Push payment fraud: Update Autumn 2018

17th October 2018

Banking & Finance Litigation specialists Louise Power and Rachel Elgar report on the Payment Systems Regulator’s (PSR) recent proposals for dealing with push payment fraud.

What is push payment fraud?

Payments are described as ‘push payments’ when the payer obtains the payee’s account details and instructs their bank [1] to send (or push) money to it. The opposite ‘pull payment’ is where the payer provides the payee with the relevant account details, and the payee is authorised to take (or pull) funds from the payer’s bank account.

A push payment fraud will therefore involve the fraudster somehow persuading the consumer to organise a transfer from the consumer’s account to the fraudster’s account. Examples could include:

• a fraudster who poses as a solicitor and asks the consumer to transfer deposit monies for a property transaction
• a fraudster who poses as a builder to receive a large cash transfer
• a fraudster who impersonates a consumer’s friend in order to persuade them to transfer a sum of money.

In most cases, the customer will notify the bank only after the payment has been made, by which time the fraudster will have made off with the funds by transferring them out of the offending bank account and possibly out of the country.

These types of frauds have been reported in the mainstream press, as has the financial services industry’s perceived inconsistent treatment of such frauds (that is, some banks much more readily reimbursing the victim than others). There have therefore been calls for changes to legislation and/or to the regulatory framework, so that banks are required to do more.

Combatting push payment fraud – the story so far

A ‘super-complaint’ was submitted by the consumer action group Which? to the PSR in September 2016 entitled ‘Consumer safeguards in the market for push payments’.  Which? argued that consumers do not receive sufficient protection from this type of fraud, compared to the protections in place for other types of fraud (for example credit card and direct debit frauds). Which? suggested that where such frauds have taken place, legislation or regulation should be changed so that:

• provided a customer had not been fraudulent or grossly negligent, the customer is reimbursed by the bank (even where no fault is attributed to the bank); or
• the consumer is only protected in circumstances where the bank has been adjudged to have fallen short in some way, for example in cases where the bank has not put in place proper arrangements for managing the risks associated with fraudulent payees.

In November 2017 the PSR consulted on how financial institutions deal with push payment fraud, as well as how customers are compensated once a fraud has taken place.  In February 2018 following that consultation, the PSR confirmed that it would proceed with plans to better protect victims of push payment scams by implementing a scheme that would make reimbursement contingent on the actions of the banks both sending and receiving the funds when a push payment scam occurs.

In March 2018 the PSR established a dedicated steering group, comprised of industry and consumer representatives, to lead the development of a voluntary industry scheme to reduce the occurrence of push payment fraud and to lessen the impact of such scams that do occur.

Contingent reimbursement – draft industry code

The steering group has now published a draft contingent model code which aims to ensure that the scheme is designed in the best way to minimise fraud and to protect victims.

The code is underpinned by the following core principles:

• incentives for those with the ability to effectively prevent push payment scams and reduce their impact
• consistency of outcomes for parties with the same circumstances
• leverage of existing and future initiatives that are likely to be effective at preventing and helping respond to push payment fraud
• adoption by all banks that have an element of control over preventing and responding to push payment scams
• no contingency on the recovery of funds
• no adverse impact on banks’ ability to make goodwill payments
• no adverse impact on commercial development of further consumer protections
• the scheme should be developed in such a way that it is capable of becoming part of the relevant considerations that FOS can take into account when determining outcomes of a consumer complaint about push payment fraud.

The code also includes proposals for reimbursement depending on whether the relevant parties – that is both the banks and the customer/victim – have met the levels of care expected of them. Proposed levels of care are also set out in the draft code.

Next steps

Responses to the draft contingent model code for dealing with push payment fraud are sought by 15 November 2018, with the intention that the finalised code will be implemented in early 2019.  Walker Morris will continue to monitor and report on key developments.

Walker Morris regularly advises banks and other lenders in relation to push payment fraud.  If you are a financial institution and would like further advice or assistance in relation to this or any other lender services issues, please do not hesitate to contact Louise Power, Rachel Elgar or any member of Walker Morris’ Banking & Finance Litigation Team.

________________

[1] or any other ‘payment service provider’.  On the basis that most individual and commercial customers will have a bank account, and for the sake of brevity, we will refer to ‘banks’ in this note.  Our comments will apply generally, however, to all payment service providers.