Locked out: how your bank could shut down your financial life

While fraudsters control an army of bank accounts, innocent people are being blacklisted. Faye Lipson asks why
Faye LipsonSenior researcher & writer

While fraudsters are able to abuse vast numbers of bank accounts to launder their victims’ stolen money, innocent people are being caught up in the counteroffensive.

Individuals are turning to the ombudsman for help after being wrongly flagged as money launderers and shut out of their bank accounts, our investigation has found.

In the year 2022-23, the Financial Ombudsman Service (FOS) received 1,389 new complaints about the closure of current accounts (that’s a minimum, according to the FOS, which says the figures aren't exact).

It upheld 25% of these, agreeing with aggrieved customers that their providers had acted unfairly.

But having your account closed is just the start. We've found how an effective bank blacklist can leave you unable to get a bank account, mortgage or even a mobile phone contract for up to six years.

Be more money savvy

free newsletter

Get a firmer grip on your finances with the expert tips in our Money newsletter – it's free weekly.

This newsletter delivers free money-related content, along with other information about Which? Group products and services. Unsubscribe whenever you want. Your data will be processed in accordance with our Privacy policy

The bank accounts run by fraudsters

Scams in which victims are tricked into making bank transfers to con artists (known as authorised push payment, or APP scams) have been on the rise for several years.

More than 200,000 instances were recorded last year, which is an increase of 6% on the year before, according to banking association UK Finance.

To make these scams work, fraudsters need bank accounts to receive the money, before it can be dispersed elsewhere.

They come by these accounts in various ways, such as by using ‘money mules’ who give fraudsters the use of their accounts.

While some mules are paid-up accomplices, others may not know why money is being moved through their account, have been conned by someone posing as an employer, or are vulnerable and being manipulated.

Fraudsters can obtain accounts through other means, notably by applying for accounts in the names of unsuspecting strangers, or even by cultivating fictitious identities with fake utility bills.

Credit reference agency Experian says one in 100 current account applications are identified by banks as fraudulent, with individuals knowingly giving false information.

Account shutdown

Banks shouldn’t let fraudulent accounts be opened in the first place, but closing them is a vital weapon in the fight against fraud. That's assuming they target the right accounts.

An upheld complaint about a bank closing an account very rarely results in accounts being reopened. Typically the customer receives compensation and an apology, but the account will remain closed.

Banks normally must give 30 days’ notice of an account closure. In cases of suspected fraud there’s no minimum notice requirement. Customers could have just days to make alternative arrangements.

If losing your account wasn’t bad enough, banks can take a further, much graver, step, of recording a marker against your name on the Cifas National Fraud Database. This identifies you as a possible fraudster to all member firms, including hundreds of banks, credit providers, insurers and telecoms firms.

Whenever you apply for a product or service with another member, they will check the database for fraud markers. And while the database isn’t technically a blacklist – members are free to make their own decisions about which customers they take on – the reality is that with a marker, many providers are likely to reject you.

Make your money go further

Find the best deals, avoid scams, and grow your savings with our expert guidance. From only £4.99 a month.

Join Which? Money

Cancel anytime.

Blacklisted?

In most cases, Cifas markers are applied correctly and prevent scammers simply resuming their antics with a new provider.

But if you’re among the small number where they are unjustly applied, the results can be catastrophic, leaving you unable to get new bank accounts, mortgages or even phone contracts for the six-year life of the marker (unless it’s challenged).

Perhaps the most extraordinary aspect of Cifas markers is that your provider doesn’t have to tell you if it’s recording one. This means you may only discover its existence after having applications to other firms declined. And this in itself can dent your credit score.

Cifas is able to behave in this way because it’s a membership body for the financial industry. It has no statutory footing and little oversight beyond the FOS, which mainly scrutinises individual decisions.

The numbers are shocking:

  • Last year, members added 70,000 ‘misuse of facility’ markers to the database
  • As of mid June, there were 375,000 misuse of facility markers
  • The FOS received 1,155 complaints – for all kinds of financial products – which referenced Cifas as part of their complaint

Again the FOS data is previously unpublished and not verified in the same way as its other data. The FOS told us that this number was a minimum, but that the overall number of Cifas-related complaints has dropped over the past five years, though uphold rates have remained fairly consistent, currently at 31%.

