APP scams

Our work to prevent Authorised Push Payment (APP) fraud

Last updated: March 2024

What are Authorised Push Payment scams?

APP scams happen when someone is tricked into sending money to a fraudster posing as a genuine payee.

Every year thousands of individuals and businesses fall victim to APP scams, which can have a devastating impact on people's lives. The latest figures show £239.3 million was lost to APP scams in the first half of 2023.

The PSR expects to see more action from financial institutions to stop these scams from happening and to better protect people if they do fall victim.

There are various types of APP scams which are either:

  • ‘malicious payee’, for example, tricking someone into purchasing goods which don’t exist or are never received.
  • ‘malicious redirection’, for example a fraudster impersonating bank staff to get someone to transfer funds out of their bank account and into that of a fraudster.

Getting the right protections for everyone

In May 2022, Treasury announced its intention to legislate to allow the PSR to require victim reimbursement for APP scams and in June 2023, this legislation came into effect with the Financial Services and Markets Bill receiving Royal Assent.

Following a number of consultations, we published our final policy statement on reimbursement requirements in December 2023, clarifying what this means for customers and firms.

In the lead up to 7 October 2024, when our reimbursement requirements come into force, we have published a roadmap to implementation. This sets out steps firms should be taking as we approach implementation, how they can get in touch to request clarity on our policy statement and legal instruments, and our upcoming implementation consultations.

The new requirements will prompt a step change in the culture of payments to improve fraud prevention and focus all firms on protecting people.

  • There will be new rules in Faster Payments – the payment system across which the vast majority of APP fraud currently takes place – strengthening Pay.UK’s ability to tackle fraud.
  • All payment firms will be incentivised to take action, with both sending and receiving firms splitting the costs of reimbursement 50:50.
  • Customers will be more protected under consistent minimum standards, with most APP fraud victims being reimbursed within five business days and additional protections offered for vulnerable customers.
  • Industry will have clearer guidance to follow, including around the ability to apply a claim excess and maximum level of reimbursement, which the PSR will consult on later this year.

We are working with Pay.UK - the operator of Faster Payments - and the industry to make sure these requirements can be implemented as quickly as possible. In the meantime, banks and building societies should continue to develop their fraud detection and prevention arrangements to respond to the ongoing risk of fraud to their customers.

The PSR is also leading on a wider set of changes, including:

  • The regular publication of data on how well firms are protecting customers.
  • The continued rollout of Confirmation of Payee (CoP) - the name checking service designed to help prevent APP scams and misdirected payments.
  • Supporting and encouraging improved intelligence sharing among payment firms to spot fraudulent transactions and stop them from happening.

Policy clarification queries

We have put in place a policy clarifications process, allowing firms to write to us at Appscamspolicyclarifications@psr.org.uk, requesting clarity on the policy statements and legal instruments. We will upload responses onto our APP scams policy clarifications page and will work with Pay.UK to disseminate this information as widely as possible to ensure firm readiness.