Authorised Push Payment (APP) fraud – Arriving at a customer experience that delivers for everyone

Authorised Push Payment (APP) fraud – Arriving at a customer experience that delivers for everyone

There doesn’t seem to be a week go by when fraud is not covered by the mainstream press and the last two months have been no different. At the end of May the Payment Systems Regulator announced the results of its consultation and published an industry code to protect consumers against Authorised Push Payment (APP) scams and in June Citizens Advice ran their Scams Awareness campaign.

Our experience in developing proprietary and bespoke fraud solutions for different types of organisations and sectors gives us a unique insight into the launch of the APP code of practice and in particular its Contingent Reimbursement Model code (CRM), which came in to force on 28th May). For us the code is interesting, as beneath the positive consumer-first headline it presents a complex challenge for businesses that will demand a clear and well thought through customer experience strategy.

The challenge the Contingent Reimbursement Model code presents

On the face of it the voluntary CRM can be seen as a collective, industry approach to solving the ongoing and wide reaching problem of APP scams. However, from an industry perspective this topic has been a divisive a topic, particularly when it comes to how the problem should be approached.

This difference of opinion is visible in the response to the announcement of the code. A number of organisations have taken a PR friendly stance, confirming that they will pay out on all instances. This should be applauded as it provides a safety net and financial support for those who are victims of scams. Conversely a number of organisations are claiming that this type of approach will set the wrong precedent leading to consumers becoming less wary around transactions in the knowledge that they will always get their money back.

For Sarah Golding, Head of Fraud Consultancy & Sales Support, TransUnion, the pros and cons of the code are something the industry will need to face into; “Whilst the code is currently voluntary, it is clear through our discussions in the industry that it is generally being taken very seriously with key drivers being increased public scrutiny and pressure from industry bodies. Timely and positive action will be viewed positively by consumers and a reticence to join the movement could leave organisations in an awkward position.”

The unavoidable truth – and one that likely be lost on a consumer skimming the headlines or reading marketing copy – is that paying out on scams will not render a scam a victimless crime. If an organisation commits to paying out losses the reality is that they are likely to seek to recoup these costs elsewhere, and this recovery activity is likely to hit the pocket of the consumer base in general. Some banks have already intimated that they will need to introduce additional levies on high value transactions to ensure they have funds to cover themselves when things go wrong. So the customer experience conundrum banks will have to unpick is this; how can they offer consumers protection but look to minimise the cost for consumers in general through increased charges elsewhere?

Leading the way with a well designed approach

We have seen TSB striking the type of balance we think can be regarded as an early frontrunner of best practice.

TSB is one of the banks who have signed up to the voluntary code promising to refund all innocent customers who’ve fallen victim to fraud – even if they were tricked into handing over personal details or have sent money directly to a criminal.

But they have also set up their own Fraud Prevention Centre that sits on their own website and helps inform consumers on fraud including scales of loss, the impact that has and the signals that indicate a potentially dubious transaction. This feels like a balanced and holistic approach to solving the riddle. It’s in TSB’s interests to be advertising best practice for customers but there is a hidden subtext to that shows a clear commitment behind the scenes in an investment programme to reduce risks.

Strengthening your anti-fraud customer journey

In addition to a commitment to refund and to educate, organisations should also be looking at investing in technology and upgrading their fraud prevention solutions which should both drive down fraud cases and reduce any cost burden on the wider customer. The modus operandi used to conduct APP scams will continue to evolve and entirely new scams will be devised creating even greater opportunities to commit fraud. The industry, therefore, must also continue to evolve in order to address the challenge.

In our view organisations should be looking at:

  • Confirmation of payee initiative whereby consumers are made aware of the ownership of the account the payment is being made to
  • Investment in further controls in KYC to prevent money mule / fraudulent activity
  • Customer education

Measures like the Confirmation of Payee initiative will help, but there are further controls that could enrich this including more robust customer due diligence, flagging accounts that are at risk of facilitating the scams such as fraudulently opened accounts or those which are at risk of being involved in money mule activity. If the scams and resulting fraud can be prevented then the banks and all consumers are protected from loss and inconvenience.

There will be no silver bullet to protect banks and consumers from fraud and scams, but we all have to work together to continue to share knowledge to talk about the problems and create and invest in new ideas, technologies and preventative measures in order to continue to make it harder for the perpetrators.


If you’re a consumer with questions or issues related to your personal credit report, drivers history report, disputes, fraud, identity theft, credit report freeze or credit monitoring services, please visit our Customer Enquiries page for assistance.

Contact Us

TransUnion would like to send you original insight, commentary and research on data, software and analytics, early notifications of exclusive events and information about our products and services. If you would like to receive that information, please let us know using the following options:

Business enquiries: If you have a non-sales related query please call us on (+44) 0113 388 4300

Please read our privacy notice , which explains who we are, how we collect and use your personal information and how you can exercise your privacy rights.

We're sorry, your request failed. Please try again in a little while.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.