View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Leadership
  2. Finance and procurement
March 24, 2020updated 17 Jun 2022 12:09pm

Payments Watchdog Relaxes Anti-Fraud Deadline for Banks

In 2019, there were 122,437 cases of APP fraud in the UK. Banks lost £456 million.

By claudia glover

The UK’s Payments Systems Regulator (PSR) has eased a March deadline for banks to implement new fraud protection plans, despite the nearly £1 billion losses suffered as a result of Authorised Push Payment (APP) fraud in the past three years.

Implementation of Confirmation of  Payee (CoP) is designed to curtail APP fraud by ensuring banks confirm the validity of payment recipients, but the PSR said it would be taking a lenient approach to those failing to meet that deadline in the light of the COVID-19 pandemic. The deadline had already been extended by a year.

Banks have publicly lamented the challenges of rolling out CoP: changes are typically required across online and mobile applications, need to integrate with payments systems, then ensure counter party banks can funnel confirmation back to customers.

illustration of CoP

An illustration of CoP from Pay.UK

(The decision is the second major delay to tighter security rules in the financial services sector over the past half-year. In August 2019 the Financial Conduct Authority gave banks and other payments providers 18 months more to introduce “Strong Customer Authentication” measures required under Europe’s PSD2 directive.)

Read This! How to Use AI to Spot Mobile Bank Fraud using Microsoft Azure

The PSR said this week: “We are acutely aware of the current and significant pressure on organisations to do all they can for their customers, while also effectively looking after the people who work for them and making sure the UK’s banking industry can continue to be resilient. This means we have carefully considered our regulatory approach to the implementation of this system.

Banks must continue to take “appropriate steps to roll out CoP, taking into account the impacts of COVID-19, even if that means they do not meet the original 31 March 2020 deadline” it added, saying it will keep the arrangements under review.

What is APP Fraud?

Authorised Push Payment fraud happens when fraudsters deceive consumers or businesses into sending them a payment under false name, to a bank account controlled by them. As payments made using real-time payment schemes are irrevocable, the victims cannot reverse a payment once they realise that they have been conned.

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

Compensation was provided to some customers under the voluntary code on APP fraud, introduced on 28 May 2019. Data from a report published last week by UK Finance shows that customers have so far received £41 million in compensation in cases assessed under the code since it was introduced.

What is Confirmation of Payee?

Currently, when a payment is made, the banks are not able to check the name of the organisation or person who is to be paid. If the sort code and account number do not match this will be flagged, otherwise the money goes straight through.

After the introduction of Confirmation of Payee, banks will be able to check the name of the account of the person or organisation who is getting paid.

They will then let the account holder know the outcome of this check and advise them on the best way forward.

Don’t Miss This! Two Critical New Windows 0Days Being Actively Exploited – No Patch Yet

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.