This week marks a major change in how U.K. banks and payment firms address fraud.
Beginning Monday (Oct. 7), these organizations will be required to reimburse the victims of authorized push payments (APP) up to £85,000 ($111,000).
Great Britain’s Payment Systems Regulator (PSR) had called for the reimbursement rules following a surge in APP fraud, which occurs when someone is tricked into sending money from their bank account to a fraudster posing as a legitimate payee.
These fraud cases cost British residents $433 million in 2023, according to a report published by the PSR in August. That was a 12% decrease from the year before, although the volume of fraud cases rose by the same amount.
The £85,000 figure is a recent addition to the plan, with the PSR initially planning an upper limit for reimbursements at £415,000 ($544,000). Industry groups like the Payments Association had been lobbying the PSR to hold off on imposing the new measure for at least a year.
Riccardo Tordera-Ricchi, head of policy and government relations at the association, said in June that if the APP fraud reimbursement changes proceeded as planned, “the prudential risk and requirements to participate in the U.K. payments market will increase significantly.”
“It will also result in an increase in cost and friction of real-time payments and a decrease in investment into the U.K. FinTech market due to higher risks of failure and lower profitability,” Tordera-Ricchi added.
The reimbursement rule remains a source of controversy. For example, the new regulation lets banks and payment companies charge a fee of £100 when settling fraud claims.
While many industry figures see the added levy as a way to ensure consumers remain vigilant against APP fraud, consumer groups have pushed back. They argue that 32% of APP fraud cases are a matter of £100 or less, meaning many consumers would lose money in being reimbursed.
Meanwhile, tech companies are facing pressure to play a greater role in combating APP fraud, with the U.K. payments and FinTech sector arguing that most scams originate on social media.
For example, after Meta announced last week that it was working with British banks MetroBank and NatWest on a data-sharing project to protect customers from scams, an executive at Revolut said this effort “falls woefully short of what’s required to tackle fraud globally.”
Woody Malouf, Revolut’s head of financial crime, argued that what Meta and the banks are doing amounts to “baby steps, when what the industry really needs is giant leaps forward.”
“These platforms share no responsibility in reimbursing victims, and so they have no incentive to do anything about it,” he told CNBC. “A commitment to data sharing, albeit needed, simply isn’t good enough.”