As part of ongoing measures to combat Authorised Push Payment (“APP”) fraud, the Payment Systems Regulator (“PSR”) has published its latest policy statement, which details the required publication of data on Payment Service Providers’ (“PSPs”) APP scam performance. This follows the PSR’s ongoing consultation on efforts needed to address APP fraud, in respect of which we reported here.
APP Fraud occurs where a victim is tricked into sending a payment to an account controlled by a fraudster. Incidences have increased significantly in recent years.
The PSR will be requiring 14 of the largest PSPs (including HSBC; Metro Bank; and Monzo Bank) to publish data on:
- The proportion of customers who lose money as a result of APP fraud;
- Sending PSPs’ APP scam rates; and
- Receiving PSPs’ APP scam rates (not including any monies returned to the customer).
The PSR notes that these requirements will incentivise PSPs to tackle APP fraud and will enable consumers to have a better understanding of how their bank will protect them in the event they fall victim to a scam. This is the first in a set of proposed measures, with the PSR considering whether to require reimbursement of scam victims in all but exceptional cases.
The first set of data is to be provided by May 2023 and will be published by the PSR in October 2023. Thereafter, the data will be published every six months. The six month time lag is intended to address concerns that the data will be used by fraudsters to identify weaker targets, and to enable PSPs to address any issues before publication.
"This combination of metrics will create reputational incentives for PSPs to improve their fraud prevention controls and reimbursement rates. These metrics also offer the best combination of simplicity and information to give consumers greater transparency of the comparative performance of PSPs, so that they can make informed decisions about who they bank with."