Insight: Why there’s a problem with the Reimbursement Code

Emma Lovell,
26 May 2022

Naming something might be one of the hardest, seemingly arbitrary phases that any creator has to go through, whether that’s a parent, inventor, biologist or – yes – a regulatory body and its industry collaborators.

What if the name doesn’t suit? Doesn’t match the product’s function, or personality?

APP scams on the rise

When the Contingent Reimbursement Model Code (the CRM Code) for Authorised Push Payment (APP) scams was named and introduced by the UK industry in 2019, the focus of its title was on what customers might be most immediately worried about: whether or not they would be reimbursed in the event of losing money after falling victim to a scam.

Emma Lovell, CEO of the Lending Standards Board

Afterall, the introduction of the Code and its reimbursement measures marked a major milestone for signatory firms’ customers, a first-of-its-kind safety net should they fall victim to a scam through no fault of their own.

The rising number of APP scams – which occur when customers are tricked into authorising a payment to an account they believe belongs to a legitimate payee – in tandem with greater volumes of payments being sent and received online, has meant a growing number of people are becoming victims of APP scams.  

Scammers are becoming increasingly sophisticated, and scams increasingly convincing and widespread, meaning reimbursement will always have to be, and should be, a part of this regulatory narrative.

Reimbursement is also understandably high on the UK Government’s agenda, after new legislation on reimbursement was announced in this year’s Queen’s Speech. 

What’s in a name?

However, just as REM (rapid eye movement) sleep is not only about rapid eye movement, but several other factors like intense dreaming and temporary paralysis, the CRM Code is not just about reimbursement. 

Victims of APP scams suffer emotional distress, with feelings of guilt, shame, worry and embarrassment being all too common. These are feelings that cannot be expunged through reimbursement.

This means if we rely solely on reimbursement as the solution to APP scams, we are diverting our focus from preventing customer harm and stopping scams in their tracks, which is by far the ideal outcome for customers and for the wider industry.

Reimbursement also does not address the fact that APP scams often form part of a wider, serious issue. In many instances, money lost to scammers goes towards funding serious organised, and other, crime. 

As such, beyond the commitment of CRM Code signatories to reimburse victims where they were not to blame for the success of a scam, are two equally important but oft-overlooked objectives: detection and prevention of scams.

The only way to achieve good outcomes for customers is to – as an industry – pour our collective efforts into all three of the Code’s objectives. 

Getting more firms to sign-up to the Code is also crucial – to increase collaboration, improve current data analysis and ensure a wider spread of customers are offered by the Code’s vital protections. Information can and should be shared on why some scams proceed and others are abandoned.

Successful collaboration could also see the development of a powerful movement to shine a light on scams and empower customers to protect themselves.  

Prevention, as well as protection

Although the fight against APP scams has some way to go, the progress made by signatories stands them in good stead should the Code become mandatory. Those not signed up simply cannot offer the same level of protection to their customers.

The more signatories we have, the more effectively we can ensure industry best practice, and the more customers we can protect. 

But the responsibility to prevent scams in an increasingly expansive payments landscape cannot solely lie with banks and lenders. Other sectors – including utilities, telecommunications and social media – must also step up to the plate and put their own vital prevention measures in place. Often, by the point of payment, it is too late – social engineering has convinced the customer that the payment is legitimate.

The earlier prevention steps are taken, the greater chance of protecting the customer from falling victim to a scam. We urge other sectors to identify the ways in which they can intervene, and act on these measures urgently.  

Only by all sectors playing their part can we truly win the fight against APP scams.

Written by Emma Lovell, CEO of the Lending Standards Board