APP Fraud - bank transfer scams

One of the most common scams in recent years is ‘Authorised Push Payment’ (APP) fraud. Read this Quick Guide to find out what to do if you’re ever a victim of APP fraud.

Authorised Push Payments (APP) occurs when fraudsters defraud individuals into making payments to them. 

Some common scenarios are where you receive a call from someone pretending to be a representative of a bank and claims that there has been fraud on your account, which requires them to move money immediately. Fraudsters can also pretend to be a solicitor, builder or another individual whom you were expecting to pay soon. Fraudsters can also use the information that makes it appear legitimate, such as text chains from the bank, calling from the bank’s number or using information about the customer that only the bank would know.

  1. Contact your bank

You should contact you bank immediately and explain what has happened. Your bank may be able to stop the transaction or recover the money you sent. 

  1. Contact the bank where the money was sent

You should also contract the bank where the money was received. They may be able to halt the money and get it back for you. 

You can also make a formal complaint to this bank. If the bank does not act quickly or appropriately enough you may be able to take this complaint to the Financial Ombudsman Service who can investigate further.

  1. Formal complaint

If your bank has signed up to the Authorised Push Payment Scam Code

If your bank has signed up to the Authorised Push Payment Scam Code, there are a number of steps it is required to take in these situations. 

Note that the Code only applies to transfers between UK accounts and not all banks have signed up to it, as it is voluntary. You can ask your bank or check on the Payment Service Regulator’s website whether they are a member.

When you report an APP fraud to your bank, there is a set of criteria in the code that banks should use to determine whether you would be able to get your money back. 

The list of criteria the bank will use includes: 

  • the transaction must be an APP scam  

  • the transaction must be between GBP-denominated UK domestic accounts

  • you (the payer) must be a consumer, a micro-enterprise or a small charity

  • the transaction must be between the victim’s account and the first receiving account 

However, a bank may choose not to reimburse a victim under the exceptions contained in the code. The main exceptions include: 

  • you ignored warnings given in compliance with the code

  • you made the payment without a reasonable basis for believing that the transaction was legitimate

  • you have been grossly negligent in making the payment

  • if the victim is an entity (i.e. a micro-enterprise or small charity), it did not follow its own internal payment procedures

There is a further exception for victims which are assessed as being vulnerable to APP scams, and they should be reimbursed notwithstanding that the victim may fall within one of the exceptions above. Factors which will be taken into account to determine this include the victim’s personal circumstances, their knowledge, skills and capabilities in engaging with financial services and the (financial or non-financial) impact of the scam on the particular victim. 

You can read the code here

If your bank has not signed up to the Authorised Push Payment Scam Code

You should still make a formal complaint to your bank. 

The bank may refuse to refund you either because you authorised the payment by providing the scammer with your details or because you were ‘grossly negligent’. However, the bank should prove why they’re refusing to refund you. 

If you are refused a reimbursement, you may be able to look to the Financial Ombudsman Service (FSO) to challenge that conclusion. 

 

To avoid becoming a victim of APP scams, read the Government and UK Finance’s website which aims to help prevent consumers from falling victims to APP scams. 

Remember you should also report any scams to Action Fraud, who are the UK’s national reporting centre for fraud and cybercrime.