Authorised Push Payment Scams: Contingent Reimbursement Model (CRM) Code

From 28 May 2019, consumers benefit from significantly increased protections against authorised push payment scams. This is because of a new industry voluntary Code developed by the APP Scams Steering Group. Click on the ‘CRM Code’ icon below for a copy of this Code.

Authorised push payment (APP) scams are when customers are tricked into authorising a payment to an account that they believe belongs to a legitimate payee – but is in fact controlled by a scammer.

The new Code sets out increased consumer protection standards which will help reduce the number of APP scams. To help protect customers, payment service providers (such as banks, building societies, credit unions, and electronic money and payments institutions) that have signed up to the Code commit to:

• protecting their customers with procedures to detect, prevent and respond to APP scams, providing a greater level of protection for customers considered to be vulnerable to this type of fraud; and
• greater prevention of accounts being used to launder the proceeds of APP scams, including procedures to prevent, detect and respond to the receipt of funds from this type of fraud.

Importantly, any customer of a Payment Service Provider which is signed up to the Code can expect to be reimbursed where they were not to blame for the success of a scam. A customer can be either a consumer, micro-enterprise or charity, as defined in the Code.

The LSB took over responsibility for the CRM Code in July 2019. The LSB’s responsibility covers:

• development of the Code itself to ensure that it delivers fair outcomes for consumers; and
• independent oversight of signatory firms to provide assurance that the Code is being adhered to, good practice is identified and generalised and breaches are identified and remedied.

The LSB Board has appointed an advisory group, chaired by Ruth Evans, to support and challenge the LSB’s discharge of its responsibility for the Code.  The Advisory Group comprises equal numbers of consumer and industry representatives.

The LSB has committed to a first annual review of the operation of the Code in Summer 2020 and will shortly publish more information about its planned approach, including its intention to consult widely with consumer representatives and the industry.  In preparation for this review and as a contribution to its oversight responsibility, the LSB is working with the Advisory Group on a set of performance measures to provide insights into how the Code is working for consumers.  The LSB is also well-advanced with its own compliance review of the provisions of the Code governing the reimbursement of consumers.  The purpose of this review, which will be completed early in the New Year, is to ensure that signatory firms are interpreting consistently and correctly the requirement of the Code to reimburse the victims of push payment scams where they were not to blame for a scam’s success.  The LSB will publish a full report of this review and, meanwhile, is providing continuing feedback to firms on its findings.

For media queries relating to the CRM code, contact Lola Reid at Portland Communications:

• Email: lola.reid@portland-communications.com
• Telephone: 0845 030 6073

More information for consumers and on who signed up to the Code can be found by clicking on the icons below.

Documents relating to the APP Scams Steering Group can be found here.