New protection for individuals tricked into transferring money to fraudsters comes into force today (Tuesday 28th May). The new code aims to make sure that customers making payments are not penalised for fraudsters’ criminal actions – even in circumstances where the customer’s bank has done everything reasonably expected of it to protect the customer. The refund will come from a central pot in cases when neither the bank nor the customer are to blame.

Responding to the launch of the Authorised Push Payment Scams Voluntary Code (the Code), Stephen Jones, Chief Executive of UK Finance, said “Defending customers from fraud and preventing stolen money from going to criminals is a core priority for the finance industry. The launch of this voluntary Code is a significant moment, bringing a new level of protection from authorised push payment (APP) scams. From today, firms who have signed up to the code have committed to new standards of consumer protection and to reimbursing the victims of these scams, provided the customer has met the standards expected of them.”

“In situations where both the customer and their payment service provider meet the required standards set out in the Code, a customer of a firm signed up to the Code who falls victim to APP fraud will still receive their money back. To fund this compensation to victims, as an interim arrangement a number of the launch signatories of the Code have established a fund to provide reimbursements from implementation until a new long-term funding arrangement is in place no later than the end of this year. We are working with the regulators and government to establish this mechanism before the end of the year.”

“Meanwhile the industry continues to invest billions in tackling economic crime and protecting customers – developing sophisticated security technologies, helping law enforcement apprehend the criminals responsible and assisting the government in improving fraud intelligence sharing.”

Karen Baxter, national co-ordinator for economic crime at the City of London Police, says banks should not automatically refund victims of fraud, suggesting it is important to cultivate a sense of personal responsibility. She told the Sunday Times “We need people to be more diligent, to be more personally responsible.”

Keith McGill, Head of ID & Fraud at Equifax UK, said “Authorised Push Payment (APP) fraud, where victims are tricked into transferring funds into accounts controlled by fraudsters, has been a growing issue, with losses of over £145m* in the first half of 2018 alone. The new voluntary code for payment providers coming into force today demonstrates the industry commitment to tackling this type of scam. The code supports rules introduced by the FCA earlier this year, which give consumers stronger redress with the recipient bank or building society being used by the fraudster, in addition to their own.”

“The code, which outlines a ‘contingent reimbursement model’ for customers when banks and payment providers fail to meet minimum standards such as confirming the name on the account that funds are being paid into, is a positive step forward from those involved and we hope it continues to attract more members. Importantly, it also specifies a certain level of care that needs to be taken by consumers, encouraging people to remain vigilant and take sensible precautions so that businesses aren’t left to shoulder the burden of tackling fraud alone.”

“Payment providers have been working hard to deploy solutions to meet the new code and play their part in mitigating APP fraud, and it is vital that these efforts continue. This new code is a good example of how the industry can work together to develop lasting solutions to address fraud and improve outcomes for consumers and businesses alike.”

 The following Payment Service Providers (PSPs) have committed to implementing the Code from today:

Payment Service Provider Brands
Barclays Barclays

First Direct

M&S Bank

Lloyds Banking Group Lloyds Bank


Bank of Scotland

Intelligent Finance

Metro Bank Metro Bank
Nationwide Nationwide
RBS Royal Bank of Scotland


Ulster Bank

Santander Santander


Carter Allen

Starling Bank Starling Bank

The following PSPs have established a fund in order for customers in the ‘no blame’ scenario to be reimbursed from today:

  • Barclays
  • HSBC
  • Lloyds Banking Group
  • Metro
  • Nationwide
  • RBS
  • Santander