Push payment fraud (also known as "authorised push payment fraud" or APP fraud) is a form of fraud in which victims are manipulated into making real-time payments to fraudsters, typically by social engineering attacks involving impersonation.[1][2] These authorised frauds can also be related to investment scams, where the victim is tricked into sending money for investments that do not exist, and to romance scams, where the fraudster tricks the victim into thinking they are in a relationship. The opposing type of fraud is known as "pull payment fraud", which occurs when an account holder provides a payee with the relevant bank account details enabling a fraudulent payee to take (or "pull") funds from the payer’s account.[3]

United Kingdom

Until 2019 in the United Kingdom, because the victims of these frauds authorised the payments, albeit mistakenly, they were typically not fully reimbursed by their banks.[4] In September 2016, Which? raised a super-complaint regarding push payments and calling for changes in legislation to provide better protection for innocent bank customers.[3] The Payment Systems Regulator (PSR) investigated and found within "a short space of time" that the UK banks could work together in a better way to avoid scams and that some banks needed to do more to identify "potentially fraudulent incoming payments". The regulator was also concerned that there was limited information available on the scale and nature of the problem.[5] The PSR initiated a consultation process in November 2017, which was completed in February 2018. In March 2018 a "draft contingent model code" was published.[3]

From May 2019 some victims were able to receive refunds under the Contingent Reimbursement Model Scheme,[6] a voluntary scheme overseen by the PSR which provides protections for customers of signatory firms,[7] subject to a number of exclusions.

New rules where introduced on 7 October 2024 covering claims for reimbursement for amounts up to £85,000.[8]

Ireland

KPMG has reported that the Central Bank of Ireland set out its APP fraud banking expectations in its Consumer Protection Outlook Report 2023. The Central Bank requires financial businesses, to operate "effective measures to mitigate the risk of fraud", taking a proactive approach, and helping customers where necessary to recover funds where possible.[9]

References

  1. ^ Tims, Anna (2018-10-17). "If you've been sent bank details by email, be warned". The Guardian. ISSN 0261-3077. Retrieved 2019-01-07.
  2. ^ Lindsay, Jessica (2018-09-28). "What is a push payment and how to avoid fraud?". Metro. Retrieved 2019-01-07.
  3. ^ a b c Power, L. and Elgar, R., Push payment fraud: Update Autumn 2018, Walker Morris published on 17 October 2018, accessed on 1 April 2025
  4. ^ "Refund hopes rise for payment scam victims". BBC News. 2018-09-28. Retrieved 2019-01-07.
  5. ^ Payment Systems Regulator (part of the Financial Conduct Authority), Which? authorised push payment super-complaint, Factsheet No. 16/9, accessed on 2 April 2025
  6. ^ "Consumer protection standards for APP scams". The Lending Standards Board (LSB). Retrieved 24 April 2023.
  7. ^ "Registered Firms". Lending Standards Board (LSB). Retrieved 24 April 2023. List of banking institutions signed up with the Lending Standards Board, updated as required.
  8. ^ HSBC Bank, What is an authorised push payment (APP) scam?, accessed on 30 October 2024
  9. ^ KPMG, Authorised Push Payment Scams, accessed on 2 April 2025


Allikas: https://en.wikipedia.org/wiki/Authorised_push_payment_fraud
No tags for this post.