UK bank transfer scam rules 'have failed', says Which?
A voluntary code to protect the victims of bank transfer scams has failed and should be replaced by mandatory rules, consumer lobby group Which? said on Tuesday.
Which? said customers were being treated unfairly by UK banks as many risk not getting their money back at all and claimed the number of people who are helped by their banks is “woefully low” at 41% of cases.
The number of scams has risen over the years with the switch to online banking. Nowadays, more email accounts are hacked in order to trick people into sending money to bank accounts operated by criminals.
Most of the big high street banks signed up to a voluntary code in May 2019 that requires them to reimburse customers who fall victim to such scams. But there are cases where the customer has been “grossly negligent” or ignored warnings where they would lose their money.
Which? says, however, that many people have been being treated unfairly or inconsistently when trying to recover their cash, and that the voluntary approach has failed.
In the analysis it was revealed that four of the eight banks signed up to the code had fully reimbursed victims in 6% or fewer of cases.
"The code is based on the fundamental principle of fully reimbursing those who have lost money to criminals through no fault of their own. However, in many examples firms were unfairly rejecting decisions that met this criteria, leaving people thousands of pounds out of pocket," Which? said.
"These denials occur even in instances of highly sophisticated scams where a fraudster was able to quote financial and personal details, or when criminals use manipulative tactics to pressure customers into making a transfer over days or even weeks."
It cited the case of a Lloyds Bank customer who lost £33,000 after falling victim to a number spoofing scam. The bank told her that it would not reimburse her because she did not take “sufficient steps” to verify that the communications were legitimate, "despite not yet providing any explanation about what these steps should have been".
In another, Nationwide initially only offered partial reimbursement to a customer who was scammed out of £4,000 after his builder’s email account was hacked. This was despite the bank admitting that it had failed to provide adequate warnings to the customer before the payment was made – though it did eventually provide a full refund, Which? said.
There are also concerns about how banks manage cases where a vulnerable customer has been scammed.
Which? heard from one customer who was defrauded out of £20,000 while undergoing extensive medical treatment. Santander initially refused reimbursement, on the basis that she confirmed that she had read the fraud message and was comfortable to continue with the payment.
The code is set to be reviewed by the Lending Standards Board, which is currently responsible for it, and Which? said the current system of warnings should be subject to much more rigorous testing and customer feedback.
"It should consider how customers could be manipulated to ignore these alerts, and what changes can be made to the design and wording of warnings to make them more effective," the group said.
In addition, it called for all payment service providers to submit data on the number and level of bank transfer fraud and reimbursements.
Gareth Shaw, head of money at Which?, said: “Even as this type of crime continues to surge, the lack of fairness, consistency or transparency across the industry means that the chances of people getting their money back is often a total lottery.
“A voluntary approach to tackling bank transfer fraud has failed. Banks, regulators and government must work together to make the code mandatory and ensure that strong standards on reimbursement are introduced.”
(Writing by Frank Prenesti; Editing by Michele Maatouk)