UK Banks Held to Higher Standards as APP Fraud Skyrockets

APP fraud, UK, banks, Barclays

Authorized push payments (APP) fraud in the U.K. amounted to £583 million ($706 million) last year as financial fraud in the country increased 39% from the previous year.

APP fraud is a type of scam whereby someone is tricked into authorizing a payment. Typically the victim thinks they are making a legitimate payment, when in fact, they are transferring money directly into criminals’ bank accounts.

See also: Authorized Push Payment Fraud Reaches ‘Epidemic’ Levels in UK

The latest numbers, published in June by the trade group UK Finance, mean that APP scams are now the biggest fraud threat to British businesses and consumers, having made up over half of the £1.3 billion ($1.8 billion) stolen through scams during 2021.

The report pointed to the increased use of online platforms as a result of the global pandemic as one of the factors contributing to the surge.

Some common types of APP fraud include investment scams advertised on search engines and social media, romance scams committed via online dating platforms and purchase scams promoted through auction websites.

Related: New Tech Arms Merchants With Evidence to Stop Friendly Fraud

Unlike fraud that involves unauthorized transactions, banks in the U.K. have no legal obligation to reimburse victims of APP fraud. However, they are bound by what’s known as the Quincecare duty.

The Quincecare Case

The Quincecare duty is named for a 1988 high court case in the U.K., Barclays Bank plc v Quincecare Ltd.

The case came to court after Quincecare’s chairman defrauded the company of £340,000. As the money was part of a loan issued by Barclays, the bank sued Quincecare for the stolen money. In its defense, Quincecare contested that Barclays should have been alerted to the fact that the chairman’s withdrawal was fraudulent, and that therefore it was the bank’s responsibility not to facilitate the illicit transaction.

The case rested on a single question: Did Barclays act irresponsibly by agreeing to fraudulent payment instructions even though they were issued by the legal executor of the funds?

In the end, the court decided in favor of the bank, and these days the Quincecare case is remembered for setting a precedent by which banks’ standards for due diligence in the prevention of fraud are held. In typical legal fashion, the judge’s decision at the time referred to “a reasonable standard of care in order to combat fraud and to protect bank customers.”

Since 1988, legal interpretations of the Quincecare duty have evolved to reflect the changing shape of financial crime. In the case of APP fraud, because the fraudulent transaction is authorized by the customer, the status quo so far has been that banks cannot be held responsible. But, in light of recent events, the bar for what is considered a reasonable standard of care may be moving.

An Evolving Duty of Care

Earlier this year, a U.K. court of appeal ruled that the case of Fiona Lorraine Philipp v Barclays Bank UK Plc should be returned to the high court after originally being struck out.

Mrs. Philipp and her husband Dr. Philipp were duped into transferring over £700,000 of their life savings into accounts in the United Arab Emirates (UAE). In court, Mrs. Philipp claimed that Barclays had not put sufficient safeguards in place to prevent her from making the transfer, which she thought was to a “safe account” following the advice of her own bank and the Financial Conduct Authority.

Read more: Biometrics Help in Fight Against Fraud, but Are Not the Only Solution Banks Need

As it turned out, the bankers and officials Mrs. Philipp and her husband thought they were in discussion with were imposters, and by the time this became apparent, the funds were long gone.

While the case is currently making its way through the courts, the fact that the original decision has been overalled is in itself significant. As the appeals court decision stated, “It is possible in principle for the Quincecare duty to arise in cases of APP fraud.”

By extending the Quincecare duty to APP fraud, the judge in the case recognized that banks’ anti-fraud measures should account for the nature of the recipient account, the value of the transaction and whether a payment is in accord with the payer’s previous transaction history.

Related: Experts Say Single-Layer Fraud Systems Open Invitation for Fraudsters

Of course, putting uncharacteristic payments temporarily on hold is a common practice in many banks, and technology that flags out-of-character payment requests are at the forefront of the battle against financial crime. To date, compensation schemes for APP victims have been led by banks themselves, but it looks as if that’s about to change.

In May, the Queen’s Speech introduced the Financial Services and Markets Bill. Once passed, the bill will give regulators the authority to force banks to reimburse victims of APP fraud.

Taken together, the relative success of voluntary reimbursement schemes, the ongoing case of Mrs. Philipp v Barclays Bank and the anticipated legislation suggest a change in the wind. It appears as if the U.K. legal system is moving towards greater culpability for banks to protect customers from APP scams.


Sign up here for daily updates on all of PYMNTS’ Europe, Middle East and Africa (EMEA) coverage.