Why are we publishing this document?
Authorised push payment (APP) scams happen when fraudsters trick someone into sending a payment to a bank account controlled by the fraudster. APP scams are a major problem in the UK. We want to prevent APP scams happening in the first place and also protect people who do fall victim to them. In November 2021, we launched a consultation and set out three measures to achieve that outcome:
- Measure 1 involves the publication of scam data.
- Measure 2 tasks the industry with improving intelligence sharing.
- Measure 3 deals with wider reimbursement for APP scam victims.
In September 2022, we published a consultation around Measure 3 and mandatory reimbursement, and we are now reconsulting on the implementation of a specific metric included in Measure 1 (Metric C).
What does this document contain?
This consultation follows our consideration of the feedback received to our consultation in November 2021 and the further engagement we have had with stakeholders in recent months. Under Measure 1, we will require the 14 largest payment service provider (PSP) groups (the 12 largest in the UK, plus two in Northern Ireland) to provide six-monthly data on APP scam performance. We consulted on three metrics:
- Metric A: The proportion of APP scammed customers who are left – fully or partially – out of pocket.
- Metric B: Sending PSPs’ APP scam rates.
- Metric C: Receiving PSPs’ APP scam rates, net of recoveries.
We still believe that Metrics A, B and C are the right metrics to publish, to achieve our objective of improving PSP’s performance in relation to reimbursement and prevention, via reputational incentives. They will also, in time, help us to monitor the implementation of our Measure 3 on wider reimbursement for APP scam victims.
In this consultation, we propose that:
- The 14 directed sending PSPs submit Metric C data on receiving PSPs to the PSR.
- Receiving PSPs will have the option to ask sending PSPs for a breakdown of their APP scam data, so that they can check it. And sponsor PSPs, where they have the ability to, have the option to identify APP scam transactions that should be allocated to their indirect PSPs. We propose to require sending PSPs to assist receiving PSPs in this checking process, if they ask for it.
- Sending PSPs will re-submit their final data to us (or confirm that there are no changes), with any adjustments that they consider appropriate (following any requests for revisions from receiving PSPs). Their submissions will be signed-off by the Chief Financial Officer (CFO) or equivalent to provide assurance over this data.
- We will review the final data submitted by the sending PSPs and publish it six months after the end of the data period. We will publish Metrics A, B and C together.
Who should read this document?
This document is relevant to the payments industry, consumer groups and PSPs, particularly those already involved in our work on APP scams.
What happens next?
The consultation is open until 5pm on 17 January 2023. You can email your comments to appscamsdata@psr.org.uk or write to us at:
APP scams team
Payment Systems Regulator
12 Endeavour Square
London
E20 1JN