Recent statistics from UK Finance show that APP fraud has increased in value and volume from 2019 to 2020, with losses up 5% to £479m and cases up 22% to 149,946.
This fraud happens when criminals deceive a banking customer, be that business or personal, into sending a payment under false pretences to a bank account they control. Banking customers of signatory firms to the Contingent Reimbursement Model Code (CRM Code) that have fallen victim to an APP scam through no fault of their own should absolutely expect to be reimbursed in full. They should also expect to receive supportive aftercare to help prevent them falling victim again.
But they should also expect that they will be protected against APP scams in the first place.
Reimbursement, while vital to reversing the financial distress caused by APP scams, cannot reverse the emotional distress that these scams cause, with the victim’s experience so often associated with feelings of guilt, shame, worry and embarrassment.
It is, therefore, vital that we stop customers from having to go through this emotional and financial distress by preventing more APP scams from happening in the first place.
This is not to understate the importance of reimbursement and the appropriate aftercare. Both are crucial steps to ensuring victims are, and continue to be, protected against APP fraud, no matter how large or small the amount lost as a result of the scam.
But while reimbursement levels are an important metric, it is critical that we take into account prevention and detection measures, too.
Onus on prevention
Imagine, for a moment, a world where as much onus is placed on the prevention of APP scams as is currently placed on reimbursement levels — where every reimbursement case was understood as a missed opportunity for prevention. This would be a world where calls for reimbursement data to be published were met with the same demand for access to prevention data.
In this environment, stakeholders and customers alike would be provided with more insight and assurance over the effectiveness of APP scam prevention measures than payment service providers (PSPs) have in place.
With Covid-19 accelerating a shift towards online and digital banking channels, the opportunity for lenders to offer new payment methods is also creating new opportunities for criminal organisations to target customers via APP fraud.
In this environment, a key focus area for preventing customers from falling victim to APP scams lies within the implementation of effective warnings.
Effective warnings
A recent review by the Lending Standards Board indicated that an effective warning is one that is dynamic and tailored to the customer’s payment journey. It also found that, when implemented in tandem with other prevention measures outlined by the CRM Code, effective warnings can be successful in reducing APP scams.
Further, research from the Open Banking Implementation Entity indicates that small changes to warnings across banking apps can have the potential to drastically reduce the number of individuals that fall victim to APP fraud. The number of scams decreased, for example, when call to action (CTA) interventions were presented, offering users more opportunities to cancel or defer transactions throughout the payments journey.
The biggest effects were achieved when a combination of risk-based and CTA warnings were implemented over a period of time. This allowed banks and PSPs to reduce the instances of APP fraud without negatively impacting the completion of legitimate payments. Using a variety of warnings meant that banking customers remained engaged, reducing the risk of deteriorating effectiveness of warnings as people naturally grew used to them.
Scams could also be significantly reduced with a collective effort across the banking industry and beyond, to protect customers and win the fight against APP fraud. This could include banks, non-traditional lenders and PSPs educating their customers on the signs and risks of APP scams, or working with industry oversight bodies to commit to voluntary standards and codes to ensure good customer outcomes. Beyond this, online forums, social media platforms and influential voices also have a role to play in raising awareness of and preventing scams. Customers can also help by being vigilant and reading and acting upon warnings and information presented to them.
Reimbursement, although critical, should be the last resort when it comes to protecting customers against APP fraud. Prevention, detection and awareness measures must move up the agenda for banks, non-traditional lenders, PSPs and customers alike to ensure that the customer is protected at every possible stage of the payment journey.
Emma Lovell is chief executive of the Lending Standards Board.
