How many times have you received a text or email asking for money that you know is spam? Online fraud is now the most common form of crime in the UK, with over £1.2bn lost in 2022, according to UK Finance. Of this, £485m was lost to authorised push payment (APP) fraud, where criminals trick customers into sending them money by posing as someone they know. This fraud poses a real threat to consumers of all ages and undermines trust in our banking system and in our public sector. Something must be done.
The Covid-19 pandemic heralded a boom in APP fraud that shows no signs of abating, and fraudsters are now exploiting the cost-of-living crisis. There are many reasons for the growth of APP fraud in the UK in recent years. Fraudsters have proven remarkably adaptive, using ever more sophisticated techniques to target their victims online by seizing on the issues of the day. Fraudsters particularly target the UK for a number of reasons – the widespread use of the English language, our digitally connected society, and in particular the unintended opportunities presented by our innovative payments landscape.
Given the complexity of this issue, what can be done? We believe that there are a number of immediate steps that the government and the technology and banking sectors can take to rebalance the system in favour of consumers.
Firstly, the government should build on its positive work to date. The appointment of Anthony Browne as a fraud lead, and the publication of a blueprint to protect public from fraudsters (the government’s Fraud Strategy) are all steps in the right direction, but further action is required. In particular, more must be done to co-ordinate the Whitehall response to fraud, and ensure consistency across the Home Office, the Department for Science, Innovation and Technology, and HM Treasury. The government should also provide clear and accountable leadership in this space – there needs to be effective and streamlined leadership dedicated to tackling APP fraud, such as fostering greater collaboration between law enforcement agencies and industry, and ensuring law enforcement have sufficient skills and resource to adequately respond to the crime.
It is vital that we are all focused on preventing criminals reaching their victims in the first place. Measures proposed in the Online Safety Bill to tackle user-generated and paid-for advertising used by fraudsters are helpful and should be brought forward urgently. But these won’t prevent all forms of fraud, and more needs to be done to stop fraudsters from reaching people and causing emotional, as well as financial, harm.
Big tech has a significant role to play in preventing fraudsters reaching consumers in the first place. Santander data shows that over 70 per cent of purchase frauds originate on social media (Facebook 54 per cent; Instagram 15 per cent; Snapchat 4 per cent), and we recently published a 100 per cent increase year on year in ticket purchase fraud, driven by social media posts. It is simply far too easy for fraudsters to connect with their victims. Government should consider how they can incentivise those social media platforms that enable fraud to focus more on prevention, including through reforming reimbursement. It is only right that the firms that facilitate fraud take on the responsibility of compensation.
There is more that the banking sector can do (and is doing). Technical reforms to the payments system to introduce new data sharing standards can both support future innovation in banking and introduce services specifically designed to measure and prevent fraud.
Secondly, there is a notable inconsistency in how fraud is managed by the banking sector. As an industry, all financial services firms should follow a specific set of fraud rules, such as providing impactful warnings about fraud at the point of a payment, deploying Confirmation of Payee (CoP) to enable payee matching, and most importantly following and shaping the relevant codes on consumer protection and liability. However, inconsistencies in these processes across the sector mean that smart and adaptive criminals can exploit weak links.
Finally, we need a wider conversation about how our payments work in the UK: Faster Payments. The ability to make transfers in seconds is great for consumers when you’re repaying your friend £20 for the takeaway on Saturday, but it’s great for criminals who can exploit a moment of panic to get you to transfer tens of thousands of pounds. How can Faster Payments be reformed to meet our modern needs, introducing tailored warnings and checks depending on the amount and type of payments people are making? Reforms must reflect the reality of payments in the UK, where 3.6 billion payments are made a year.
To truly protect customers from the emotional and financial consequences of fraud there will need to be an alliance across all the sectors that facilitate or use digital interaction, from banks and fintech to large tech firms, social media companies and telecoms companies. Given the cross-cutting nature of digital technologies, there also needs to be greater leadership, accountability and investment from regulators, policymakers and law enforcement agencies.
For the UK to turn the tide against fraud, there has to be a more radical plan of action, using all possible means to put the brakes on authorised push payment fraud; working together, social media and technology firms, the banking and payment sector, the government and law enforcement agencies need to come together to tackle the rise in this criminal activity.
[See also: Britain’s banks can drive prosperity everywhere]