The 'uphold rate' for individual banks and providers - indicating what percentage of a firm's decisions have been overturned by the FOS - varies from year to year, and so it is difficult to pinpoint a consistent 'worst offender'. Having an account shut down unfairly is not an experience limited to customers of a particular provider.

In the FOS’s decisions database, we found examples of innocent customers unfairly marked as fraudsters. In one case, this was because the bank had ‘failed to consider if [the customer] himself was the victim of an attempted identity theft or fraud’. It paid the customer £100 compensation.

Upholding another case, the FOS said the bank was justified in closing an account but hadn’t ‘done enough to show that [the customer] was complicit in fraud and so it unfairly recorded the fraud prevention marker against her’. The FOS added ‘a marker shouldn’t be registered against someone who was unwitting; there should be enough evidence to show complicity.’ It ordered the bank to remove it.

Locked out: how innocent people are labelled as scammers

'No scrutiny'

Someone who’s very familiar with wrongly applied Cifas markers is Tim Thomas, one of the directors at corporate protection law firm Richardson Lissack. The company represents around 40-60 clients a year in disputes over account closures and Cifas markers.

He describes the ability to record Cifas markers as ‘almost unfettered power’ and if matters aren’t resolved by the FOS ‘the only recourse is to sue for inaccurate use of personal data, and that’s extremely expensive.’ Thomas believes there’s ‘no scrutiny [of Cifas] at all’ as it’s an industry body funded by its members. ‘It has no statutory remit.’

Generally, he says, he is most successful in dealing with banks directly. But this path can be anything but smooth, and in one instance, it took two years to get something removed from the database for his client.

In his experience, people can find themselves subject to unjust markers for all sorts of reasons – sometimes because they’ve naively given out their bank details to a friend. In other cases, owners of small businesses are maliciously accused of fraud by scammers hoping to claim a refund while keeping the high-value goods they had ordered. Such accusations and chargeback requests can see a genuine account shut down.

Sometimes money appears to arrive into an account from an unusual source, and, Thomas says, banks don’t ask questions at the time of receipt, they just leap to conclusions.

‘There’s a degree of racial profiling,’ he adds. ‘I have come across this frequently with Nigerian clients of impeccable standing but who might do things in a slightly unusual way.’

He describes how the difficulty of obtaining sterling can lead to genuine business funds passing through informal networks of acquaintances within the West African diaspora, raising a false alarm at the destination bank.

Which? View

We need to strike a balance

Cifas has not specifically created a blacklist but the relying parties, who are trying to stop fraudsters, can use it as such.

Due to the lack of other available fraud data from sources, such as online social media platforms and telecoms firms, there is a risk the banks using Cifas data put an overemphasis on existing limited sources and raise red flags without performing extra checks.

This is why Which? is calling for the government and the Information Commissioners Office (ICO) to ensure that there is a route to sharing data about suspicious behavior and actual fraud to disrupt fraudsters.

Our campaign to bring fraud into the scope of the Online Safety Bill includes requiring social media platforms to use data sources as part of checks to stop scam adverts.

Wider sharing makes it more important than ever that consumer protection is at the heart of these initiatives, and that organisations can be held accountable when innocent people are labelled as criminals.

There needs to be a route for customers to understand why they’re being denied service – and challenge decisions, with minimum paperwork and cost, while stopping genuine crooks getting through.

Banks and Cifas respond

Cifas told us it prevented £1.6bn of fraud in 2022, protecting ‘citizens, businesses and the public purse’. Key to this is ‘prevention activity [relating] to misuse of a banking facility [as] these money flows facilitate scams [and] other serious crimes harming the most vulnerable... including people trafficking and human slavery’.

It added it was ‘proud to operate in full compliance with legal requirements and with openness and transparency, including a publicly available Legitimate Interests Assessment and Ethics and Corporate Social Responsibility Policy’.

It highlighted its own complaints procedure for those wishing to dispute markers, adding that ‘Cifas cases overturned by the FOS remain extremely low when compared to the 409,000 cases recorded by our members in 2022.’

Banking industry body UK Finance told us protecting customers from fraud was its ‘absolute priority for the banking and finance industry. Any decision to close an account is only taken after extensive review and analysis of the activity on the account and each case is dealt with individually.

‘Banks are required to adhere to legal requirements when assessing criminal activity and in every case, the bank must always ensure the customer is treated fairly.’

It highlighted its anti-muling education campaign (moneymules. co.uk) and urged customers to ‘never share Pins, passwords or passcodes with anyone or allow your bank account to be used by someone unless you know and trust them.’

