The PSR is seeking views on proposals to increase the protections against APP scams, create quicker and mandatory reimbursements and put greater pressure on banks and building societies to tackle APP fraud.

The Payments Association will be responding to this consultation and we would like to represent our members’ views.

What is the consultation about?

The PSR is proposing to increase APP scam protections, and adjust the CRM code so that reimbursements are mandatory and quicker.

Why is this important? The proposals will impact payments protections and reimbursements.

How do I share my views?

• Send in your views via email to Riccardo.Tordera@thepaymentsassociation.org
• Arrange your interview to share your views with Riccardo. To book your interview, email Malik.Smith@thepaymentsassociation.org

What’s the deadline?

• The Payment Association’s deadline for written evidence: 16th November
• The interviews will be held between 7th November and 16^th November
• The Advisory Board will be given time to approve the draft before final submission
• The consultation deadline: 25^th November

What’s next?

The PSR will implement the proposed measures on APP scams within six months of gaining new powers through the Financial Services and Markets Bill.

APP scams are now the largest type of payment fraud in the UK. In 2021, losses to APP scams totalled £583.2 million, a 39% increase on the previous year. Many cases go unreported, so the real figures are likely to be higher.

The PSR has identified concerns with the CRM Code used by banks and building societies when dealing with victims of fraud. Of the reported cases, only 46% of total APP scam losses are reimbursed to the victim. However, following the CRM Code’s introduction, the rate of victim reimbursement by value rose from an industry average of 19% in the first half of 2019 to 41% in 2020, but only half of all victims receive their money back.

Nevertheless, the PSR want the fraud protection measures used by banks and building societies to be improved. The PSR says its plans will “usher greater protections from authorised push payment scam losses and will see further action being taken to prevent scams from happening in the first place”.

The PSR is proposing:

• A mandatory reimbursement for all online and mobile payments over £100, subject to an excess of no more than £35 and set time limit for claims of at least 13 months.
• Requiring reimbursement in all but exceptional cases – so more victims will get their money back.
• Improving the level of protection for APP scam victims, so there is greater consistency in protections for all victims, irrespective of who they bank with.
• Incentivise banks and building societies to prevent APP scams – because responsibility for allowing fraudulent payments is the responsibility of both the sending and receiving banks or building societies.

Chris Hemsley, managing director at the PSR, said: “We’ve seen progress over the last few years. Some firms have even gone much further with fraud guarantees, so we know people can be protected effectively. Our proposed rules will see everyone benefitting from strong protections, regardless of who they bank with.”

Legislation included in the Financial Services and Markets Bill will allow the PSR to require victim reimbursement for APP scams. The new powers will require the PSR to implement measures within six months of the laws coming into effect.

List of questions:

1. Do you have views on the impact of our proposals on consumers?
2. Do you have views on the impact of our proposals on PSPs?
3. Do you have views on the scope we propose for our requirements on reimbursement?
4. Do you have comments on our proposals:

• that there should be a consumer caution exception to mandatory reimbursement
• to use gross negligence as the consumer caution exception
• not to provide additional guidance on gross negligence?

5. Do you have comments on our proposal to require reimbursement of vulnerable consumers even if they acted with gross negligence?
6. Do you have comments on our proposal to use the FCA’s definition of a vulnerable customer?
7. Do you have comments on our proposals that:

• sending PSPs should be allowed to apply a modest fixed ‘excess’ to reimbursement
• any ‘excess’ should be set at no more than £35
• PSPs should be able to exempt vulnerable consumers from any ‘excess’ they apply?

8. Do you have comments on our proposals that:

• sending PSPs should be allowed to set a minimum claim threshold
• any threshold should be set at no more than £100
• PSPs should be able to exempt vulnerable consumers from any threshold they set?

9. Do you have comments on our proposal not to have a maximum threshold?
10. Do you have comments on our proposals that:

• sending PSPs should be allowed to set a time-limit for claims for mandatory reimbursement
• any time-limit should be set at no less than 13 months?

11. Do you have comments on our proposals that:

• the sending PSP is responsible for reimbursing the consumer
• reimbursement should be as soon possible, and no later than 48 hours after a claim is made, unless the PSP can evidence suspicions of first party fraud or gross negligence?

12. What standard of evidence for gross negligence or first party fraud would be sufficient to enable a PSP to take more time to investigate, and how long should the PSP have to investigate in those circumstances?
13. Do you have comments on our proposal for a 50:50 default allocation of reimbursement costs between sending and receiving PSPs?
14. Do you have views on our proposal that PSPs are able to choose to depart from the 50:50 default allocation by negotiation, mediation or dispute resolution based on a designated set of more tailored allocation criteria?
15. Do you have views on how scheme rules could implement our proposed 50:50 default allocation to multi-generational scams?
16. Do you have comments on our proposal for a 50:50 default allocation of repatriated funds between sending and receiving PSPs?
17. Do you have views on the scope we propose for rules on allocating the costs of mandatory reimbursement
18. Do you have views on our long-term vision, and our rationale for the PSO being the rule-setter responsible for mitigating fraud?
19. Do you have comments on the minimum initial set of Faster Payments scheme rules needed to implement our mandatory reimbursement proposals? 20. Do you have views on how we should exercise our powers under FSBRA to implement our requirements?
20. Do you have views on how we propose that allocation criteria and dispute resolution arrangements are developed and implemented?
21. Do you have comments on our preferred short-term implementation approach of requiring Pay.UK to implement an effective compliance monitoring regime, including a reporting requirement on PSPs?
22. Do you have views on the costs and benefits of Pay.UK implementing a real-time compliance monitoring system and when it could be introduced?
23. Do you have views on the best option for short-term enforcement arrangements?
24. Do you have views on the best way to apply the rules on reimbursement to indirect participants?
25. If it was necessary for us to give a direction, what are your views on whether we should direct indirect PSPs or IAPs?
26. Do you have comments on our cost benefit analysis at Annex 2 or any additional evidence relevant to the analysis?
27. Do you have any other comments on the proposals in this consultation?