/ Money

Banks cannot delay tackling fraud: my letter to Stephen Jones

With £434 per minute lost to authorised push payment (APP) scams, I’ve written to UK Finance CEO, Stephen Jones, to outline our critical steps required to halt their growth.

Dear Mr Jones,

Which?’s 2016 super-complaint called for urgent intervention to better protect consumers from bank transfer scams. The APP Scams Code of Conduct is a positive step forward, and Which? is keen to see it successfully implemented by banks following its launch next week.

Whether people are conned out of a few hundred, or many thousands of pounds, the impact of scams can be devastating.

Scammers are using increasingly sophisticated tactics that are harder to spot, and every day innocent victims continue to lose life changing sums of money through no fault of their own.

Your recent figures show that £434 every minute is lost to scams in the UK, equivalent to £625,000 every day. It remains clear that your members are best placed to identify and take measures to reduce the risk of fraud.

Through the APP Scams Steering Group, Which? has argued that an overall reduction in scams and the swift reimbursement of all victims who lose money through no fault of their own are both critical measures of the Code’s overall success.

Critical steps required for success

In addition, however, we believe that the actions set out below are also critical steps required to successfully halt the growth of APP scams:

– Banks must promise to protect their customers by signing up to the Voluntary Code as it launches on 28 May 2019, and the PSR must commit to conducting a one year review of its implementation

– Banks must implement Confirmation of Payee, which can cut scams in half, no later than its proposed new deadline of March 2020

– No blameless scam victim should ever be denied reimbursement again, and full refunds should be issued swiftly

– Banks must show they are serious about protecting consumers and immdediately publish their joint timetable to agree a long-term funding solution for no blame refunds

– Individual banks must publish scam victim and reimbursement figures of a regular basis

Banks can provide greater protections

Responsibility should be allocated to those best placed to manage the risk of fraudsters using bank accounts and payment systems to facilitate their scam.

TSB’s recent announcement to offer a full Fraud Refund Guarantee demonstrates that banks can act to provide much greater protections to their customers than will be offered through the Voluntary Code.

Given this, we urge all UK Finance members to implement the Code immediately and to begin offering significantly more comprehensive protection to their customers in-line with TSB’s Fraud Refund Guarantee.

Until these steps are taken, the devastating impact of bank transfer scams will continue to cause growing financial and emotional harm to UK consumers.

Yours sincerely,

Anabel Hoult, Which? Chief Executive.


I cannot understand why the money which has been stolen cannot be recovered. The receiving bank knows into which account the stolen money went into and if it has been transferred they must know into which account and bank it has been transferred into.

Have you read the comments on page 1 of this topic?

a lot of people are to blame by giving cold callers there bank details then expect banks to pay for there stupidity who will charge customers more to get what they pay put back

Almajoy says:
23 May 2019

The trick is if the caller does not state clearly who they are calling on behalf of tell them you do not discuss your bank details on the phone, this can sound impolite but it will keep you safer.

Chris Ward says:
23 May 2019

Nonsense – a caller can be very convincing, it does not matter who they are or claim to be. Never give any Bank Details or other personal information to a caller, no matter what. Also It is not any safer if that caller gives you a number to call them back on (e.g. “call by boss in the office”), that’s all part of the scam!

I get what your saying Anthony, anyone who is not as wise or savvy as you deserves to be robbed, like wise if a mugger is stronger and more skilled at violence than you, then you deserve to be mugged and you should not be compensated because you should make sure you are stronger and more skilled at violence than everybody, ah I get it.

All banks must work on this awful ‘scamming’ business by instigating security systems that actually work. Customers may or may not get their scammed money back – why is this and what do banks to about tracking and tracing scammers instead of just ‘writing off’ amounts refunded to their customers. It’s pathetic that scammers get away with it contiuously. What do banks do about retrieving customers money from the scammers? What security systems do banks have today that could immediately stop a scam in its tracks?..
I’ve heard on many television programmes that “banks never telephone their customers” which is great, yet my own bank have just asked for my contact number to allow them to contact me by telephone when required — sounds idiotic to me. Educating customers via letter only might help stop some scammers – who knows. I wish I could do something about all these scamming thieves and crooks but I can’t put into writing here what I’d like to do with them – I’d probably be jailed!

