/ Money

Why TSB has decided to refund fraud victims

TSB’s 5.2 million customers are now protected by a ‘fraud refund guarantee’. Our guest, the Head of Fraud at TSB, explains why the decision was taken.

This is a guest post by Ashley Hart. All views expressed are Ashley’s own and not necessarily shared by Which?.

My job is to prevent fraud. Perhaps the simplest measure of success in my role is to reduce losses as a result of it.

But what does that really mean? The answer isn’t simple, because it depends on how a bank looks at fraud.

23/09/2016: Which? launches scams super-complaint

The traditional view is that fraud losses are operational losses. A ‘cost of doing business’. If you follow that logic, reducing those losses is key to profitability, and you do that by reducing the losses in the cheapest way possible.

Fraud prevention systems, and customer education, are expensive things; it’s cheaper to reduce losses by holding somebody else accountable for them – the customer. By setting strict limits on when a customer is eligible for a refund, you can reduce the cost of fraud to the bank.

But that is outdated. And wrong.

Victims of crime

Fraud is a crime. And when you remember that, it follows that you remember that defrauded customers are victims of a crime, and have the right to be treated as such.

All of a sudden, with that simple change in mentality, justifying reducing losses by passing them on to victims becomes harder – as it should.

Thankfully, there aren’t many crimes left where victim-blaming is acceptable. I don’t think fraud should be one of them.

28/02/2019: Voluntary code to reimburse bank transfer fraud victims

Think about a street robbery. Picture any one of us walking down the street, when our mobile phone rings. We take it out of our pocket to answer it, just as a criminal on a moped sweeps past – knocking us to the ground and snatching the phone.

There’s no doubt that we made that crime possible, or at least more likely, by answering the phone call. But does that make the crime our fault? No, of course it doesn’t – the fault lies 100% with our moped-mounted criminal.

And are we really saying that answering a phone call is a good reason to be targeted by a criminal? That’s just something that we all do, and should feel safe doing, every day.

In this example, the streets are publicly owned. In banking, the ‘streets’ are owned and controlled by banks. I think we have a duty to keep our customers safe when they’re walking down them.

Using the internet, answering phone calls, receiving emails, are all everyday activities that our customers should feel safe doing whilst they’re walking our ‘streets’.

The Fraud Refund Guarantee

We’ve launched our Fraud Refund Guarantee because we think banks should step up and take responsibility for fraud that happens on our watch.

I started this guest post talking about how I could claim success in my role. If I can’t reduce losses by blaming customers, how do I reduce them?

The answer of course is by preventing the fraud in the first place. That’s why the protection we now offer our customers is just one part of our fight against fraud.

We’re taking a three-pronged approach – prevent, protect, and pursue. Our Guarantee is about protecting our customers.

We’re running fraud prevention workshops across the UK, and of course we’re always enhancing our fraud systems. But I need your help.

This is one of the hardest things to get right, and I need to know how we can do better, how we can reach you and share what we know about fraud and scams. So what can I do that will help you to stay safe?

Chasing the criminals

The final part of our strategy is pursuit. I can’t stand it when I’m told that fraud is a victimless crime.

I speak to a lot of our customers when they fall victim to fraud, and I can assure you that they feel victimised. And whilst our customers will now get their money back, even if they’ve made an honest mistake, the impact of fraud is more than financial.

To start with, it’s inconvenient, upsetting and sometimes humiliating. And criminals shouldn’t get away with it.

We also need to remember that whilst criminals are profiting from fraud, they’re not going to stop doing it. And that money pays for other crimes – which often blight our streets in other ways.

So, we chase the criminals – working with Police all over the UK to make sure that the fraudsters pay the price for their crime.

Our recent announcement is just the start of the action we need. Our Fraud Refund Guarantee is a step in the right direction and keeps our customers at the heart of our thinking – where they belong.

And our message to fraudsters is: if you target our customers, there will be consequences – we will be looking very hard to find you.

This was a guest post by Ashley Hart. All views expressed were Ashley’s own and not necessarily shared by Which?.

We believe all banks must now follow TSB’s lead and ensure that their own customers are not left paying for the cost of this crime. Do you agree?

