FF News Logo
Monday, January 20, 2025
banking-and-payments-report-web-leaderboard-728x90-2 (1)

APP Fraud Legislation: a Double-Edged Sword

Drawing on insights from Dr. Ozan Ozerk, serial fintech entrepreneur, this article explores the complexities and potential repercussions of the UK’s mandatory reimbursement rule for APP fraud.

When the UK rolled out its mandatory reimbursement rule for Authorised Push Payment (APP) fraud on October 7, 2024, it marked a new chapter in consumer protection. With banks now responsible for compensating victims up to £85,000 within five days, it seems like a win for customers. But, as I see it, this new legislation, while well-intentioned, brings a host of complex and potentially damaging consequences. There’s no denying we need better protection from fraud, yet I worry that this law, instead of curbing crime, may actually make things worse for the banking sector, consumers, and – ironically – fraud victims themselves.

The growing menace of APP fraud

APP fraud, where victims are deceived into authorising payments to fraudsters, has become an epidemic. Last year, UK consumers over £340million to such scams, and losses are rising globally. Seeing these numbers, it’s clear why the government felt compelled to act decisively. The hope is that by holding banks liable, we’ll see reduced fraud and better outcomes for customers. And on a superficial level, making banks financially responsible seems like a good idea – but what if this ends up hitting vulnerable consumers the hardest?

Risk of financial exclusion for vulnerable customers

One of my major concerns with this legislation is its potential to lead to financial exclusion, particularly among the most vulnerable populations. Banks, now accountable for fraud claims, will inevitably look to minimise risks, which could mean stricter criteria for who can access basic services. I see a real possibility that certain groups, especially older adults or individuals flagged as high-risk, will face higher fees or reduced access to services.

The irony here is that the law, meant to protect consumers, could end up isolating the very people it aims to support. Imagine being in your sixties or seventies, only to find that you’re being de-banked or charged premium fees simply because you’re statistically more vulnerable to fraud. The end result is legislation that deepens financial insecurity, not reduces it. In my view, we should be pushing for inclusivity and access, not inadvertently cutting people off from essential services due to unintended consequences of well-meaning laws.

A new incentive for “crime-as-a-service”

Another issue I find deeply troubling is how this legislation might unintentionally encourage fraud. By offering guaranteed compensation, we might inadvertently create a system that fraudsters can exploit. Criminal networks could see this as an opportunity to orchestrate scams where both the fraudster and “victim” share in the proceeds. The term “crime-as-a-service” may sound dramatic, but the reality is that we are inadvertently putting a price tag on fraud. Fraudsters may now have a financial incentive to exploit the system, leading to a rise in organised crime networks taking advantage of this loophole

We could end up in a situation where fraudsters benefit directly from laws designed to stop them. This isn’t just a theoretical problem—other industries have seen similar unintended outcomes, and the financial sector is no different. It makes me question if we’re really tackling fraud in a way that deters criminals or if we’re making it easier for them to game the system.

Deteriorating customer experience

It’s not just the banks who stand to lose. Customers are going to feel the effects of this legislation in tangible ways, especially around transaction speeds. Banks now have the option to hold Faster Payments transactions for up to four days to investigate potential fraud, which fundamentally changes the nature of what was once an instant service. For businesses and individuals who rely on quick settlements, this delay is a serious drawback.

This slower service also translates to higher operational costs for banks as they upgrade fraud detection systems and ramp up customer education efforts. Ultimately, I suspect these costs will be passed onto customers, especially those deemed “high-risk,” who could see rising fees and a reduction in free banking services. It’s troubling to think that while fraud protection may improve, the quality and accessibility of everyday banking services could suffer.

A missed opportunity: tech companies’ role in fraud prevention

One aspect that the legislation appears to overlook is the role of tech companies, especially social media platforms, in enabling APP fraud. Let’s face it: many scams originate on social media and online marketplaces. Yet, the law squarely places the burden on banks, leaving tech companies largely off the hook. Banks and payment institutions like Revolut and NatWest have raised this point, arguing that tech giants should also bear responsibility for fraud originating on their platforms. I agree. Social media companies play a huge part in these scams and should be compelled to enhance fraud prevention measures and work more closely with financial institutions to address the problem at its source.

APP fraud is of course a global problem, and Japan has already taken action in this area; they’ve introduced advertising screening across social media and strict ID checks for dating apps (love is still blind, apparently). It seems obvious but without holding these tech companies accountable, we’re only tackling half of the issue. A truly effective solution would bring banks and tech platforms together, creating a comprehensive framework for fraud prevention that doesn’t leave consumers vulnerable. The current approach, while a positive step for consumer protection, misses an important piece of the puzzle.

Questioning the cap: why £85,000?

The compensation cap is set at £85k, which, while considerable, is down from the original figure suggested of £415k. £85k may sound familiar – that’s because they’ve brought it in line with the existing Financial Services Compensation Scheme (FSCS) limit already present in the banking sector.

The cap has been brought in with the consumer in mind – the highest-value scams are made up of multiple transactions rather than one-off hits. But even this may be too big for some smaller banks and financial institutions, so I would propose a tiered system – in the same manner that FCA impose fines on financial institutions, based on the size of the bank while maintaining the same cap across all banks covered by the FSCS.

Smaller banks wouldn’t face the same financial burden as larger institutions, allowing for a more level playing field and potentially preserving competition in the sector.

Moving forward: what needs to change?

For this legislation to truly work, we need a balanced, collaborative approach. Here are some steps I believe could make a difference:

  • Educate: A well-informed consumer base is our first line of defence against fraud. Public awareness campaigns that educate people on how to recognise and avoid scams could significantly reduce the incidence of fraud, relieving some pressure on banks.
  • Invest: Banks need to continue developing fraud detection tools powered by AI and machine learning. The more we can catch fraud in real-time, the fewer cases banks will need to compensate, reducing their financial exposure under this legislation.
  • Broaden liability: Social media and tech companies need to be part of the solution. By extending accountability to these platforms, we could encourage more robust fraud prevention measures and foster collaboration across industries to address fraud holistically.
  • Prosecute: This seems obvious, but unless fraud teams are adequately resourced, these crimes will go unpunished, and every criminal success encourages more of the same. It’s maybe telling that the UK only publishes numbers on the value of the fraud, not the number of prosecutions it has led to.
  • Review: The law should not be static. We need to continuously analyse claim data and adjust the legislation based on what’s working and what isn’t. Regular reviews and amendments can help the framework stay relevant and responsive to emerging fraud trends.

Conclusion

The UK’s APP fraud legislation is undoubtedly a bold step forward for consumer protection, and I appreciate its intent. However, without thoughtful adjustments, this law could end up creating as many problems as it solves. By expanding the scope of accountability, refining reimbursement structures and enhancing consumer education, we can work toward a more balanced and effective system that truly safeguards consumers while minimising unintended consequences. Only then can we claim real progress in the fight against APP fraud, protecting both the vulnerable and the diligent without compromising the accessibility and quality of financial services.

People In This Post

  1. Nearly Three-Quarters of Businesses Feel Overburdened in the Fight Against Financial Crime Read more
  2. Acquired.com Announces the Appointment of Ex-Stripe Senior Leader as Chief Operating Officer Read more
  3. bunq Introduces Mastercard Benefits to its European SMEs Read more
  4. dtcpay Partners With Primer to Meet the Growing Demand for Seamless Stablecoin Payments in Southeast Asia Read more
  5. SAMA and Google Sign Agreement to Bring Google Pay to KSA During 2025 Read more
FiX25-FF-news-Web side bar-300x600 (1)