From this week, banks will finally accept responsibility for paying back any money that is stolen from customers’ bank accounts.
This major U-turn has been brought about following pressure by the Payment Systems Regulator, the body responsible for monitoring the payments system in the UK.
Last year, £228 million was stolen from 78,215 individuals by fraud. Both the amount recorded and the number of victims were more than double those in 2017.
Almost none of the money was reimbursed, though the banks did manage to track down about £43m in the system and return it to its rightful owners.
Now, thanks to a new code, almost all such stolen money should be reimbursed. The code goes by the rather unfriendly name of the Contingent Reimbursement Model and applies where someone is deceived into making a payment to a thief.
Under the code, banks must take all steps they can, using available technology, to prevent thefts. At present, however, they continue to fail to spot unusual transactions, allowing thieves to open or take control of accounts, and track down only 20 per cent of the stolen money in time to recover it.
Banks have so far refused to introduce the simple provision that would prevent many of these thefts: checking if the name on the account matches the name that the victim thought they were paying money to.
They should have started doing this in 2018. It will not now begin before April 2020 at the earliest. Even if a bank has done everything it can to prevent fraud, innocent victims will still be reimbursed from a special fund, which the banks themselves are paying for, at least until the end of this year.
The new code will apply to any fraud that occurs from 28 May, but it will not be retrospective.
Although it is good in theory, we do not know how it will be honoured in practice – or if, say, it will cover you if someone calls claiming your account has been compromised and instructs you to move money to another “safe” account. Just say no.