Comments

This is a great response to our campaign to force action on scams: https://campaigns.which.co.uk/scams-fraud-safeguard/

As well as our super-complaint:
https://www.which.co.uk/news/2016/09/which-makes-scams-super-complaint-453196/

This comes just weeks after the announcement of the voluntary code for reimbursement, too:
https://www.which.co.uk/news/2019/04/tsb-will-refund-all-scam-victims-even-if-they-gave-details-to-fraudsters/

Think it’s fair to say this work has had an impact, so thank you to everyone who has supported it. Now we just need the other banks to do the same thing!

It is good to see Which? making use of its power to make super-complaints, George.

Maybe Which? will push for the voluntary code for reimbursement to be made mandatory.

Sorry George, but I don’t see this ‘fraud refund guarantee’ as a good thing, and the more I think about it, the more I think it is very irresponsible of TSB.

According to the FT, fraudsters stole £1.2 billion in 2018 in the UK alone and worldwide it is over £3 trillion.

If banks guarantee to refund fraud victims, who is going to pay for it? If customers don’t have to think carefully before going for ‘that too good to be true offer’ those figures will rise considerably.

In the not too distant future, I look forward to Which? highlighting and campaigning on ……..
Low interest rates for savers.
No more free bank accounts.
Young people cannot afford high interest on mortgages.
Bank charges too high.

When is Which? going to understand that all compensation has to be paid for and it doesn’t just grow on trees?

The answer is policing and education not compensation. People need to take responsibility for their actions.

Is the convo introduction correct?

The article insinuates all victims of fraud will get refunded, but I have just been on the TSB website and it states:

All too often people who have money taken out of their account by fraudsters have to fight to get it back. We’re changing that by introducing our Fraud Refund Guarantee. As long as you’re clearly an innocent victim of fraud on your TSB account, we’ll refund the money you lost from your account.

Which is it?

The introduction is accurate, though the scheme does take a bit of unpacking. All of TSB’s customers are covered by the new guarantee, and as you’ve noted there are a few conditions in the guarantee. These are in the news article referenced in the article: https://www.which.co.uk/news/2019/04/tsb-will-refund-all-scam-victims-even-if-they-gave-details-to-fraudsters/.

Notably these are:
– TSB will not refund you if you commit fraud on your own account, or abuse the guarantee.
– The guarantee does not cover retrospective losses, only those from 14 April onwards, for both existing and new customers.

I can see how it might insinuate everyone getting a refund though, we’ll endeavor to clarify.

Thanks Jon, the details do seem rather confusing.

Would the people who marked me down like to explain why?

Can’t you see how short-sighted it is to keep paying out unlimited fraud refunds?

Can’t you see how easily this is going to get out of control as fraudsters take advantage and people stop taking responsibility for their actions?

Where is all the money coming from for these refunds that can be up to £1,000,000? How many more bank branches and cashpoints will be closed to fund them? Could more bank charges be on the way?

It won’t be the banks that lose out, it will be the hard-working customers who put their money and faith in their banks. This ‘fraud refund guarantee’ is just a sticking plaster over a wound, it is not tackling the root of the problem. It is not stopping fraud, and is doing little to educate people and stop them from becoming victims.

Billions and billions could be paid out in the next few years. Just suppose the banks put a couple of years refunds into really fighting fraud, funding a specialised joined-up police fraud squad, worked together to tackle fraud and educate people? Just suppose they actually got ahead of the fraudsters and were proactive instead of reactive?

Couldn’t all that money be put to much better use than just keep paying out in compensation? Society no longer seems capable of looking at the bigger picture, consequences and the future.

alfa, there are people who do not think consumers should be responsible for their mistakes but, seemingly, do not want to explain why.

The thumbs system has been criticised a number of times. What purpose does an aggregate system serve? At least with the previous system that showed ups and downs separately you got a feel for support and lack of. It is a bit like campaigns that only ask you to support the cause; not usually any means to disagree so you can get a totally unrepresentative outcome.

I agree with your comment and have removed one negative anonymous mark.

