We use cookies to allow us and selected partners to improve your experience and our advertising. By continuing to browse you consent to our use of cookies as per our policy which also explains how to change your preferences.

Best banks for dealing with bank fraud

How does your bank handle fraud? Exclusive data obtained by Which? Money reveals the best and worst firms for handling fraud complaints.

In this article
Card and online banking fraud explained Banks unfairly rejecting card fraud claims Card fraud rules and regulations Deal with card fraud in five steps
Card fraud victims rate their bank

Card and online banking fraud explained

Online banking fraud, up 8% in 2017, occurs when criminals access an online account to make an unauthorised transfer, typically by tricking customers into revealing their security details through scam phone calls, texts and emails. 

Card fraud data is split into five categories (see below for details), with remote purchase fraud accounting for 72% of total card fraud losses last year, although instances of fraud on lost or stolen cards was up 51%:

 

Remote purchase fraud Also called 'card-not-present' fraud, this is when card details are stolen (for example, through a computer virus or an unsolicited email) and used to buy goods online, by phone or by mail order. 

Lost and stolen cards  When a criminal uses a lost or stolen card to make a purchase (remotely or face-to-face) or withdraw funds from an ATM. Victims might be shoulder-surfed for their Pin or even tricked into handing their cards over to criminals pretending to be helping with a police enquiry (often referred to as a courier scam).

Counterfeit card fraud When a fake card is created using stolen details from the magnetic strip on a genuine card. Crooks can use a cloned card in countries where chip and Pin isn’t available, such as the US.

Card ID theft When stolen or fake documents are used to open a new account in someone else’s name (application fraud), or when a criminal takes over an existing account.

Card not received fraud When a new or replacement card is stolen in transit before you receive it e.g. from a communal letterbox. 

Banks unfairly rejecting card fraud claims

If you’ve been a victim of fraud, your card provider should refund you immediately, unless it has evidence that:

  • You authorised the transactions yourself - and the bank can demonstrate this. 
  • You acted fraudulently or negligently - the burden of proof is on the bank to show that you deliberately or with ‘gross negligence’ failed to protect your card and/or Pin. 
  • You left it too late - the regulations state that you must inform your provider of unauthorised payments without 'undue delay' and, in any case, within 13 months.

Data exclusively obtained by Which? Money shows that banks don't always get this right. 

If your bank or credit card provider has refused to refund an unauthorised transaction, you can take your case to the Financial Ombudsman Service (FOS). If the FOS agrees with you, it will uphold your complaint and can  order the provider to refund you.

The table below ranks firms by the worst uphold rate for disputed transactions from April 2015 to February 2017, indicating the customers most likely to have their complaints unfairly rejected.

  Complaints resolved by FOS Upheld in favour of consumer
Barclays (inc Barclaycard) 975 36%
Santander 870 33%
Nationwide 290 28%
RBS 199 27%
NatWest 780 22%
Bank of Scotland (inc Halifax) 478 22%
Lloyds 484 22%
HSBC (inc First Direct) 493 21%
TSB 238 20%
Table notes: The uphold rate is created by looking at the outcome of the all the resolved cases in the period April 15 – Feb 17. We’ve only included providers with more than 100 resolved cases. Disputed transactions are defined as credit and debit card fraud and this may include misplaced transactions, missing payments, ATM disputes and debits applied incorrectly by retailers.

These figures suggest Barclays and Santander customers are at particular risk of getting a raw deal, with nearly a third wrongly denied compensation. When we obtained these figures in 2015, Barclays' record was even worse - the FOS upheld 56% of cases about disputed transactions. 

We showed the latest figures to Barclays and a spokesperson said: ‘We know from independent data that we’re making progress, but there is still more to do as these figures show. We will continue to take the action required to deliver the best experience possible for our customers.’

Card fraud rules and regulations

For debit cards, the new Payment Services Regulations state that the most you should have to pay is the first £35 (previously £50) of an unauthorised transaction, if the bank has reason to believe you should've been aware that your payment details were lost or stolen.

Your bank can only refuse to refund you if it has evidence that you acted fraudulently, or with 'gross negligence' - and the FOS takes the view that this is more than just carelessness.

If the fraud occurs on a credit card or a credit facility, the Consumer Credit Act takes precedence.

The issue of 'gross negligence' doesn't arise in this act so unless your card provider can demonstrate that you authorised the payment, you should get your money back. 

Importantly, this means that if an unauthorised payment was from an overdrawn current account (a credit facility for the purposes of the law), you can only be held responsible for the first £35 and should be refunded the rest of the overdrawn balance, including any charges incurred as a result. 

Read about your rights if your card has been lost or stolen.

Deal with card fraud in five steps

1. Act quickly Report fraudulent payments and lost or stolen cards immediately. If you think mail has been intercepted, or redirected to a new address, contact Royal Mail.

2. Change your security details If your online account has been hacked, change passwords and Pins to prevent the fraudsters from doing any further damage. 

3. Check your credit report Monitor your credit report for any new accounts opened in your name. 

4. Scan statements Contactless cards can be used fraudulently after being cancelled, so keep a close eye on your statements. 

5. Get a refund Banks should refund your account by the end of the next working day, unless they’ve reason to believe you acted fraudulently or negligently.

Card fraud victims rate their bank

When Which? surveyed 10,263 members online about card fraud in March 2017, nearly half (48%) told us they had experienced fraud before. We asked them to rate how their provider handled the claim. Results are in the table below.

Amex came top of credit card providers for its overall response, with a score of 97%, while NatWest’s score of 75% placed it at the bottom of the table. Barclays ranked lowest (74%) out of the five debit card providers we rated, while Lloyds Bank came top with 90%.

  Communication after the fraud took place Guidance on minimising fraud risk in the future Speed of replacement card Overall response to fraud
Credit card providers
Amex (38) 97% 77% 94% 97%
M&S Bank (61) 87% 86% 90% 92%
Nationwide (66) 88% 76% 94% 92%
Tesco Bank (86) 84% 68% 89% 90%
Co-op Bank (35) 85% - - 89%
Halifax (35) 79% - 90% 89%
HSBC (44) 79% 66% 90% 89%
Lloyds Bank (34) 76%   94% 88%
Barclaycard (176) 80% 75% 92% 87%
Capital One (32) 84% - - 84%
MBNA (55) 83% 69% 80% 84%
John Lewis / Waitrose (85) 75% 65% 76% 80%
Santander (30) 80% - 93% 80%
NatWest (59) 80% 74% 82% 75%
Debit card providers
Lloyds Bank (40) 85% 82% 95% 90%
Nationwide (53) 86% 82% 91% 87%
NatWest (36) 79% 88% 94% 86%
Santander (30) 80% - - 80%
Barclays (42) 66% 69% 95% 74%
Table notes: Which? surveyed 10,263 members online about card fraud in March 2017. Only those who had experienced card fraud in the previous two years were asked to provide feedback (1,318 cases). Percentages indicate providers rated good and excellent. Sample sizes in brackets. Sample sizes for different questions varied (a dash indicates that the sample size wasn't big enough to quote results).