Banks cannot delay tackling transfer fraud a single day longer, Which? is warning, as new research shows a staggering £674 per minute is being lost to this devastating crime. The consumer champion is calling for all banks to urgently reassure their customers that they will be better protected against fraudsters by signing up to the new voluntary industry Code of Practice, which came into effect on Tuesday 28 May.
While the new Code of Practice most certainly represents a significant step forward in the fight against bank transfer scams, Which? firmly believes that further critical steps are required in order to halt this worsening form of crime.
Three years on from Which?’s super-complaint, losses to bank transfer fraud are spiralling out of control, with £354 million lost in the last year alone – most of it stolen from personal accounts. This figure means that, every month, £29.5 million is lost to bank transfer fraud. That equates to £970,685 per day, £40,445 per hour, £674 per minute and £11 per second.
Bank transfer scams can cost people their entire savings, with average losses to personal accounts of £2,920. Which? regularly hears from victims whose lives have been thrown into chaos by the loss of much smaller sums.
The new Code of Practice is designed to give better protection against transfer fraud and to ensure all those who’ve lost money through no fault of their own are swiftly reimbursed.
Which? has written to UK Finance demanding that the industry meets five tests that will determine the Code of Practice’s success. These are critical in ensuring progress towards the overall goal of finally halting bank transfer scams.
Which?’s five key tests
*Banks must promise to protect their customers by signing up to the Code of Practice with the regulator pledging to conduct a one-year review on its effectiveness
*The regulator must ensure that all banks introduce vital name-check security (confirmation of payee) no later than its new deadline of March 2020. The latest delay will cost people an additional £109 million in losses while they wait for this important measure
*No blameless scam victim should ever be denied reimbursement again and full refunds should be issued swiftly
*Banks must show they are serious about protecting consumers by immediately agreeing a long-term funding solution for no blame refunds
*Banks must publish victim and reimbursement figures on a regular basis to allow effective monitoring in the fight against transfer fraud.
Last year, just 23% of losses were returned, meaning countless victims were left out of pocket by these increasingly sophisticated scams which often involved fraudsters posing convincingly as bank staff, lawyers and other legitimate businesses. Which? is demanding an end to the dark days of victims struggling to recover their money, with the Code of Practice now requiring signed-up banks to reimburse all blameless victims.
One bank recently went above and beyond the requirements set out in the Code by offering a refund guarantee to all of its customers who might fall victim. Which? wants to see other banks exploring whether this potentially game-changing approach should be adopted across the industry to ensure swift and fair reimbursement to all victims.
End to bank transfer fraud
Which? believes the adoption of this Code of Practice is a key first step towards putting an end to bank transfer fraud and will closely monitor its implementation. The consumer champion will not hesitate to demand intervention from the regulator if it fails to deliver for consumers.
Gareth Shaw, head of money at Which?, said: “For too long, victims of bank transfer fraud have lost life-changing sums and subsequently faced a gruelling battle to recover their money. By adopting this Code of Practice, banks must offer much greater protection to consumers, while quickly and fairly reimbursing those who are unfortunate enough to fall victim. Failure to do so will require swift intervention from the regulator as these devastating scams cannot be allowed to derail lives any longer.”
Jay Floyd, principal financial crime consultant at ACI Worldwide, observed: “The figures from Which? are unfortunately not surprising. Fraudsters have built up an arsenal of different approaches to dupe consumers into offering up their personal details. The effect on consumers is heavily damaging. Not only are they faced with the physical loss of funds, but there’s a significant emotional impact as well. Banks must therefore ensure they can stop a threat at the first point of contact.”
Floyd went on to state: “The advent of open APIs means financial institutions will be able to use overlay services such as ‘Confirmation of Payee’ to pre-empt and prevent fraud before a transaction happens, creating a facility to cross-check the account name with the account details and give the payer certainty. We’re also seeing banks working directly with telecom companies to block text messages and phone numbers that have been linked to fraud. Ultimately, it’s vital that organisations take a multi-layered approached towards fraud prevention. Implementing one solution without other defences will simply prove to be ineffective.”