I’ve removed another.

I’ve done the third, though I would question your point, Alfa: No more free bank accounts.

Why should we expect any commercial service to be free? Someone has to pay for it.

Thanks guys, but it would be nice to hear from those who disagree with me though.

Wavechange, as long as I don’t go overdrawn and have more than one product, I get free banking. It is a long time since I looked at other current accounts, but don’t they work in a similar way?

In exchange, they get my money to play with.

Perhaps, then, banks should publish how much compensation they – their customers – have paid out each year?

Does this “commercial service” argument also apply to ATMs? Should they be charged for directly?

Nothing is free. It all revolves around from where the costs are recovered.

Alfa – As far as I know, most current accounts provide a large range of free services for personal account holders who stay in credit. If you do have a large credit balance then that could cover the cost of services you use but you can still enjoy free banking with very little credit balance. Thinking of those who pay punitive interest charges, it would be fairer if we all payed for the services we use and get interest on our credit balance.

Malcolm – I’m happy for banks to make appropriate charges for use of services providing that they pay appropriate interest on credit balances. Why single out ATMs and ignore the cost of providing online services, handling cheques, etc?

I was not singling out anything, not ignoring anything, just giving a topical example. Free ATMs has been a particular focus of attention. Should they be exempt?

I’ve made my views about fair charges for all banking services clear in the relevant Convos.

On our topic of fraud, I believe that the decision whether to compensate fraud victims should depend on how the blame is apportioned. In view of the continued delay of banks to implement Confirmation of Payee or an alternative system I have considerable sympathy for customers who have lost money who have made a one digit error in the payee’s account number or sort code and the bank has ignored the name of the payee. In many (most?) cases there is not even advice to make a small test payment when transferring money. I don’t know whether banks are doing their best to protect us from fraud but their performance over Confirmation of Payee does not give me much confidence.

We don’t know exactly how TSB will interpret ‘an innocent victim of fraud’. I’ve never been a victim of fraud and do my best to prevent it but I hope I would be compensated if I lost money through no fault of my own.

Criticism of the delay in Confirmation of Payee is made without, seemingly, any knowledge of the reasons for the delay. I’d like these reasons dispassionately explained so that a debate can be made based on fact. I have asked if Which? will get an explanation from those directly involved.

I’m entitled to post comments that represent my genuinely held beliefs, Malcolm. I am familiar with the reasons for the delay that have been published. If all our discussions had to focus on facts then neither of us would be making much of a contribution here. I prefer friendly discussions that explore the topics we are given, and others.

wavechange, I’m certainly not challenging anyone’s entitlement to post their beliefs; quite the contrary. It is a general conversation where all opinions count.

I am not directly challenging your personal criticism of the delay in Confirmation of Payee, some others have also, but questioning whether we know the basis of the delay. If you look at what I have said it is simply that I’d like to see any reasons given for the delay put into this Convo from authoritative sources so that we can make informed comments.

There is nothing “unfriendly” as far as I can see in what I have posted but, if there were, I’m sure the moderators would intervene :

It is a good thing if banks chase fraudsters to try to both recover customers’ losses and bring them to justice. If the banks do not look after customers properly when they make transactions then they should be held to account. However customers also have a responsibility to conduct their financial dealings correctly. I would not like to see those who act irresponsibly being automatically reimbursed. Who reimburses them? The responsible customers of the bank.

When a customer makes a mistake (not sure what an “honest” mistake really means) then who should take responsibility? In the mobile phone example do we expect the mobile phone network provider to reimburse the victim?

I’d like to know exactly how TSB will operate their new strategy. The revised banking code does seem to place responsibility of both bank and customer correctly. Confirmation of Payee and secure customer authentication will all help.

This is so great. There is so much stigma around being the victim of fraud but when people feel the banks have their back like this the more they will be likely to speak out about it. These criminals thrive because people are too ashamed to talk about being a victim of fraud but I really do feel like the tide is turning.

I’m not sure there is that much stigma attached to being defrauded. There is a stigma attached to alcoholism and other types of addictive behaviour, however. And I suspect it’s the complex nature of what constitutes a fraud victim that allows the myth of stigma to persist as it does.

