New code for bank fraud: five flaws that must be fixed

The Daily Telegraph - Your Money - - FRONT PAGE -

New rules will force banks to re­im­burse many fraud vic­tims – but there are some glar­ing omis­sions, writes Sam Mead­ows

Fraud vic­tims risk be­ing failed by new rules on re­im­burse­ment of losses un­less key changes can be agreed, Tele­graph Money says to­day. The draft rule book on when those who fall for bank trans­fer scams should get their money back was fi­nally un­veiled at the end of Septem­ber, af­ter months of work by a group of watch­dogs, con­sumer groups and banks.

Bank trans­fer fraud is Bri­tain’s fastest-grow­ing crime: £145m was stolen in the first six months of 2018, in­dus­try fig­ures show. Shock­ingly, only £31m was re­turned to vic­tims.

The meth­ods used by crim­i­nals are in­creas­ingly de­vi­ous and com­plex. This news­pa­per has re­ported cases in­volv­ing fake car web­sites, hi­jacked com­pa­nies, stolen pen­sion trans­fers and email in­ter­cep­tions that led to lost house de­posits.

The new rules es­tab­lish a clear prin­ci­ple that those who fall vic­tim through no fault of their own should be re­im­bursed. But dis­putes over who should pay have al­ready seen the code’s in­tro­duc­tion pushed back to the new year.

Sub­mis­sions to the pub­lic con­sul­ta­tion on the new rules are due by next week, and be­fore the code is fi­nalised Tele­graph Money is call­ing for the fol­low­ing five im­prove­ments.

Con­sumers must not be made to foot the bill

The code es­tab­lishes that, in sit­u­a­tions where fraud vic­tims were clearly duped, they should get their money back. When a bank has failed to meet the re­quired stan­dards – if it didn’t prop­erly warn the cus­tomer of the risks or failed to spot the cus­tomer’s vul­ner­a­bil­ity, for ex­am­ple – the bank will meet the cost of re­im­burs­ing the cus­tomer.

The dis­pute is over who should pay when nei­ther party is at fault, per­haps be­cause a third party has had their email ac­count hacked. In th­ese cir­cum­stances, the cus­tomer will be en­ti­tled to a re­fund un­der the new code, but the banks, hav­ing done noth­ing wrong, will not want to meet the cost of such re­funds them­selves.

The con­sul­ta­tion doc­u­ment pro­poses a num­ber of fund­ing mech­a­nisms, in­clud­ing a charge on large trans­fers and a re­quire­ment for the cus­tomer to buy fraud in­sur­ance. Con­sumer groups have widely con­demned th­ese so­lu­tions.

Banks, which make bil­lions of pounds in prof­its ev­ery year, must be made to foot the bill. There should be no ad­di­tional charges for con­sumers.

Swift ac­tion when fraud­u­lent trans­ac­tions are re­ported

When vic­tims re­port fraud, a de­lay in com­mu­ni­ca­tion be­tween the banks in­volved could give crim­i­nals time to re­move the funds. The code it­self does not in­clude rules on how quickly a vic­tim’s bank should con­tact the fraud­ster’s bank. In­dus­try rules sim­ply say ac­tion should be taken swiftly.

This news­pa­per calls for a 30-minute time limit. When you re­port fraud, your bank should con­tact the re­cip­i­ent bank within that time to al­low the ac­count to be frozen.

Ac­tion on re­cip­i­ent banks

Ex­perts say bank trans­fer fraud would barely ex­ist if the crim­i­nals were not able to open ac­counts to re­ceive the stolen money. Fraud­sters of­ten take ad­van­tage of lax se­cu­rity mea­sures in bank branches and open ac­counts in per­son us­ing false names and doc­u­men­ta­tion. Banks must al­ready fol­low strict “know your cus­tomer”

reg­u­la­tions, de­signed to prevent money laun­der­ing, but th­ese rules do not re­quire them to as­cer­tain be­yond doubt whether doc­u­ments are gen­uine. Tele­graph Money has seen cases in which ac­counts were opened us­ing fal­si­fied util­ity bills lit­tered with spell­ing er­rors.

The new code pro­vides few clear rules for th­ese re­cip­i­ent banks to fol­low. But any bank that al­lows an ac­count to be opened us­ing fake doc­u­ments should be re­quired to re­fund vic­tims.

Crim­i­nal gangs also use le­git­i­mately opened ac­counts of third par­ties to laun­der funds – a prac­tice known as “money mul­ing”. Banks must be re­quired to use their so­phis­ti­cated sys­tems to spot when an ac­count bears all the hall­marks of a mule ac­count – large amounts com­ing in and swiftly mov­ing on to sev­eral dif­fer­ent ac­counts, for ex­am­ple.

They should not be able to hide be­hind data pro­tec­tion rules when con­tacted by vic­tims. Tele­graph Money has re­ported on the case of Saqib Qureshi, who lost £55,000 in a solic­i­tor scam but was told by San­tander that the bank could not help him be­cause of data rules. The code should re­quire re­cip­i­ent banks to make ev­ery ef­fort to help vic­tims, even when they are not a cus­tomer of the bank in ques­tion.

A quicker com­plaints sys­tem for cus­tomers

Ac­cord­ing to sources close to the dis­cus­sions, banks want the rules to say that, un­less vic­tims make clear that they are rais­ing a com­plaint, it will not be treated as such. This could mean a wait of as much as 70 days be­fore they can ap­proach the om­buds­man. For those who have lost life-chang­ing sums, this could be ru­inous.

Sup­port for past vic­tims

One hole in the rule book is that it will not ap­ply ret­ro­spec­tively, so will be of no help to the thou­sands of peo­ple who have been vic­tims in the past.

It also cre­ates a cliff edge by which some­one who falls vic­tim on Dec 31 may be de­nied a re­fund, but some­one who falls vic­tim the fol­low­ing day would get their money back.

Jack War­wick of Ac­tionS­cam, a fraud re­cov­ery ser­vice, said: “What is the dif­fer­ence be­tween a vic­tim from two years ago and a vic­tim from to­day? Ev­ery day the banks de­lay is a day when con­sumers will lose thou­sands.”

Tele­graph Money calls for the fi­nalised rule book to be ap­plied to those who have fallen vic­tim since Sept 28, when the con­sul­ta­tion was pub­lished.

Newspapers in English

Newspapers from UK

© PressReader. All rights reserved.