/ Money

PSR super-complaint one year on: what’s happening now?

banking scams

It’s been a year since we called on the payment systems regulator and industry to better protect consumers from bank transfer scams. That makes it our anniversary! Or, scammiversary, if you will…

Like all anniversaries, you hope the other side hasn’t forgotten, and the PSR didn’t disappoint. To coincide with this 12-month landmark, it has announced that it intends to publish an update in November. In it, they will outline what has happened since they responded to our super-complaint and set the industry the task of doing more to protect consumers.

While it’s encouraging to see banks and regulators treating this issue as a priority, people have continued to remain at risk from bank transfer fraud with many of you sharing your stories where you’ve lost life-changing sums of money to scammers.

That’s why we’ve told the PSR it must now clearly set out what progress has been made by banks, and what more industry should be doing to ensure those who are tricked into making a payment to a fraudster are not left out of pocket.

More support is needed

In particular, we want to see progress on a number of measures including robust guidelines for financial institutions to support victims of scams and the adoption of a best practice approach across the industry. Banks also need to demonstrate how they will enhance data sharing to improve their response to bank transfer scams.

We also want to see an update on when the industry will introduce measures such as Confirmation of Payee, which would help cut down the number of victims who lose money when they are tricked into sending money to someone they aren’t expecting to. And while all of this should some scams from happening, we still need to see proposals to ensure people are not left worse off, financially, when they fall victim.

While we are waiting to hear more from the regulator, we also know there is more banks can be doing themselves. In April this year, we asked you to tell us about things you’ve seen banks doing differently since we raised this issue with them. And earlier this summer, we wrote to the banks asking them to set out what additional steps, beyond what the PSR has asked them to do, they have put in place to protect you.

Fraud awareness campaigns

One of the areas that has seen the most attention by banks is around awareness campaigns for consumers, while also improving education and training for staff to help spot scams and give advice to those who may be at risk. A number of banks have invested in TV advertising, such as Barclays. The below video asks people to think twice if they get an email out of the blue from a loved one asking for an urgent transfer of money.

While these campaigns play an important role, focusing on them alone isn’t enough and places too much emphasis on the consumer to spot and protect themselves from increasingly sophisticated scams.

Another area that came through in their response was the alert systems a number of them have in place to warn you about the risks when you are about to make a transaction. A number of them, for example, now give staff a list of things to check when customers want to make a transfer in a branch. Some of you, like Tim, who is a customer of Santander, have told us you’ve seen warning messages to pop up before you make a transfer online, such as this one seen by Nationwide customers.

Nationwide warning

Payment monitoring systems

We also know the banks do a range of things behind the scenes to monitor payments, both when you are making them and when they are coming into accounts. This intention of this monitoring is to spot suspicious activity and close down any payments set up by scammers before you can send them your money.

Finally, when things do go wrong it’s important that you can contact your bank anytime, day or night. Scams happen 24/7 so the sooner banks are alerted and can contact where the money has been sent, the better the chance they have at stopping that money from being moved on. It’s good to see some banks already offering this to their customers.

Ultimately, while we recognise that our super-complaint has led to some positive steps, there is still more industry can be doing to protect us. That’s why we’ll be keeping an eye on the update from the PSR to make sure industry is delivering.

In the meantime, tell us, do you think banks are doing enough? Do you have any ideas for how your bank can help prevent scams?


Some of these fraudsters, I am convinced are people with inside (or ex inside knowledge) of your personal banking circumstances.

I recently received a call from someone purporting to be from my bank who knew a great deal about my personal bank accounts, including the name and branch of my bank. She proceeded first to pressurise me into switching over to banking online and went into great lengths to inform me of all the benefits of online banking. I reminded her that I was a member of Which? and that I was all too aware of the increase in banking scams taking place and of the sophisticated methods used to relieve unsuspecting people of their life’s savings and had therefore decided it was not an option for me.

More sales patter followed about various other available accounts where I was assured of a better return on my savings and that my current savings were in fact losing their value because of current low interest rates. Her approach was extremely professional and convincing. However, I started to become a little suspicious when she mispronounced the name of the bank official she purported to be who I knew spoke with an Asian accent whereas she spoke in a clear English accent, but it was when she quite suddenly offered to transfer one of my accounts with some urgency in her voice asking “shall I do it now?” Alarm bells immediately starting ringing so I replied with a very firm “NO”, stating any transfer of money would not take place over the phone. I requested further details to be forwarded to my home address when I would have more time to ponder over opening new accounts and transferring any monies.

True to my original suspicions they never arrived, which begs the question, how does one differentiate between a genuine caller and a fraudster when the cold caller on the other end of the line knows so much about your personal bank accounts, even the exact amount deposited there. It has to come from someone with inside knowledge, and therefore there is an urgent need for banks to first monitor, examine and take stock of its own employees, or ex employees as the case may be, in an attempt to stop the violation of its own customers personal details and accounts.


Bank insiders are, I suspect, not uncommon now but the banks seem curiously unwilling to instigate prosecutions.


I’m glad to hear you avoided the scam, Beryl, and thanks for letting us know. My approach is never to enter into any financial dealings over the phone unless I have initiated the call.


That’s very true Ian, a banks reputation is sacrosanct.


Might be in your interest to get some form of call blocker for your phone and caller display. Any numbers that get through that I don’t recognise or have no name on are ignored, anybody who might be wishing to contact you can always leave a message and if you want you can call them back.


That’s good advice Syd, my son has already taken that precaution and has advised me to do the same.


The intro says “the PSR didn’t disappoint. To coincide with this 12-month landmark, it has announced that it intends to publish an update in November”. Would not this Convo have been better left until the update is published, so we’ll have something concrete to discuss?


I agree Malcolm, i’d much rather we were talking about what is in the update. However, I do still think it’s important that we now have a clearer date from the PSR on when to expect it that we can hold them to, as previously they’d only ever said the second half of the year.

Whilst that update will be an important point to see whether industry and the regulator are delivering the action we expect to see, I think it’s also important that we look at what else banks have been doing, and can continue to do, to protect consumers out side of that process.

The comment about ‘not disappointing’ was more tongue in cheek about them not forgetting the scammiversary.


On the contrary Malcolm, I consider we need frequent bulletins to remind people to constantly remain vigilant lest they are targeted out of the blue when they least expect it, as I was. If I had not been made aware of these scams through my participation in this forum, I could easily have been taken in by the sales patter.


I would like more regular information and updates too, Beryl, by Which? asking it from those who are dealing with it (or not 🙁 ). However, this is not the first time Which? has pronounced its requirements just before an authority or regulator is about to provide a report or update. Too late to have any influence on it, so I still think, under those circumstances, it would be more sensible to wait for the publication and then deal with it.


My suggestion is to regard all links in emails as potentially dangerous because it may not be obvious whether an email is genuine or part of a scam. All that genuine emails need to do is to advise customers to look at the website regarding whatever is in the email and get over the message that customers should never reply to an email or click on a link. Since banks seem incapable of taking this action, maybe they should be told to.

The problem of misdirected payments could and should have been dealt with years ago.

Keep up the pressure, Which?

bishbut says:
27 September 2017

Treat every communication of any kind with suspicion until you can CONFIRM in some way that it is genuine I would rather ignore a genuine one than fall for a scam and lose money Genuine people will contact you by other means if they need to say something very important if they don’t it cannot be important at all