I doubt there is any single behavioural type that accounts for all victims of fraud. Some are simply too trusting, but who determines what constitutes ‘too trusting’? Society, after all, has to operate largely on the basis of trust; without it we’d never board a train, a bus or buy anything.

The real problem is drawing up clear and unambiguous criteria which can define the ‘honest fraud victim’. No easy task but it’s very clear that some groups in society deserve far better protection than they’ve thus far enjoyed.

The stigma depends on how the fraud was carried out. If one is paying a genuine invoice and a fraudster changes the destination account details on the invoice, then the victim hasn’t been stupid. But if the victim believes an implausible story by a fraudster that one’s own bank cannot move money to a “safe account” itself, then the victim is stupid and a stigma is attached to it. The stigma depends on how stupid and gullible the victim has been.

There is certainly difficulties in defining what counts as an honest fraud victim. This is one of the reasons we campaign on fraud to make more people aware of the type of scams out there.

I know people who have been a victim of fraud and been too embarrassed to confess they were taken in. I do feel that if that embarrassment wasn’t there they would have been more open with friends and information would have been shared more widely by word of mouth.

https://www.bbc.co.uk/news/uk-england-manchester-47969165
A fraudster posing as Hollywood actor Jason Statham cheated a British woman out of hundreds of thousands using an online scam, the BBC has learned.

The woman said she was targeted at a vulnerable time and perhaps you can forgive the initial contact, but this went on for several months and involved a lot of money.

You have to ask where you draw the line between innocent victim and irresponsible behaviour.

Should the woman get all her money refunded? I don’t think so.

Yes, I agree with you Alfa. Various excuses were given for the woman’s state of mind at the time but I have little sympathy. I know how emotional tendencies can cloud people’s judgment and lead them to doing something extraordinary, but I can’t believe that someone in Britain who thought they were in contact with a Hollywood actor would take seriously and accede to demands that added up to a six figure sum. Clearly she was the victim of someone who had knowledge of her financial capacity and who deceived her mercilessly. I acknowledge that there are psychiatric issues around star-worship and the persuasiveness of social media when wrongly used so perhaps this will serve as a lesson. Nonetheless, I expect it will happen again, and again.

For push payment fraud, I disagree that the sending bank should fund reimbursement of the victim. It should always be the receiving bank who should fund the reimbursement of the victim’s account at the sending bank. This is because it was the receiving bank that negligently allowed the fraudster to open an account or allowed an existing bona fide account to be used by fraudsters.

If there’s any reimbursement of victims, it opens up the possibility of fraud by customers pretending to be victims. Fraudsters could encourage their friends to send money to fraudulent accounts, drain the money and then their friends can claim reimbursement as a victim of fraud.

Thanks for your Conversation, Ashley. Customers deserve to be reassured that they will not lose money unless they are clearly at fault.

NFH has made a good point about the possibility of the system being exploited by customers pretending to be victims of fraud. Hopefully TSB and other companies will do their best to recover the money.

This Fraud Refund Guarantee is not as noble as it sounds. It only covers money lost through fraud from 14th April this year.

Customers who are victims of fraud as a result of TSB’s data breaches last year, will still be considered on a case by case basis.

According to the BBC, TSB’s computer meltdown pushed the bank into a £105.4m loss last year, from a £162.7m profit in 2017. The disastrous IT upgrade resulted in £330.2m in costs……… https://www.bbc.co.uk/news/business-47085474

I 100% agree with reimbursing customers who become victims of fraud due to TSB’s failure to safeguard customer accounts.

What I do not agree with is automatically reimbursing every victim of fraud. As others have said, it opens the door to customers pretending to be victims and removes personal responsibility.

Responsible banking customers who take all precautions to safeguard their finances should not have to pay for the negligence of others. This will be just one more excuse why interest rates on our savings are abysmally low.

I sincerely hope that companies will take precautions to make sure that they do not refund money to customers who have failed to behave responsibly or made fraudulent claims, as pointed out by NFH.

