Payment Dispute Standards and Compliance Council

Menu
  1. Home
  2. Industry Regulations

Blog

APP Fraud – New Regulations 2024

Industry Regulations

What is APP Fraud?

Authorised Push Payment (APP) fraud refers to a financial scam in which a fraudster tricks a victim into authorising a transfer of funds. The term ‘authorised’ indicates that this type of fraud does not involve using stolen information but requires the victim to voluntarily authorise the payment. The term ‘push’ signifies that the victim is pushing the payment to the scammer, unlike other types of fraud where money is illegally pulled from the victim’s account.

It is important to note that this does not mean the victim is at fault. Fraudsters often impersonate legitimate or trusted organisations or governmental bodies to manipulate victims into parting with their money. With the increasing use of AI, scammers appear more credible and convincing.

According to the Payment Systems Regulator (PSR), £341 million was lost to such scams in the UK in 2023 alone, marking a record high. Given this alarming trend, the industry recognises the urgent need for effective measures to safeguard individuals and their finances. As a result, new regulations have been implemented to ensure that more victims are reimbursed for their financial losses.

Types of APP Fraud

There are several types of APP fraud. Some of the most common include:

Purchase Scams

A purchase scam occurs when a fraudulent retailer or service provider convinces a victim to pay for a product or service that is never delivered. The scammer impersonates a legitimate company, often creating a website with authentic-looking logos, branding, and customer reviews to deceive buyers. They lure victims with enticing deals or hard-to-find items at bargain prices. After the victim makes a payment, often via bank transfer, credit card, or an untraceable method like cryptocurrency, the product never arrives, or the service is never provided.

Impersonation Scams

Impersonation scams occur when a fraudster pretends to be a legitimate organisation, such as a bank, delivery service, tradesperson, retailer, or government body. They deceive the victim into transferring money for what seems to be a valid reason. For example, a scammer posing as a bank might claim that the victim’s account has been compromised and urge them to transfer funds to a ‘safe’ account. Other examples include scammers posing as HMRC officials or pretending to be a friend or family member in distress, usually via social media or messaging apps, asking for urgent financial help.

Advance Fee Scams

In an advance fee scam, the fraudster contacts the victim claiming that an upfront payment is required to receive an item or service. This could involve claims that a parcel is being held at customs, a lottery has been won, or a large inheritance is awaiting transfer, but legal or processing fees must be paid first.

Romance Scams

Romance scams involve fraudsters building online relationships with victims. Once trust is established, the scammer creates a heart-wrenching story, playing on the victim’s emotions with tales of hardship or urgent financial difficulties. The victim is then manipulated into sending money to help their “partner,” who they believe is facing a crisis. Romance scams often unfold over a long period as the scammer invests time in creating a fraudulent emotional bond.

Investment Scams

Investment scams occur when a fraudster convinces a person to invest money in what appears to be a legitimate opportunity. These scammers promise high returns or claim the investment is risk-free. They often pose as financial advisors or representatives of reputable companies. Once the victim transfers money into the fraudulent scheme, recovering the funds may be impossible.

Loan Fee Scams

Loan fee scams involve fraudsters posing as legitimate banks or loan companies, offering loans to individuals who may be in financial distress or unable to get credit through traditional means. Before the loan is issued, the scammer demands an upfront “administration fee.” The victim pays the fee but never receives the loan, and the scammer also obtains personal information for potential identity fraud.

Invoice Scams

Invoice scammers may use two tactics. In the first, they intercept legitimate invoice payments by hacking into the victim’s email account and instructing them to transfer funds to a different bank account, claiming the supplier’s details have changed. In the second scenario, scammers hack into tradespeople’s email systems and send fraudulent invoices to customers. The invoice looks genuine but contains the scammer’s bank details, leading the customer to unknowingly pay the fraudster instead of the tradesperson.

Groundbreaking New Rules for Mandatory Reimbursement Begin on 7 October 2024

Previous Protection

Previously, customers were protected under the Contingent Reimbursement Model (CRM), which provided guidelines for reimbursement in cases of unauthorised transactions. However, the code was voluntary, and not all payment service providers participated, leaving many victims struggling to recover their funds.

New Mandatory Reimbursement Rules

The PSR has now established a mandatory protection scheme, rolled out on 7 October 2024. All banks and payment service providers must reimburse victims of APP fraud, regardless of size. This protection covers payments made via the Faster Payments System and CHAPS, ensuring that most individuals will receive reimbursement within five business days. Victims are covered for amounts up to £85,000, and those with losses exceeding this threshold can still initiate a claim. Reimbursement costs will be shared equally between the sending and receiving banks.

A Collaborative Effort

The new regulations shift more responsibility from consumers to payment providers, aiming to build trust in digital transactions and ensure victims can recover their losses quickly and fairly. However, the framework also encourages banks to take a proactive approach in educating customers about potential risks and fraud prevention.

New Rules, New Scam: No Stone Left Unturned

In a troubling twist, scammers are already exploiting the new reimbursement rules. Posing as major banks with convincing websites and language, they send messages to consumers, urging them to verify personal details under the guise of protecting against fraud. This highlights the ongoing need for vigilance and protection for users of the UK payment system—everyone except the fraudsters.