PS23/1 APP scams: Measure 1 - Collection and publication of performance data

Why we are publishing this document

We are driving forward a package of financial and reputational incentive measures to tackle authorised push payment (APP) scams – these are on the publication of scam data, industry efforts to improve intelligence sharing, and greater consumer protections for APP scam victims.

This document focuses on the publication of data on APP scam performance, which will, for the first time, show how well all payment firms are handling APP scams.

This is a crucial step towards greater transparency in the fight against fraud. Firms across the whole payments industry – on both the sending and receiving end of a payment – will be accountable for their performance and encouraged to do more to prevent fraud and look after victims.

This action will also importantly put more power in the hands of the customer, as they will be able to see how well they’ll be protected by their bank or building society if they’re scammed. This will see a significant step up in the information customers have available to them when choosing who to bank with

What this document contains

This policy statement explains our decision to direct 14 of the largest UK payment service providers (PSP) groups to collect and provide data to the regulator which will cover 95% of transactions.

The reporting requirement will see the following data being published:

• the proportion of victims of APP scams who do not get reimbursed 
• the rates of APP scams happening at sending payment firms
• the rates of APP scams happening at receiving payment firms

The 14 PSP groups subject to this direction (Specific Direction 18) are: AIB, Barclays, HSBC, Lloyds, Metro Bank plc, Monzo Bank Limited, NatWest group, Nationwide Building Society, Northern Bank Limited, Santander UK plc, Starling Bank Limited, the Co-operative Bank, TSB Bank pc and Virgin Money UK plc.   

Alongside this policy statement, we have published Specific Direction 18, reporting guidance and data collection templates (a clean version and an example data version). These accompanying documents can be found further down this page.

Who should read this document

This document is relevant to the payments industry, consumer groups and PSPs, particularly those already involved in our work on APP scams. The reporting guidance and data collection templates will be particularly relevant to both sending and receiving PSPs. 

What happens next

The 14 directed groups will be required to provide the PSR with the first set of data by May 2023. The regulator then expects to publish this data in October 2023, and on a six-monthly basis thereafter. This requirement may adapt over time to reflect new changes or data that should be presented.

The data that will be published by the PSR in October will be aggregated – meaning it will be presented on a banking group basis (for example, Lloyds Banking Group’s data will include Lloyds Bank, Halifax, and Bank of Scotland).