British Neobanks have a fraud problem. Here’s how to fix it.
October saw the introduction of new rules which oblige banks to compensate the victims of fraud. But, as we have argued previously, the problem is being tackled from the wrong end.
A mandatory system replaces the voluntary code which consumer groups had criticised as a “lottery” due to the very different levels of compensation paid by different banks. TSB and Nationwide reimbursed over 80 per cent of their customers’ losses. Monzo, Danske Bank and AIB each returned less than 20 per cent.
From October 7, banks must compensate victims of APP frauds up to a cap of £85,000. (APP, or Authorised Push Payment, frauds involve a victim making a payment which they believe to be genuine, but which in reality is a scam.)
Banks were horrified at an earlier proposal that the cap should be set at £415,000. They argued that such a high cap would lead customers to be reckless and incentivise fraudsters to collude in fake scams, where both purported victim and scammer were on the same side. The other major change in the new system is that the victim’s bank and the fraudster’s bank must jointly fund the compensation.
But the continued focus on the behaviour of victims’ banks is missing the point. We have previously advocated that the fraudster’s bank (that is, the bank to which the victim sent their money) should bear full responsibility for compensation. When a receiving bank opens an account for a fraudster, it has self-evidently failed its “know your customer” obligations.
Crunching APP data for 2023 collected by the Payment Systems Regulator supports this view. First, there is a striking variation between banks in the proportion of dodgy payments that they receive. Second, there is a clear correlation between certain types of bank and APP fraud.
For example, for every £1m that is paid into accounts at Skrill, an e-Money firm, £18,550 was the proceeds of an APP fraud. That compares with just £408 at TSB, the “worst” performing traditional bank. Crudely put, Skrill handles 45 times as much stolen money as TSB, taking their different sizes into account. It is over 100 times more than HSBC and Lloyds, 200 times more than Barclays and 300 times more than NatWest.
After Skrill, the next worst performers are Zempler Bank (founded in 2005 and known as Cashplus Bank until this year), PayrNet, and PrePay Technologies (both e-Money firms). Revolut, Starling and Monzo do a bit better, but all the challengers receive higher levels of fraud-tainted money than traditional banks.
The Financial Conduct Authority knows there is a problem. Following a 2022 review, the regulator said: “Challenger banks are an important part of the UK’s retail banking offering. However, there cannot be a trade-off between quick and easy account opening and robust financial crime controls. Challenger banks should consider the findings of this review and continue enhancing their own financial crime systems to prevent harm.”
In 2024, it stopped DZing Finance, another payment fintech, from taking on any new customers, having found that nearly 1 in 5 payments it received were linked to APP fraud.
The latest PSR data supports our view: until receiving banks are forced to pay 100 per cent compensation to victims, fraudsters will find account opening too “quick and easy” for the common good.
Contact us:
"*" indicates required fields