Banks propose payments levy to fund fraud reimbursement

UK Finance, which represents the UK's largest banks and payment service providers, has written to Pay.UK requesting the introduction of a 'contingent reimbursement model' (CRM) fee, to be charged on 'faster payment' transactions of £30 or more. Pay.UK is now seeking "views, insights and information" from those who would be affected by the proposal, and will publish its decision in November.

The CRM fee would be payable by banks at an initial rate of 2.9p per affected transaction, but they would be able to make a "commercial decision" about whether or not to pass this cost onto customers. The proceeds would be held in what the policy paper describes as a 'No Blame Fund Trust', and would be used to compensate customers who had been victims of authorised push payment (APP) fraud in circumstances where neither the bank nor the customer was at fault under the terms of the APP fraud code of practice.

However, civil fraud and asset recovery expert Alan Sheeley of Pinsent Masons, the law firm behind Out-Law, said that the sum that could potentially be raised by a 2.9p levy was small when compared to the scale of bank transfer fraud.

"Bank transfer fraud is a £354 million problem at present," he said. "It is accepted that the banks are doing a huge amount to implement new systems to detect fraud and to fight this type of crime. A 2.9p transaction cost will raise an estimated £58m - so there will still be a massive shortfall that will need to be paid by the banks to fund this black hole."

"The banks' exposure is particularly large given the second limb of the definition of APP frauds under the industry code, which requires the banks to pay not only in cases involving 'invoice hijacking' type frauds where funds are diverted to the wrong account, but also in cases where the customer transfers funds to another person for purposes which they believe are legitimate but are in fact fraudulent. This limb will expose banks to a massive class of claims, such as where the customer transfers money to a person who is the intended recipient but who proves to be a fraudster who runs off with the money. Neither the customer nor the bank could have known this at the time, and they may not discover the fraud for months or years. Despite this, the bank will be liable for the customer's loss," he said.

"If a levy is the accepted way forward, and the second limb of the definition is allowed to develop as per the wording of the code, then the levy will only increase one way - and who knows where it will stop," he said.

"In the next consultation the banks, as a group, must be considering as a priority how they will manage the frauds they are detecting together and also how they will attempt to recover money from fraudsters. If they fail to do this, and to put in place a proactive asset recovery team, then the customer will have no incentive to attempt to recover its money as it will recover it from the banks, and the police, who have limited resources, will likely state that the banks have enough resources to recover their own funds and should implement civil fraud and asset recovery methods to do so," he said.

A code of practice setting out the circumstances in which victims of APP fraud will be reimbursed by their banks came into effect on 28 May. APP frauds are those in which a bank makes a payment to a fraudster in response to a direct instruction from the customer - for example, where the individual is tricked into sending money to a fraudster's account because they believe it is owned by a legitimate payee.

Banks and payment service providers which have signed up to the industry code have committed to reimbursing customers, which include 'micro' enterprises and charities, if certain criteria are met. This may result in customers being reimbursed in circumstances where neither they nor the bank was at fault. The participating members of the UK banking industry have committed to fund these reimbursements until the end of 2019, but are now seeking a long-term source of funding.

UK Finance has proposed that the levy be charged on faster payments of £30 or more, subject to some exemptions. The most significant of these is an exemption for the first 100,000 transactions handled by each participating payment service provider each year. It has proposed an initial 2.9p per transaction levy, but this would be reviewed annually based on "the necessary size of the no blame fund and the volume of qualifying transactions".

The proceeds of the levy would be held in a trust, administered by a fund administrator to be appointed by UK Finance. Both code and non-code signatories which participate in the faster payments system would be able to access the fund in order to reimburse customers, although the process for drawing down funds would be different depending on whether the payment service provider is a signatory.

Pay.UK is seeking views on the proposal by 1 October 2019. It is particularly interested in whether the proposed transaction fee could have an impact on competition, or could discourage payment service providers from offering faster payments to their customers.