Have you read the comments on page 1 of this topic?

Scammers are very professional and unsuspecting victims would not usually be aware…Banks should recognise this and support the victim concerned by reimbursing them immediately to avoid adding to any further financial difficulties or financial embarrassment.

CharlieB says:
23 May 2019

Banks must comply with the voluntary code as is proposed otherwise the government needs to make the code mandatory.
Telecom providers should be pressed to improve on their monitoring and reporting arrangements.

My Issue is the lost money should be taken as a fine and from and out of the Board / Executives pay and bonus. Else it just comes from us the loyal customers in the form of charges. The Banks are ducking their own responsibilities to vet account holders. It is a nightmare now to do anything …. yet the fraudsters are able to do more and more on line with scam accounts. We the “general public” have never demanded chip and pin, App Only accounts, we haven’t asked for branches to close, cash machines to be removed, we haven’t asked to wait for ages whilst only one “counter position out of 5 is open” We have never asked to treated like a “Number” yet we are told that we have asked for all the changes inflicted on us. They have introduced
in-adequate security systems, poor & flawed designs to systems that fail us as users. MAKE THE BOARD PAY for them getting it wrong. Only then might the systems be as good as they need to be.

Ann Gregory says:
23 May 2019

I totally agree with you.

Janet Mann says:
24 May 2019

Wow a totally clear point of all our frustrations. Thank you.

We sometimes have 5 cold calls in one day so we no longer answer the landline. It’ a constant onslaught and when we do answer the phone it’s almost always supposedly BT, Microsoft or Inland Revenue. Having worked with vulnerable people, I know that some will engage in conversation with such callers and could easily be duped. I know one person who lost £12,00.00 because he believed what he was told in an online scam. This was a highly intelligent but too trusting person who responded because he thought it was a religious group.

All banks are the fraud, reserve fractional banking, you want to bring the glass steagall back, that crook Clinton got rid of it, now we have derivatives up to are necks.

When opening a bank account many security measures are used to ensure that the customer is who he says he is, that his home address is proved, that he proves from whence the money he pays into the account came from. So why is it that a scammer can so easily take the stolen money put it into a bank account and then empty the account? Surely something wrong here!

Have you read the comments on page 1 of this topic?

I agree ,if you are an innocent victim of bank fraud it is not reasonable for the individual to be made to pay .The Banks must do more to protect all clients .

This may be good news for preventing further losses but does nothing to address the thousands of people who have lost considerable sums of money owing primarliy to the banks not showing or acting with due diligence, in particular by not checking payee details (as they were required to with cheques in the days when they were the most common way of paying anyone).

john says:
23 May 2019

I recently had an experience with a small finance house in the City called APS Financial. They allowed a scammer with a London address to try and defraud me by stealing the ID of a company / person who was doing some work on my behalf and luckily I checked his bank details before transferring the money, and bingo, the b*****d fraudster was caught by ME, not the finance company. I am waiting for them to confirm if he has been arrested, but they refused to reveal his details or any other information. i want to know if this nasty thief has defrauded others. The Met are too busy with other serious crime to investigate all these minor ( £3k+) frauds but I will pester the CEO of APS until I get a result.

Surely it would not be difficult to hold any money transferred to a holding account for a minimum period allowing checks to be carried out before allowing money to be taken out.

Angela Theobald says:
23 May 2019

Not happy with bank security generally. My husband lost thousands when his card was clonedn.Eventually restored by bank

Presumably scammers open various bank accounts, get the scammed money paid into them and once it’s in the account they clear it out so how do they open accounts so easily when it’s difficult for an ordinary person to do so without all the relevant documentation? If anyone opens a new account or holds an account for less than, say, six months, any money over a certain amount and particularly large sums, should be frozen for a minimum of one to two weeks before it can be drawn from the account or transferred elsewhere. That way, if a scam is discovered quite quickly the money is still in the scammers account and can be taken back. It would also, hopefully, act as a deterrent. I also want to know why it is so easy for scammers to hijack banks’ phone numbers so that customers genuinely believe the call is from their bank?

