By clicking a retailer link you consent to third-party cookies that track your onward journey. This enables W? to receive an affiliate commission if you make a purchase, which supports our mission to be the UK's consumer champion.

Refund all victims of bank transfer scams, say MPs

The Treasury Select Committee calls for retrospective compensation for scam victims
Gareth Shaw

Victims who have lost thousands of pounds by transferring money to a fraudster since 2016 should be paid back by their bank, a damning report published by an influential committee of MPs has claimed.

More than £500m has been lost to bank transfer scams - technically known as 'authorised push payment' fraud - since 2017. This is where you are tricked into sending money to a criminal's bank account.

In May 2019, a new voluntary code of conduct was introduced that could help reimburse victims of this crime, but only if their bank had signed up and you had lost money after the code was introduced. A dozen major banks are still to sign up to the code.

But a new report published by the Treasury Select Committee has called for banks to compensate victims dating back to 2016 when Which? launched a legal challenge to regulators to tackle this crime.

It has also called for the reimbursement code to be mandatory, meaning that all bank customers benefit from protection from this kind of scam, and banks who don't introduce technology to match names and bank account details should be fined.

Be more money savvy

free newsletter

Get a firmer grip on your finances with the expert tips in our Money newsletter – it's free weekly.

This newsletter delivers free money-related content, along with other information about Which? Group products and services. Unsubscribe whenever you want. Your data will be processed in accordance with our Privacy policy

How does bank transfer fraud work?

In the past, scammers have posed as your bank, your solicitor or official bodies such as HMRC, using sophisticated methods of impersonation - 'spoofing' the genuine contact details of these organisations.

Another common method used by fraudsters involves posing as your bank and contacting you to tell your account has been 'compromised', and to transfer your savings to an account set up by the fraudster, which they have told you is safe.

Claiming for fraud compensation

In May 2019, a voluntary code of conduct was introduced to give customers more protection from bank transfer fraud. So far, just over half of the UK's banks have signed up to it.

The code requires banks, building societies and other payment providers to do more to protect customers from scams or, if they fail to do so, to reimburse victims.

Banks will need to take steps to detect payments that might involve scams, provide clear warnings to customers about the risks of bank transfers, and identify potentially vulnerable customers. They must also freeze or delay payments that they think might have come about from scams.

If either the bank that sends the funds or the one that receives them fails to meet these standards, it must reimburse you for the money you have lost. If neither you nor the bank was at fault, you will still be reimbursed from a bank-funded compensation fund.

Call for retrospective compensation

The Treasury Committee found that victims who'd been scammed prior to the code's introduction could not be reimbursed, as retrospective compensation would have been a barrier to getting banks to sign up to a voluntary agreement.

However, the report states that banks have known about this issue since 2016, when Which? launched its complaint, and that banks had failed on its duty to protect its customers by not introducing technology to prevent this type of scam.

It urged banks to reconsider refusal to reimburse earlier victims of bank transfer fraud - particularly those who were vulnerable to scams.

Who has signed up to the code?

By current estimates, around 85% of bank transfers are processed by signatories to the code. You can find out if your bank has signed up by searching the table below:

When we last contacted banks in August 2019, 12 had not yet signed up, potentially leaving millions of customers unprotected.

Of these, nine said they were working towards becoming signatories, namely:

  • Bank of Ireland
  • Citibank
  • Clydesdale Bank
  • Monzo
  • Post Office Money
  • Tesco Bank
  • Co-operative Bank
  • Virgin Money
  • Yorkshire Bank

A further three - Danske Bank,First Trust Bank and N26 - told us they were still assessing what becoming a signatory involves.

TSB, meanwhile, has actually gone beyond the requirements of the code by committing to compensate any blameless customer that falls victim to a scam.

The Committee report called on the code to be compulsory for all payment services providers, but that this would need to be done through legislation. So the ball is back in the court of MPs to force firms to join the code.

New scheme to warn customers of fraud risk

The code also requires banks to introduce new technology to warn customers about fraud.

This technology is called Confirmation of Payeeand it has a very simple meaning: your bank will need to tell you if the name you've entered for the account you're paying matches the account holder.

Banks were originally meant to implement this technology by July 2019, but this has now been delayed. Only the six biggest banks - Barclays, HSBC, Lloyds Banking Group, Nationwide, RBS Group and Santander - are required to have Confirmation of Payee in place, but by March 2020. TSB will also implement this technology.

The panel of MPs were not satisfied with the delays. It said that the Payment Systems Regulator, the watchdog that oversees the payments industry, should fine firms if they miss the deadline.

It also said that firms should consider introducing a mandatory 24-hour delay on first-time payments (when you're sending money to someone for the first time) as a way of reducing fraud, especially when people are being pressured by scammers to transfer money urgently.

Find out more: vital bank security check delayed until 2020

More on this

Related articles

About Us

Which? Limited is registered in England and Wales to 2 Marylebone Road, London NW1 4DF, company number 00677665  and is an Introducer Appointed Representative (FRN 610689) of the following:


1. Inspop.com Ltd for the introduction of non-investment motor, home, travel and pet insurance, who are authorised and regulated by the Financial Conduct Authority (FCA) to provide advice and arrange non-investment motor, home, travel and pet insurance products (FRN310635). Inspop.com Ltd is authorised and regulated by the Financial Conduct Authority (FCA) to provide advice and arrange non-investment motor, home, travel and pet insurance products (FRN310635) and is registered in England and Wales to Greyfriars House, Greyfriars Road, Cardiff, South Wales, CF10 3AL, company number 03857130. Confused.com is a trading name of Inspop.com Ltd. 


2. LifeSearch Partners Limited (FRN656479), for the introduction of Pure Protection Contracts and Private Health Insurance, who are authorised and regulated by the FCA to provide advice and arrange Pure Protection Contracts and Private Health Insurance Contracts.  LifeSearch Partners Ltd is registered in England and Wales to 3000a Parkway, Whiteley, Hampshire, PO15 7FX, company number 03412386.


3. HUB Financial Solutions, for the introduction of equity release advice and an annuity comparison service, who are authorised and regulated by the Financial Conduct Authority (‘FCA’) to provide advice and guidance on financial products for those who have retired or are approaching retirement (FCA Firm Reference Number: 455713). HUB Financial Solutions is registered in England and Wales to Enterprise House, Bancroft Road, Reigate, Surrey RH12 7RP, company number 05125701.


4. Alan Boswell Insurance Brokers Ltd (FRN 301), for the introduction of non-investment landlord insurances, who are authorised and regulated by the Financial Conduct Authority to provide advice and arrange insurance contracts. Alan Boswell insurance brokers Ltd is registered in England at Prospect House, Rouen Rd, Norwich NR1 1RE, company number 02591252.


Other financial services:

Mortgage service provided by London & Country Mortgages (L&C), Unit 26 (2.06), Newark Works, 2 Foundry Lane, Bath BA2 3GZ. London & Country are authorised and regulated by the Financial Conduct Authority (registered number: 143002). The FCA does not regulate most Buy to Let mortgages. Your home or property may be repossessed if you do not keep up repayments on your mortgage.


We do not make, nor do we seek to make, any recommendations or personalised advice on financial products or services that are regulated by the FCA, as we’re not regulated or authorised by the FCA to advise you in this way. In some cases, however, we have included links to regulated brands or providers with whom we have a commercial relationship and, if you choose to, you can buy a product from our commercial partners. 


If you go ahead and buy a product using our link, we will receive a commission to help fund our not-for-profit mission and our campaigns work as a champion for the UK consumer. Please note that a link alone does not constitute an endorsement by Which?.