Reimbursement for APP Fraud: A Guide on Your Rights

Words by
Charlotte Russell
September 27, 2024
October 7, 2024

The Payments System Regulator is introducing a new reimbursement requirement for payment service providers. This change aims to combat Authorised Push Payment (APP) fraud. Starting from 7th October 2024, CHAPs and faster payments will need to meet these new standards. But what does this mean for you and your money?

This is a general guide, speak with your payment service provider for their direct guidance. Full regulations can be found here.

If you are a Telleroo customer, and have become a victim of fraud, find specific guidance on reimbursement here.

Contents:

What is Authorised Push Payment (APP) Fraud?

Authorised Push Payment (APP) Fraud is when the account holder is tricked by a fraudster. Here are two examples of an APP scam:

  • Malicious payee: You have been manipulated into believing you are purchasing products, but in reality, these products either do not exist or are never delivered to you.
  • Malicious redirection: You have been made to believe that you are interacting with your bank or payment service provider, but a fraudster is actually manipulating you to transfer funds from your account to theirs.

In 2023, losses from APP Fraud totalled £459.7 million, across 232,429 cases. In a report by UK Finance, they detailed a shift in fraudsters' tactics choosing methods that use social engineering. Social engineering is deceiving individuals into revealing confidential information or taking actions that lead to a security breach.

Here's what you need to know, and how to protect your money and teams

How will the new reimbursement requirement affect me?

Payment service providers (PSPs) will need to reimburse customers who fall victim to APP fraud. Reimbursement will be split 50/50 between the sending and receiving payment firms. This is for CHAPS and Faster Payments only within the UK.

This reimbursement applies in most cases and only to customers considered in-scope, which we'll cover shortly. Additional protections are to be provided to vulnerable customers.

As stated, this is a requirement for payment service providers (PSPs). This means that the organisations listed below will need to provide you with reimbursement if you fall victim to APP fraud:

  • Authorised payment institutions, such as a high street bank.
  • Small payment institutions.
  • Registered account information service provider.
  • EEA registered account information service provider.
  • Credit institution.
  • Electronic money issuer.
  • Post Office Limited.
  • The Bank of England, other than when acting in its capacity as a monetary authority or carrying out other functions of a public nature and government departments and local authorities, other than when carrying out functions of a public nature.

Am I eligible to receive reimbursement?

  • You are a sole trader or your company is a micro-enterprise or charity: Meaning your annual turnover does not exceed €2 million in total or your annual balance sheet does not exceed €2 million in total. And you employ less than 10 people. For charities, your annual income should be less than £1 million per year.
  • The payment was made on or after 7th October 2024, and your claim is submitted within 13 months of the fraudulent payment being sent.
  • It was a Faster Payment or CHAPS within the UK, with reimbursement up to the value of £85,000.

You also need to have fulfilled your consumer obligations. There are considerations for vulnerable consumers.

What will not be reimbursed under the new requirement?

You will not receive reimbursement if your claim meets any of the criteria below:

  • Civil Dispute: You have paid legitimate supplier(s) for goods or services and have not received them or they are defective in some way. There is no indication of the supplier having an intent of fraud.
  • First party fraud: You were a willing and knowing party in the scam.
  • Gross negligence: You have not considered your payment service provider's warnings, interventions or have refused to cooperate.
  • Dates: The claim is for a payment made before 7th October 2024, or the claim is submitted more than 13 months after the fraudulent payment has been sent.
  • Destination: Payment is outside of the UK.
  • Payee: The payment is made to an account you control.
  • Authorisation: You as the account holder did not authorise the payment. For example, if your account had been taken over by a fraudster, and they sent payments from within your account.
  • Payment reason: The payment was made for unlawful purposes.

It's also important to note how reimbursement applies in the case of money mules. A money mule is someone who receives money from a victim, and sends this money onto a fraudster. The transaction between the victim and the money mule is covered for reimbursement. From the money mule(s) to fraudster(s) is not covered.