I am appalled by the delay in implementing ‘Confirmation of Payee’. That or an equivalent scheme should have been in place years ago. In my experience, most companies don’t even advise customers to make a small trial payment prior to transferring larger sums.

As far as I can see to be able to include all banks (which is presumably essential for it to be effective) in a agreed CoP system is not a straightforward job, but is well underway. If you look at the consultations that have taken place I think it is apparent that the process is not that simple. https://www.psr.org.uk/sites/default/files/media/PDF/PSR-CP-18-4-consultation-general-directions-confirmation-of-payee.pdf

It would be useful if Which? gave a factual account of exactly what is involved in getting a workable system, that works within regulations, up an running effectively and where it is currently at. Or asked the BBA or UK Finance to explain. Then we could perhaps discuss on a better basis.

The increase in fake payees leading to fraudulent transfers seems to me to be a relatively recent phenomenon that Confirmation of Payee is designed to help address. But I may be wrong.

I totally agree with alfa. I feel TSB’s “fraud refund guarantee” is a publicity stunt in an attempt to remedy the bad publicity caused by last year’s fiasco in which it became known as the “Totally S**t Bank“. The guarantee will not encourage customers to behave more responsibly or protect TSB against fraud. I prefer Barclays’ television-based campaign of educating bank customers, not only its own, of fraudsters’ modi operandi.

On a positive note, I commend TSB for generously compensating customers who were affected by last year’s fiasco. Because this was done privately between bank and customer, it did not generate the positive publicity that it deserves.

I have trouble following the logic of this introduction. I suspect NFH is correct that it is marketing to generate custom on the back of a problem. I’d like to see the focus on minimising the problem, educating customers and not providing a sticking plaster of compensation when it is not appropriate.

I believe that banks should do two things:
One, where possible, is to deal with accounts that may be used fraudulently. That may upset or inconvenience some quite legitimate account holders but worth the complaints that might arise. Where an account has early been used fraudulently then, like NFH, I believe the bank holding that account should take primary responsibility.

Two, customers have different abilities. Banks should have a responsibility to offer account facilities at different levels to minimise clients getting into too much trouble if they fall foul of a problem. Perhaps limiting a daily transfer amount without a separate form of authorisation agreed between customer and bank. Perhaps a limited list of people to whom transfers can be made without an additional authorisation if a new one is added. Perhaps a second person – family member, for example – to authorise certain types of transaction.

However we all make mistakes occasionally and if it is our mistake we should face up to it and try to remedy it but not expect a bail out as a matter of course. and some succumb to greed – an offer that is too good to be true. I don’t want to compensate for that.

If I have an accident that is not my fault I expect my insurance company to compensate me and hopefully recover the money from the insurance company of the person who caused the accident. In some cases the blame is shared and maybe that is what needs to happen when a customer has not taken good precautions to avoid fraud.

You buy insurance, at a cost to yourself, to cover this. If you don’t pay for insurance you you may well not be compensated. Are you suggesting we could take out insurance against being defrauded? We do it against theft – home and car for example. Maybe that is the answer, but you’d still have to satisfy the insurer that you took reasonable care, and that should apply to financial transactions as well.

Malcolm, I think that wavechange’s point is that the errant party should ultimately foot the bill, even if another party (e.g. sending bank or insurance company) reimburses the victim in the meantime. In this case, the errant party is the receiving bank for allowing its accounts to be used for fraud.

What I have in mind is that compensation for fraud should depend on the extent to which the customer has been at fault. I don’t see that anyone deserves compensation if they have passed on their PIN or password. I’ve suggested before that it would be useful to refer to these as ‘secret PIN’ and ‘secret password’ to emphasise that they must not be divulged. I am not suggesting that we should take out insurance, and that might lead to complacency.

I strongly believe that until Confirmation of Payee is implemented the banks should pay full compensation if money is not recovered if there is a minor error such as a single digit error in an account number or sort code. It’s disgraceful that the industry has allowed payments to be made without making use of the payee’s name.

NFH – Yes, that’s what I had in mind.

