Policy submission

Lending Standards Board Review: APP Scams CRM Code - Which? response

2 min read
Advocacy Team

The Lending Standards Board’s Review of the Contingent Reimbursement Model Code for Authorised Push Payment (APP) Scams.

 Summary 

  • Reducing the occurrence of APP fraud must be the overwhelming priority of policymakers, industry and consumers. But the Contingent Reimbursement Model (CRM) Code’s primary objective should be to increase the proportion of customers protected from the impact of authorised push payment (APP) fraud.
  • While there has been an increase in the share of victims being reimbursed by signatories to the CRM Code, firms are not consistently meeting the Code’s standards in how they approach reimbursement decisions and treat victims.
  • To ensure that firms approach reimbursement decisions fairly, the Lending Standards Board should urgently work with firms to ensure they:
    • test warnings to see if they are ‘effective’;
    • base their judgements of what is reasonable on evidence of actual customer behaviour; and
    • evidence that they have implemented Confirmation of Payee in a way that customers can understand and respond to, before this provision can come into effect.
  • If firms are unable to provide evidence of the above, then they should not be rejecting reimbursement based on the relevant consumer standards. These provisions in the consumer standard should therefore not apply, either for individual firms or all firms. 
  • Firms should ensure they train all relevant staff in how to support customers who could be, or may have been, vulnerable to APP fraud. They should also provide victims with specific reasons to explain their reimbursement decisions.
  • Firms should have the option to self-fund reimbursement in ‘no blame’ cases, to help encourage firms to sign up to the Code. However, an industry fund would be a better long-term approach.
  • More broadly, Which? agrees with the Treasury Select Committee and UK Finance that standards for reimbursement should be set out in regulatory rules, rather than the existing voluntary CRM Code. The Government should clarify whether the Payment Systems Regulator can introduce these rules for reimbursement and, if necessary, provide the regulator with suitable powers or direct the action it expects the regulator to take.
Download our full response here

pdf (353 KB)

There is a file available for download. (pdf353 KB). This file is available for download at .