The Financial Conduct Authority (FCA) has published new rules allowing victims of Authorised Push Payment (APP) fraud to complain to the payment services provider (PSP) receiving their payment.
In the case of APP fraud, the PSP is often a bank which holds the accounts of either the victim or fraudster. Currently, the sending PSP, but not the receiving PSP, must handle these complaints in line with existing complaints handling rules in the FCA Handbook. These obligations have now been extended to the receiving PSP and victims can refer their complaints to the Financial Ombudsman Service if they are unhappy with the outcome. The new rules will come into force on 31 January 2019.
Christopher Woolard, Executive Director of Strategy and Competition said:
‘The FCA takes APP fraud and the harm it causes to consumers very seriously. Now victims of APP fraud can make a complaint to the PSP receiving their payment and if they’re not satisfied with the outcome, can refer their complaint to the Financial Ombudsman Service.’
APP fraud is where a fraudster tricks a payer into making an APP to an account controlled by that fraudster. UK Finance data on APP fraud show there were 43,875 cases of APP fraud and total losses of £236 million in 2017.
Following a super complaint by Which? the FCA and Payment Systems Regulator (PSR) investigated APP fraud and found that receiving PSPs could do more to identify fraudulent incoming payments and prevent accounts from being compromised by fraudsters. The FCA shares concerns with the PSR and the industry that APP fraud is a growing problem. Separately, a steering group established by the PSR is developing a voluntary industry code, which aims to set standards for PSPs to prevent and respond to APP fraud and reimburse victims of APP fraud in certain circumstances.
- PS18/22: Authorised push payment fraud – extending the jurisdiction of the Financial Ombudsman Service
- CP18/25: Approach to final Regulatory Technical Standards and EBA guidelines under the revised Payment Services Directive (PSD2)
- The FCA consulted on requiring PSPs to record and report any complaints about APP fraud to the FCA in CP18/25; the outcome of this will be published separately.
- The rules published today also extend the FCA’s complaint handling rules, and the Financial Ombudsman Service’s jurisdiction to include complaints by a payer about the receiving PSP’s cooperation with the sending PSP to recover funds from a payment transaction where incorrect details had been provided (regulation 90(3) of the Payment Services Regulations 2017).
- The PSR is the regulator for the payment systems used in APP fraud. Full information can be found on the PSR’s website.
- The FCA is the regulator for PSPs and is responsible for the complaints handling rules.
- In September 2016, Which? made a super-complaint to the PSR and the FCA, setting out concerns about the protection available to victims of APP fraud.