What to do if your account is closed

  1. Make alternative arrangements: Check what’s happened to the money in your account, as banks deal with this differently. Direct debits won’t be paid, so contact receiving firms to find other ways to pay. 
  2. Complain: Complain in writing to your bank or provider first. If you’re not happy with its response, or it doesn’t respond in eight weeks, you can go to the Financial Ombudsman Service (FOS)
  3. Look for Cifas markers: It won’t appear on your credit report, so to do this, you must make a data subject access request to Cifas online using two forms of ID. 
  4. Challenge markers: Complain to the firm or organisation that recorded it. If this doesn’t work, you can take your complaint to Cifas. If that fails, you can take the matter to the FOS. 
  5. Be careful with applications:  A Cifas marker alleging fraudulent activity will not appear on your credit report or directly affect your credit score, but it will be visible to firms that check the Cifas database when assessing customer applications. What will dent your credit score is making multiple rejected applications for financial products, because you weren’t aware of the marker’s existence. 
  6. Speak to providers: If you have a Cifas marker recorded against you and need to open a bank account, speak to your desired provider before applying. Some providers may be more lenient than others or may offer a basic bank account with no overdraft. You could also consider a prepaid account that offers a current account, sort code and debit card. 

Sign up for scam alerts

Our emails will alert you to scams doing the rounds, and provide practical advice to keep you one step ahead of fraudsters.

Sign up for scam alerts
Sign up

More on this

Related articles

About Us

Which? Limited is registered in England and Wales to 2 Marylebone Road, London NW1 4DF, company number 00677665  and is an Introducer Appointed Representative (FRN 610689) of the following:


1. Inspop.com Ltd for the introduction of non-investment motor, home, travel and pet insurance, who are authorised and regulated by the Financial Conduct Authority (FCA) to provide advice and arrange non-investment motor, home, travel and pet insurance products (FRN310635). Inspop.com Ltd is authorised and regulated by the Financial Conduct Authority (FCA) to provide advice and arrange non-investment motor, home, travel and pet insurance products (FRN310635) and is registered in England and Wales to Greyfriars House, Greyfriars Road, Cardiff, South Wales, CF10 3AL, company number 03857130. Confused.com is a trading name of Inspop.com Ltd. 


2. LifeSearch Partners Limited (FRN656479), for the introduction of Pure Protection Contracts and Private Health Insurance, who are authorised and regulated by the FCA to provide advice and arrange Pure Protection Contracts and Private Health Insurance Contracts.  LifeSearch Partners Ltd is registered in England and Wales to 3000a Parkway, Whiteley, Hampshire, PO15 7FX, company number 03412386.


3. HUB Financial Solutions, for the introduction of equity release advice and an annuity comparison service, who are authorised and regulated by the Financial Conduct Authority (‘FCA’) to provide advice and guidance on financial products for those who have retired or are approaching retirement (FCA Firm Reference Number: 455713). HUB Financial Solutions is registered in England and Wales to Enterprise House, Bancroft Road, Reigate, Surrey RH12 7RP, company number 05125701.


4. Alan Boswell Insurance Brokers Ltd (FRN 301), for the introduction of non-investment landlord insurances, who are authorised and regulated by the Financial Conduct Authority to provide advice and arrange insurance contracts. Alan Boswell insurance brokers Ltd is registered in England at Prospect House, Rouen Rd, Norwich NR1 1RE, company number 02591252.


Other financial services:

Mortgage service provided by London & Country Mortgages (L&C), Unit 26 (2.06), Newark Works, 2 Foundry Lane, Bath BA2 3GZ. London & Country are authorised and regulated by the Financial Conduct Authority (registered number: 143002). The FCA does not regulate most Buy to Let mortgages. Your home or property may be repossessed if you do not keep up repayments on your mortgage.


We do not make, nor do we seek to make, any recommendations or personalised advice on financial products or services that are regulated by the FCA, as we’re not regulated or authorised by the FCA to advise you in this way. In some cases, however, we have included links to regulated brands or providers with whom we have a commercial relationship and, if you choose to, you can buy a product from our commercial partners. 


If you go ahead and buy a product using our link, we will receive a commission to help fund our not-for-profit mission and our campaigns work as a champion for the UK consumer. Please note that a link alone does not constitute an endorsement by Which?.