My wife has Dementia and lost £200k on scams. I was able to trace back on all monies lost including iphone cards. Bank accounts Dates etc were given to the Police who after a fee weeks said that they could not investigate any further, and the banks refused to accept responsibility, despite the bank advising me to visit the branch and show the Manager at Barclay’s that there was a scam payment about to be paid. All she had to do was confirm the LBA I had for my wife and phone her HQ details of the person to contact which I was given. But having met with her face to face she said she didn’t have the time and refused to do it. The monies were lost. Having then written to Jes Staley CEO of the bank, they. said an internal investigation did not support my complaint and that the manager said she did not see or speak with me. The staff directed me to her counter were she was counting money. This is what you expect to change or are we being scammed????

john says:
23 May 2019

I would continue to send emails direct to the CEO at Barclays and write. i have even written to their home addresses when I have been ignored and it works. Keep the pot boiling after all, Barclays are one of the worst offenders in the banking scandal which is costing very consumer in this country many thousands of pounds. If they have allowed scammers to raid accounts and refuse to properly trace the sources then the bank is totally to blame for mis-mangement.

I cannot understand our government and policing policies anymore. It is OK to rush to follow up a hastily shouted insult – but burglary’s, scam businesses raking in thousands in a form of deliberately deceptive theft are left to their own devices for years and years. We live in an electronic, digital age and it is high time that those in charge of supposed genuinely operating banks, insurance companies and other financial traders were forced to face the shameful reality of scamming vulnerable people and stealing from them and made to take more vigorous action. (We know someone struggling with the onset of age related dementia who suddenly receiving all sorts of charitable demands for money, and more dubious direct mail cash demands. Do they all know their target’s problems?)
The contributors here who have highlighted how bank transfers seem to easily take place funding thieves accounts without being flagged as suspicious points the way. I have a monthly spending limit notified to my current account bank, So that if there were a sudden large demand – they will refer to me for advice about the authenticity of the transaction. If I know of a forthcoming high expenditure period, I can easily ask my bank to increase my monthly spend limit temporarily. More should seek similar arrangements from their banks. tI wont completely eradicate money being illegally removed from an account, but limit the rate and raise questions. But the really important question is how and why the international banking community are so anxious to protect the interests of nefarious “businesses” rather than honest innocent people who are being fleeced. They must have some knowledge of who these people receiving illegal cash are. So I support the Which? campaign.

I use Yorkshire bank
And I hope they do sign up to this Govt protection plan
for us customers as fraud of any kind also effect the bank itself
with loss of customers that have been ripped off

What I have been wondering about, is how do the fraudsters know how much people have in their bank accounts? Who gives them this information, and how do they get your phone numbers, and bank account details? Do the banks have more holes than a colander? I got scammed, and got all the information to the bank, and they wanted me to prove it,,as it turned out they sent me the same email again, so I told the bank again,,and made the point that I wanted my money back, as I thought I was paying for postage, and it went to a dating site, which infuriated me, well eventually I got my money back, and I now ignore any further emails from that link. I believe that once you tell your bank that you have been scammed, they should watch the account and put at stop onto it, to prevent the money going through, then they can use the connections they have to find the receiving scammers bank accounts and put a stop to them, rapidly and not drag their heels and make out it’s not their fault. I am being more careful with what I am paying for and not believe something that seems to good to be true, because it usually is,, All the banks should be compelled to act faster, and when they see money moving very fast from an account they should put a stop onto it until they have confirmation from the customer. Banks cannot pretend to be innocent as to what is going on with services they provide. What about not giving big bonuses to the big chiefs, and make them give the extra money to the account holders, to show their loyalty is being rewarded.

Old Seller says:
24 May 2019

Why the delay? Implement the code NOW. For too long traders have been able to use the internet without being sure security is as good as the paper system it replaces (cheques, letters). I believe the providers of internet services must be made to make them work and the customer MUST be protected.