With regard to incorrect account numbers, it’s a further disgrace that the UK has failed to implement IBANs, which have two check digits to ensure that the full IBAN is correct. IBANs are compulsory for bank transfers within the Eurozone. The UK should make them compulsory too, as they prevent errors.

If a customer makes a mistake in the details they use to make an online payment that is their mistake. If I make a mistake in the amount I pay someone online, should the bank compensate me? I cannot see why the bank’s customers (they who ultimately foot the bill) should be held responsible for my carelessness. I think we can go too far down the excuses for lack of responsibility. Check the data you input before you do so.

NFH, as above I, too, consider the receiving bank has the responsibility but if my own bank cannot recover the money then I am not in favour of them compensating a careless customer automatically. The pressure should be on banks to increase security, although customers may be inconvenienced. Investigating account openers more diligently maybe.

I see nothing “disgraceful” going on. It seems to be a system that has worked well enough until relatively recently. It is now being improved in the light of events. But I’d like the facts of the simplicity or complications attached to a CoP introduction before we simply condemn the banking system out of hand. The published literature suggests to me it is not simple. I’ve asked Which? if they might obtain a factual explanation.

Yes, and I remember we had a discussion about this years ago. At the time I was familiar with check digits in other applications but not in banking. Sometimes you don’t need to innovate but to copy good practice.

malcolm r says: Today 16:34

If a customer makes a mistake in the details they use to make an online payment that is their mistake. If I make a mistake in the amount I pay someone online, should the bank compensate me?

I suppose that might depend on whether the person concerned suffers from – say, Dyscalculia, or another condition. I have some sympathy with those who argue we shouldn’t be made to pay for those who make mistakes but perhaps if banks insisted that all new payments were to be prefaced with insignificant trial amounts, to check the details were correct, that might be a good move. Certainly extremely easy to implement for new payees.

I was going to write something very similar, Ian. In the last week I reprimanded a company that required a minimum of £1000 to be deposited to open an account. Failure to provide advice to make a test payment – and make it possible – should be a significant factor in deciding whether compensation should be payable if money goes astray and cannot be recovered.

I have known computer users who are not aware that they can easily zoom-in to enlarge text on the screen.

We have recommended, on a number of occasions, people pay in £1 to a new payee and check it has been received before transferring a larger balance.

If people have a condition that makes their online banking insecure then independent standard online banking is not for them. Or they need help dealing with it. I suggested earlier that maybe banks should offer different levels of online banking to suit people’s abilities and disabilities.

Safeguards need to be put in place for those with medical conditions. Trial amounts, delayed payments, secondary authorisation are all ways of providing added security. It might sound harsh, but if customers don’t declare medical conditions should we be paying for their mistakes?

Kent Reliance by any chance wavechange?

Well remembered Alfa. Who needs Google tracking. 🙂

I’m in favour of customers having to jump through a few hoops, but it’s the companies that have to initiate this.

I didn’t remember, we are doing the same thing and their rates are/were the best (They just dropped but we got in just in time.)

I am glad to hear that Alfa, since I did not remember writing about KR. 🙂 I can thank Which? for helping me with the choice.

Desperate to get that ‘must-have’ toy?????????????
.

Nicely summarised, alfa. But shouldn’t we responsible customers of the banks feel sorry for those who have fallen for scams, and chip in to make sure they are not out of pocket? Then they needn’t be so stressed when going on line that they might get it wrong and lose out. We can’t have unhappy people, surely?

Alfa – Thanks for your efforts. Education is always worth trying but not everyone is receptive.

Many sit through speed awareness courses. I have not attended one but have often heard that they are useful and the incentive for attending is that you can avoid having your licence endorsed.

Perhaps fraud awareness courses might be useful. One possible incentive would be to require customers who had been victims to attend a fraud awareness course if they wanted to continue to remain as a customer of that company.

According to The Sun, TSB is launching fraud education workshops at selected branches.
https://www.thesun.co.uk/money/8864916/tsb-becomes-first-bank-to-promise-innocent-fraud-victims-refunds/

When I make an online payment, having entered the account number, sort code and amount (that I should enter carefully) and then am presented with another screen showing all the details I have entered, asking me to confirm them. It is the opportunity to look at the recipients account details and check that I have entered them correctly before I press the “confirm” button. I do double check. So should everyone, including the amount. You might have inadvertently caught two keys for example.

