PSR responds to Which? super-complaint on consumer push payment scams

Today, the Payment Systems Regulator (PSR) published its response to the recent Which? super-complaint. This was in relation to consumer safeguards for consumers tricked into making authorised push payments (sending money by bank transfers) to scammers. Which? argued that the risk of financial loss rests solely with consumers and said there are currently no legal protections for them if they lose money this way. It also suggested that banks are typically better placed than consumers to guard against fraud risks and argued for changes in the law, to incentivise banks to do more to protect consumers.

This was the first super-complaint received by the PSR, which was also forwarded to the FCA – who has provided advice and assistance to the PSR in its response.

The PSR has rejected the two Which? potential options for dealing with the issue - making PSPs liable for re-imbursing victims or introducing risk management standards that PSPs must meet when executing an authorised push payment. The PSR did not find sufficient evidence to justify that these options were proportionate to take forward.

Issues to be addressed

Instead, the PSR says there are three main issues that need to be addressed:

• the way in which PSPs currently work together in responding to reports of authorised push payment scams needs to improve – in some instances, they found that both sending and receiving PSPs have problems engaging with each other in an effective and timely manner when attempting to recover payments made under this type of scam. They also highlighted that operators of payment systems such as CHAPS and Faster Payments do not have rules, policies or procedures related to consumer protection against fraud or scams because they view this as outside their remit to intervene in what they regard as a private contractual matter between PSPs and their customers;
• some PSPs could do more to identify potentially fraudulent incoming payments and prevent accounts falling under the influence of scammers – the commercial incentives and obligations for "receiving" PSPs to ensure there are appropriate safeguards in place to protect customers of other PSPs that fall victim to push payment scams are weaker than for "sending" PSPs; and
• the data on the scale and types of push payment scams is of poor quality. Initial evidence however suggests that the scale of these scams is significant and that they are likely to increase.

In conjunction with the PSR's response, the FCA has today also announced that it will:

• work with firms to tackle concerns around both sending and receiving banks in relation to authorised push payment fraud;
• examine evidence received in relation to the super-complaint and address any firm-specific issues directly; and
• if, following the above steps, there are unresolved sector-wide issues, initiate further work, building on developments made since the 2012 thematic review of banks' defences against investment fraud.

Next steps

The PSR proposes a package of work to address these issues, to be led by the banking industry, and ultimately "make fraud more difficult and less prevalent". Their objective is to increase the chance that the victim will be able to recover the funds. The PSR also acknowledges that there is already work underway as part of other payments and antifraud initiatives, including the verification of payee work, that will help to address scams where the victim is duped into making a payment to the wrong account. The PSR's proposals are designed to complement this work.