/ Money

Update: Do you support our super-complaint on scams?

Bank transfer scams image

Imagine this: You’ve had some building work done on your house and you’re arranging to pay the builder. Then you receive an email from your builder informing you that their bank account details have changed…

You transfer the money to them.

Later on, you find out the email was from a fraudster.

They had made their email virtually identical to the ones that you’d received from the builders before. You’ve been scammed – and you’ve got no right to get your money back from your bank.

Bank transfer scams super-complaint

Which? is using its legal powers to make a super-complaint to one of the financial regulators – the Payment Systems Regulator (PSR). We think banks need to do more to protect customers who are tricked into transferring money to a fraudster.

Some people might well think ‘that’ll never happen to me!’ They might say that people who are scammed should simply get better at protecting themselves.

But it’s an issue that comes up time and time again, with some people getting conned out of their life savings.

You only have to read the harrowing real life stories in our super-complaint to realise that these scams are often so sophisticated that it’s impossible for people to be savvy enough to completely protect themselves. And the people being scammed are not only the stereotypical vulnerable groups; they are often financially and technologically literate.

When we asked over 1,000 members of the public if they could spot the difference between real and spoof emails, we found that 50% of people were fooled by these sophisticated scams. Ultimately, people can only protect themselves so far, and with scams on the rise, we all need greater protection.

So what do we want?

Which? thinks banks should shoulder more responsibility for money lost to bank transfer scams. It’s unfair that customers who lose money due to scams via direct debit or credit and debit cards are reimbursed, for example, but not bank transfers. This would give banks an incentive to develop better mechanisms to prevent the fraud in the first place.


Update: 12 October

Alex Neill, our Director of Home and Legal Services, appeared on Rip Off Britain this morning (12 October) to talk about what action is needed to protect us all from scams.

After hearing the tragic tale of a scam victim who was tricked into transferring £77,000 to scammers posing as solicitors, Alex explained how banks can and must go beyond just protecting themselves from paying out against scams.

Banks already protect their customers for credit and debit card fraud, but there’s clearly need for them to improve their security processes to protect their customers from bank transfer scams.

That’s why we’ve made our super-complaint to the Payment Systems Regulator [PSR] . If you were tricked into transferring money from your account to a scammers’ account then you have no legal right to get you money back from your bank.

The PSR now has 70 days remaining to respond to our super-complaint.

Clearly, this is a complex issue. This is why we need financial regulators – not just the PSR but also the Financial Conduct Authority (FCA) – to work together and address our concerns.

What would you like to see the regulators do to help prevent fraud?

Kit S says:
21 December 2016

Scenario 1: A bank makes a mistake – the mistake of paying some money into your bank account. The bank realises the mistake, and asks for the money back. Can you refuse? No. You are not allowed to keep the money – you must pay it back.
Scenario 2: A victim of fraud makes a mistake – the mistake of paying money into the fraudster’s bank account. The victim realises the mistake, and asks for the money back. The fraudster’s bank asks the fraudster to return the money. Can the fraudster refuse? Yes. (This happens all the time, hence the super complaint). The banks have prioritised the fraudster’s instructions over the victims, and the fraudster keeps the money.

Profile photo of KitS

I worked for over 20 years in a bank. Banks have a duty of care to protect customers from loss. In my opinion, the fraudster’s bank should be the one liable for the loss of money obtained by deception. A fraudster will either need genuine ID to open a bank account, in which case the fraudster can be traced and prosecuted. Or, the fraudster will use fake ID, which the bank should spot and reject. A fraudster can’t scam a victim out of money if they don’t have a bank account to receive the money. Banks have security checks in place to prevent accounts being opened fraudulently, or for fraudulent purposes. If a fraudster opens a bank account, it means that the bank has failed to complete the appropriate security checks. The bank’s inability to prevent the fraudster’s account being opened or being used for suspicious activity facilitates the crime, hence it should held be responsible for the victim’s loss. If banks know they will be responsible for the loss, they will be more diligent in identifying fraudsters at the application stage.

Elizabeth Astley says:
21 December 2016

Hi I was scammed out of £8,200 from an advert in my local press have been down all the routs open to me to try and reclaim my money banks should be liable as even with proof from metropoleten police that the account I paid money to was opened by a person who was not registered at address given or indeed in this country so Barclays opening bank account policy’s are not very effective and financial ombudsman won’t do anything unless the grievance is with the bank you hold accounts with anything I can do I will I hope that the banks will be made to account for their shortfalls in opening of mule bank account s

Reg Parker says:
18 January 2017

After being caught in a scam in which I was sent headed notepaper of a fake company, it’s name differing by only one word from that of a genuine one, as money goes through the banks, could they not program the names of real companies, so that the fakes are identified and banks have an agreed response to identify and locate potential fraudsters. A watching brief is possible, via databanks, but specific regulation and response mechanisms all need to be devised and function. Their must be penalties even for intention to defraud, otherwise it is attractive. Did not HM Govt cut their watch on scams to save our money? That, too, could be argued for reinstatement.

Deirdre says:
1 February 2017

My mother who is 79 years of age, was scammed out of £11,000 by an unsolicited caller.
It was only by good fortune that they didn’t get the rest of her life savings.
She heard a radio programme about these scams just before she transferred the rest of her savings.
While the police and bank have gone through the motions of being helpful and sympathetic, she’s lost her money.
When I went on holidays to Peru recently and tried to use my Credit Card, I was blocked.
Why? Because if the card was being used fraudulently, the bank was at risk of being liable!!!
So why, oh why do the banks not look at an extremely unusual bank transfer in the same way??
Because they are not liable and really don’t give a sugar?
All that needs to happen is that if an unusual transaction is flagged up, that questions are asked and a time-lapse is enacted.