I have the option of making a payment immediately, or delaying it. If I delay payment and revisit it, found I’ve made a mistake, will my bank allow it to be cancelled? I’d hope so.

I copy and paste details where possible and always check the confirmation screen. I knew about sending test payments well before I transferred money online. I have never lost a penny so far.

The banks have still not implemented confirmation of payee or a similar scheme to spot minor mistakes, and as NFH has reminded us, the UK should be using IBANs.

It’s not just customers that need to behave responsibly.

CoP and IBANs could be reported on factually by Which? with assistance from the banking industry so we hear first hand what the problems, if any, are and why it takes time for them to be introduced. We would then have a sounder basis, hopefully, for discussion.

We are all very critical of victims, and in many cases, rightly so. In contrast, on BBC Radio 4’s Money Box last week, I heard a story about a victim who was tricked by a sophisticated fraud into paying a genuine invoice to a fraudster’s account. Our advice above to send test payments would not have prevented the fraud in this case. If she had made a test payment and asked the genuine recipient by e-mail whether they had received it, she would have received a reply from the fraudster, appearing to come from the genuine recipient, confirming receipt.

You can listen to the story, which is under 4 minutes long, at https://www.bbc.co.uk/programmes/m0004dvg between 03:43 and 07:32.

Both the first two scams on the recording sound like the fraud was committed by scammers with inside information.

With these types of fraud stories, I always feel some of the facts are missing so it is hard to understand the full story and how the first person got compromised.

The second scam was particularly nasty to a person in a very vulnerable state having recently been widowed. Someone had to know she was an easy target. In other circumstances, she might have realised it was scam. This

This second scam shows why number spoofing should be illegal. It also highlights the need for education.

If we had a joined-up police fraud squad, thorough investigations might actually catch the culprits of these scams.

For the third scam, if the guy who got caught with the computer scam had done his checking before and not after he was scammed, he would not have become a victim. If eBay had not removed the ids of previous buyers, he might also have had more information up front to help prevent him from being scammed.

alfa, the fraud to which I refer, covered between 03:43 and 07:32, was not committed with inside information, but by hacking the victim’s e-mail account.

Should the email account provider be held responsible? We always like to find someone to hold to account. This was a very well-executed fraud.

The second example involved someone in a poor mental state being asked to transfer her savings to a “safe account”. An oldish fraud that has been publicised. Could it have been carried out without “inside information”. Maybe the bank accepted responsibility as it knew one of their employees must have been involved.

Banks employ people in positions of trust. Some people are dishonest. How do we counter that?

There are several elements at play here. The fraudster naturally wants his/her fraud to be convincing and does his/her best to make it so. That there are several different frauds to perpetrate, means that they can be made with little inside information in some cases and with help and research in others. There ought to be “signatures” attached to each fraud type and these are key in detecting them. Usually, there has to be a place where money can go in order to get it from the victim and it is this place that should attract the banks’ and the fraud squad’s attention, since it has to be set up.
The customer can make a mistake and mis-type numbers. There are quite a lot of them on some accounts. Like others here I would like to see measures in place to verify errors. There is no possible error if the sort code, the account number and name agree. Any deviation should then be detectable and questioned.
The customer may be persuaded to transfer money for fear of losing it. As others have said, these vulnerable people need protection and support. Perhaps, the banks needs to make an assessment of each customer when an account is opened. Maybe a new account should have a payment limit for the first year or so and anything above that limit needs to be confirmed by further security checks. Likewise, any unusually large payment from the norm in an account should raise a question to verify it. I actually tell my bank when I am going to pay something substantial, though I don’t have an agreement to stop payment if I don’t do so.
The customer may be tempted with an offer that seems attractive. To a certain extent this is hard to prevent since all payment details will be correct and only later will the damage be noticed. There is some debate in this conversation about responsibility and re-imbursement. Large amounts should be detectable if they are not normal for that customer and this should lead to action by the bank. Smaller amounts might get through, but, hopefully will not be life changing, and a salutary lesson for the victim. No one should be allowed to lose life savings in error or fraud and since the banks are the principle way that this money is lost and taken, it is down to them to stop it happening. This should be part of their remit and refund customers if they fail. We talk of responsibility and whose fault it is and who should repay whom. Perhaps we should be concentrating less on the blame and more on ways to prevent mistakes and fraud in the first place.

