Authorised Push Payment (APP) fraud—a scam where victims are deceived into sending payments to fraudsters under the guise of legitimate transactions —remains a formidable challenge for the UK’s financial sector. In 2023, losses attributed to APP fraud amounted to £341 million, according to the Payment Systems Regulator (PSR). While this marked a 12% decline in total value compared to the previous year, the number of reported cases surged by an equal percentage, surpassing 252,600 incidents. This persistent problem highlights the adaptability of fraudsters, who continuously refine their schemes to exploit vulnerabilities and sustain illicit profits.
A Crucial Innovation: Confirmation of Payee
To combat APP fraud, regulators have introduced measures aimed at strengthening consumer protections and enhancing fraud prevention. Among the most significant of these is Confirmation of Payee (CoP), a name-checking service launched in 2019. By verifying that the recipient of a payment matches the account holder’s name, CoP provides a critical safeguard against misdirected or fraudulent transfers.
Initially introduced by six major banks, CoP has grown to include nearly 400 additional firms and, as of October 2024, now encompasses almost all consumer bank payments in the UK. Its effectiveness stems from its straightforward approach: when setting up a new payee—most commonly through a mobile banking app—CoP flags any mismatches between the provided name and account details. This brief pause allows users to reassess and potentially avoid fraudulent transactions.
CoP illustrates how small, targeted interventions can yield transformative results. Its success demonstrates the potential of practical, collaborative solutions to reduce fraud. Building on such innovations, the introduction of the new liability framework signals a shift toward shared accountability in tackling APP fraud.
The New Liability Framework: A double-edged sword
Despite such advances, APP fraud continues to evolve, prompting regulators to push banks toward ever more robust defenses. In October 2024, the PSR introduced a new liability framework mandating that sending and receiving banks share responsibility for fraud-related losses. Under this framework, each institution may be liable for up to £42,500 per incident, with a total compensation cap of £85,000.
The framework is designed to incentivize banks to enhance their fraud prevention capabilities while providing consumers with greater protection. In response, some banks, like Monzo, have introduced consumer-focused features such as an app-based tool to verify whether a caller claiming to represent the bank is genuine. These measures reflect a broader trend of banks overlaying safeguards to protect customers and reduce financial liability.
Yet, regulatory changes have introduced unintended consequences. Banks now have the authority to pause payments for up to four days to investigate suspicious transactions, a significant departure from the previous requirement to process or decline payments by the next business day. While this extension grants banks valuable time to detect and prevent fraud, it also risks delaying critical transactions. For example, property buyers needing to transfer large sums promptly could face severe disruptions due to such delays.
The Paradox of Open Banking
These challenges extend beyond traditional bank transfers and are beginning to affect newer, more secure payment methods such as Open Banking. The liability framework’s cautious approach has begun to ripple into Open Banking payments, where delays in submission to the Faster Payments Scheme often result from additional authentication requirements.
This cautious approach is paradoxical, as Open Banking payments often utilize stronger authentication protocols and provide greater transparency than manual transfers. Such delays risk undermining consumer trust in Open Banking, which has been championed as a secure and efficient alternative. If customers encounter friction or perceive Open Banking as unreliable, its adoption could slow, hindering innovation in payment systems.
Banks must strike a delicate balance between robust fraud prevention and seamless payment experiences to avoid stifling progress in digital finance. Overly cautious measures could erode trust in innovative solutions, leaving the payments ecosystem less dynamic and potentially less secure in the long term.
The Role of Digital Marketplaces in APP Fraud
While Open Banking demonstrates how secure systems can be undermined by over-caution, digital marketplaces highlight how systemic vulnerabilities extend beyond traditional financial institutions, requiring a broader approach to tackling fraud. In 2023, purchase scams accounted for 70% of all APP fraud cases, with 176,685 incidents leading to losses of £85.2 million—a 27% rise compared to the previous year. Platforms like Facebook Marketplace are frequently exploited by fraudsters, who advertise attractively priced goods only to disappear once payments are made.
Data from TSB reveals that purchase fraud accounted for four in five (80%) of all social media fraud cases at TSB. Notably, seven in 10 (71%) of these cases stemmed from Facebook. Similarly, Revolut reported that 60% of its UK scam cases in 2023 originated on Meta platforms, increasing to 66% in the latter half of the year. While these platforms create immense opportunities for commerce and connection, their openness and scale can sometimes make them attractive targets for fraudulent activity.
Addressing these risks requires a broader perspective on the role of digital marketplaces in the ecosystem of fraud. Currently, financial institutions shoulder the responsibility for reimbursing victims under the APP liability framework, despite lacking control over the environments where fraud often originates.
Digital marketplaces are critical hubs of peer-to-peer commerce but face challenges in prioritizing fraud prevention. Metrics focused on activity or listings may inadvertently deprioritize fraud mitigation. Platforms like eBay, which employ seller verification and buyer protection programs, demonstrate how proactive measures can reduce risks and foster user trust. Adopting similar approaches across other marketplaces could significantly improve consumer confidence.
More systemic change could yield even greater results. If regulators encouraged platforms to take a more active role in fraud reimbursement, it would align incentives and spur innovation in fraud prevention. Faced with the financial impact of fraud, platforms would likely invest in advanced safeguards, such as real-time fraud detection systems, improved seller verification processes, and tighter monitoring of transactions.
Collaborating with financial institutions and regulators, digital marketplaces can help create a safer ecosystem. Proactive measures would not only reduce the prevalence of fraud but also enhance trust in digital platforms, benefiting consumers, legitimate sellers, and the broader economy alike.
A Path Forward: Collaboration and Innovation
APP fraud does not arise from a single point of failure but from vulnerabilities across a complex ecosystem of financial and digital platforms. By embracing shared accountability, stakeholders can collaboratively address these risks and create a payments landscape that is resilient, secure, and innovative