What do I need to do?

As a consumer, you also play a part in this process. Here is the Payment System Regulator's guidance on what you need to do. If you don't comply, it could be seen as gross negligence, which may make you ineligible for reimbursement.

  • You should have regarded any intervention made by your payment service provider.*
  • Upon learning that you have become a victim to an APP scam, you should report the fraud promptly to your payment service provider.
  • You should respond to any reasonable and proportionate requests for information made by your payment service provider.
  • You should, after making a claim, consent to your payment service provider reporting the case to the police.

There are considerations for vulnerable consumers.

*Your payment service provider may step in before you send a payment if it suspects fraud. This intervention can vary by provider and might include a pop-up, a questionnaire, a direct contact from their team, or a hold on the payment. If you disregard this intervention and proceed with the payment, it could be seen as gross negligence, making your claim ineligible for reimbursement. Currently, we only have general guidance from the Payment System Regulator and don't have a clear definition of what level of intervention constitutes gross negligence.

How quickly will I receive reimbursement?

After you have reported a payment to your payment service provider, they have five business days to assess your claim and reimburse you if you qualify.

However, payment service providers have the option to 'stop the clock' in order to verify that you have the authorisation to submit the claim, and gather additional information to assess the claim.

When a payment service provider 'stops the clock' it pauses their countdown on the 5-day limit, and allows further information to be gathered, up to 35 days.

There is no limit to how many times this can be used. However, guidance to providers is that it should be used in proportion to the value and complexity of the claim.

What happens if the funds are recovered?

As you will have already received reimbursement from both the sending and receiving payment service providers for the payment, any recovered funds goes to those payment service providers.

What else should I expect from my payment service provider?

Included in the requirement are expectations for payment service providers around what they should communicate with you and when:

  • Your payment service provider should update their Terms & Conditions to include details on APP fraud reimbursement.
  • They should contact you about these changes to their Terms & Conditions no later than the 9th April 2025.

Additionally, they should send you extra communications so that you as a consumer:

  • Are aware that you can be reimbursed by your provider for APP scams. You should receive consistent and clear messaging about the scope of protections.
  • Understand what to expect if you fall victim to an APP scam and make a claim for reimbursement.
  • You should be aware of the steps you can take to protect yourself from APP scams, and how your payment service provider can support you.
Categories
Accounting
Faster payments
Payment Security
Share this post
About the author
Charlotte Russell
Marketing Manager
With pen to paper, Charlotte creates your go-to resources for accounting, bookkeeping and payments! Also Telleroo's meme-ologist (making you laugh on Telleroo's LinkedIn).
Related posts.
Payroll for triple-digit teams: How FAB Accountants offers speedy and effective payroll management using FreshPay and Telleroo
November 6, 2024
Accounting
Payroll
Payment Security
Xero
Case studies
How to protect yourself from payment fraud
October 28, 2024
Payment Security
Reimbursement for APP Fraud: A Guide on Your Rights
October 7, 2024
Accounting
Faster payments
Payment Security
Company & Products
AccountantsAPICostsIntegrationsBlogSign upBusiness owners & FDsAccountants & BookkeepersAccounting Resource Hub
Contact & Support
Contact usHelp SiteComplaintsLinkedinTwitterFacebook

Telleroo (Firm Reference 902767) is an agent of Moorwand (Firm Reference 900709). Moorwand is authorised by the Financial Conduct Authority (FCA) Firm Reference 902767, under the Electronic Money Regulations 2011 and the Payment Services Regulations 2017. Telleroo distributes electronic money issued by Moorwand and can provide other payment services on behalf of Moorwand. Moorwand holds all relevant client funds in a safeguarded account at ClearBank Ltd (Firm Reference 754568), regulated by the Prudential Regulation Authority and the FCA.

Give us a call: 0203 6334 810

St Mary's Court, Amersham, Buckinghamshire,
England, HP7 0UT

Privacy PolicyTerms & ConditionsAPP Fraud Reimbursement