I totally agree with educating customers to minimise (I doubt we’ll ever prevent) mistakes and fraud. I also agree about the banks placing restrictions on accounts where appropriate. I would hope that if someone has to transfer a “life changing amount” they will take particular care.

The new measures being introduced should help reduce mistakes and fraud, but fraudsters are very intelligent and will always find new ways to trick certain people.

A concern I have about automatic compensation is that these same fraudster, as well as intelligent customers, may well use the generosity of the bank to perpetrate frauds directly, with the help of their friends.

I’d like to see somewhere some balance between the responsibilities of both customer and institution. We don’t (or rarely) blame the DfT or council for a road accident, even though they provide the infrastructure and safety aids.

Anthony says:
30 April 2019

My Mother was the victim of these fraudsters and may I say on more than one occasion before she passed away aged 87. While I have to say that it wasn’t her fault I have to accept neither was it the banks fault. Or was it? The problem today I feel is we all want the simplest easiest way to spend our money. So is it any surprise we are all easy pickings for these fraudsters. I watched a programme recently where one of these criminals confessed that if his gang only made £20K in a month they had had a bad month. He also claimed it was a victimless crime as it was the banks who suffered the loss. If the banks are looking at refunding everyone who is a victim of these frauds the problem will only get worse. What about tightening up security, stop sending e-mails and telephoning customers unless they are implying inviting the customer to visit the branch? It might just stop these petty criminals from impersonating bank officials. It might also stop people like my mother being duped by that pleasant sweet talking man or woman purporting to be a bank official looking after her interests. Finally may I say that in my opinion there is no way the banks would be prepared to take on millions of pounds worth of right off without we the customers footing the bill.

Anthony, where you say “I have to accept neither was it the banks fault“, I agree that it is nearly always not the sending bank’s fault, but often it is the receiving bank’s fault for allowing its accounts to be opened or taken over by fraudsters.

Pat Webb says:
19 May 2019

When my husband was scammed on our computer he was tricked into making a bank transfer for £300,- to ‘unlock it’, it with a further call to be made in the morning for more money. Various programs were added to the computer also. I realised as soon as he told me that it was a scam, called the bank, the police and the fraud officers. The bank, Barclays, told me that the money had gone into a Nat West a/c but could not or would not recover it. When the scammers had the cheek to phone back the next morning I answered it and said that there was to be no more money, I had removed their programs, informed the police and fraud squad, made it clear what I thought of them and hoped that their fingers and other important bits would drop off. AND No, they could not speak to my 80+ year old husband he was still recovering from his ordeal. I then wished them untold misery for their illegal acts and hoped they would die in pain and poverty. You will understand I was a little upset.

Pat, sorry to hear that but thanks for sharing your experience with us.

A common factor is that many scams try to catch us off guard and then panic us into taking hasty, ill-considered actions.

While many of us have learnt to be quite wary of door to door cold callers, we don’t all seem to be as cautious when dealing with unexpected phone calls.

https://www.which.co.uk/news/2019/05/27-million-lost-to-bitcoin-and-other-investment-scams/. …..” In the last financial year, almost £74,000 was lost every day to ‘get rich quick’ schemes and bogus online trading platforms, new figures show.

When people put their money into something about which they know nothing, in the hope of a bit of “get rich quick”, will we expect the banks, like TSB, to refund them? If so, it’s a “can’t lose” strategy and removes the need for taking considered decisions and exercising personal responsibility.

The article finishes with the current bandwagon “‘The banking industry must urgently step up its preparations to introduce confirmation of payee name checks, which could cut bank transfer fraud in half overnight.’” when Which? have already reported the view of the Payment Systems Regulator that the current “timeframes were not unduly conservative.