Say you have a large amount of cash in your current account. Perhaps you've just downsized. You aren't sure what to do with it. So you leave it there for now. Then a competent-sounding man gets in touch. Perhaps he says he is a policeman; he persuades you, one way or another, that your cash is in danger where it is and you should transfer it to another account. His.
Or perhaps the scam is harder to spot a hacked email that looks to be from your solicitor asking you to settle a stamp duty bill by sending £25,000. Or your builder emailing his bank details, adding that he needs to be paid before the weekend. Either way, if you transfer the cash, you will have fallen victim to authorised push payment fraud (APP) "authorised" because you agreed to it and "fraud" because you were tricked and the money is gone.
It's more likely to happen to anyone who is a mixture of anxious and unwary but the fraudsters are so sophisticated that even journalists at the Financial Times have been conned. Last year, 78,000 UK bank account holders lost nearly £350m this way, mostly from personal accounts. Another £700m worth of attempted APPs were caught and stopped. No wonder safety deposit boxes are rising in popularity. (Metro Bank offers them at all branches by the way, at an annual cost of £270 for the smallest and £750 for the largest).
Subscribe to MoneyWeek
Subscribe to MoneyWeek today and get your first six magazine issues absolutely FREE
Sign up to Money Morning
Don't miss the latest investment and personal finances news, market analysis, plus money-saving tips with our free twice-daily newsletter
Don't miss the latest investment and personal finances news, market analysis, plus money-saving tips with our free twice-daily newsletter
But here's the really important question: if you fall for APP fraud, who is responsible? Is it you because you were stupid enough to transfer money to or hand your passwords to a stranger? Why should other bank customers or shareholders take a hit because you've been a bit of a nitwit? Or is it the bank's fault for not having proper security in place?
This wouldn't have happened in the past when shifting cash involved physical trips to the bank (and fraud involved stealing people's chequebooks). Why should digitalisation transfer risk to the customer?
It wouldn't happen now if there were more firewalls protecting your cash. These range from the simple, such as calling people with too much money in a current account and advising them to put it in an interest-paying savings account; to the complicated, including behavioural alerts and biometric barriers.
Most banks say that the innocent will be reimbursed a new voluntary code of practice came into force this year and TSB even offers a "fraud refund guarantee" to customers. But speak to anyone who has fallen victim to this type of fraud and the shock of losing their money is second only to that of how dreadful banks' customer services teams are at dealing with the aftermath.
There is little sympathy and seemingly little urgency to trace the stolen cash on its journey through the banking system. Filling in forms and waiting days or weeks for an acknowledgment is a common experience. The banks view losses as a cost of doing business; for those who have lost life-changing sums, the impact is felt more deeply.
The next question is who pays the victims back? There had been an idea that banks would set up an insurance-style fund together. The likes of Lloyds and RBS proposed a 2.9p charge on every cash transfer over £30 made via the Faster Payments System. This would be popped into a central fraud fund and then used to reimburse any "no blame" victims those who do "everything expected of them" to stop it happening.
But not all banks like the idea. They don't want to absorb a charge like this, or pass it on to customers. And they especially don't want to if their own security is so good that their customers don't experience much fraud.
As far as some of the digital challenger banks are concerned, if they agree to this levy they will effectively be agreeing to have their customers bail out those of the old banks who have worse security than the newcomers say they do. In the absence of industry consensus, this means the banks will now have to self-fund compensation.
That's good news for us for the simple reason that the big banks will have to invest in improving their IT systems to cut the material cost of compensation.
The challenger banks already have lower fixed-cost bases than the big banks a newly built, resilient, reliable cloud-based high-security system that's mostly automated and scalable is cheaper and easier to deal with than a patchwork of old and new systems.
All banks like to say they are tech companies with a banking licence attached, but it is more true of some than of others. The incumbents can do without another cost that hits them more than their new rivals. You may have already noticed their attempts to mitigate this in the shape of a relentless parade of on-screen warnings to customers making transfers.
This stuff matters. Being reimbursed is good, but it doesn't take away from the trauma of being scammed in the first place or the admin involved in trying to get your money back. The more the banks are incentivised to stop it happening in the first place, the better.
In the meantime, what do you do? Maybe look to an account at the challenger banks if you do keep a lot of cash I have no evidence to prove that their security procedures are generally better, but the argument that digital banks are more fit for purpose in a digital age makes sense.
Younger people are very security conscious 80% of them have opened a challenger bank account in the past five years, and a third of them told a survey this month that they would pay between £3 to £5 extra to have biometric security on their debit cards.
They may still have the Lloyds account that their mum opened for them 20 years ago, but they aren't loyal to it. If you are an investor in the big UK banks, this is something to remember we need banking, but we don't necessarily need old-style retail banks.
Otherwise, my advice is the usual: assume the worst of anyone who calls claiming to be from your bank or giving any reason for you to transfer money. Don't provide a password or a PIN. Don't agree to repay money put into your account by mistake. Be particularly suspicious of any requests for cash outside normal working hours or any that sound urgent. Never agree to remote access to your computer. Hang up and call your bank back (on a different line if possible) on the number on your debit card. Don't open suspicious links. And this time of year, watch out in particular for failed transaction fraud when an email arrives from a retailer saying your payment hasn't gone through and could you input details again.
You might think you are too clever for all this, but 78,000 people would disagree with you.
• This article was first published in the Financial Times
-
Barclays warns of significant rise in social media investment scamsInvestment scam victims are losing an average £14k, with 61% of those falling for one over social media. Here's how to spot one and keep your money safe
-
Over a thousand savings accounts now offer inflation-busting rates – how long will they stick around?The rate of UK inflation slowed again in March, boosting the opportunity for savers to earn real returns on cash in the bank. But you will need to act fast to secure the best deals.
-
Our pension system, little-changed since Roman times, needs updatingOpinion The Romans introduced pensions, and we still have a similar system now. But there is one vital difference between Roman times and now that means the system needs updating, says Merryn Somerset Webb.
-
We’re doing well on pensions – but we still need to do betterOpinion Pensions auto-enrolment has vastly increased the number of people in the UK with retirement savings. But we’re still not engaged enough, says Merryn Somerset Webb.
-
Older people may own their own home, but the young have better pensionsOpinion UK house prices mean owning a home remains a pipe dream for many young people, but they should have a comfortable retirement, says Merryn Somerset Webb.
-
How to avoid a miserable retirementOpinion The trouble with the UK’s private pension system, says Merryn Somerset Webb, is that it leaves most of us at the mercy of the markets. And the outlook for the markets is miserable.
-
Young investors could bet on NFTs over traditional investmentsOpinion The first batch of child trust funds and Junior Isas are maturing. But young investors could be tempted to bet their proceeds on digital baubles such as NFTs rather than rolling their money over into traditional investments
-
Negative interest rates and the end of free bank accountsOpinion Negative interest rates are likely to mean the introduction of fees for current accounts and other banking products. But that might make the UK banking system slightly less awful, says Merryn Somerset Webb.
-
Pandemics, politicians and gold-plated pensionsAdvice As more and more people lose their jobs to the pandemic and the lockdowns imposed to deal with it, there’s one bunch of people who won’t have to worry about their future: politicians, with their generous defined-benefits pensions.
-
How the stamp duty holiday is pushing up house pricesOpinion Stamp duty is an awful tax and should be replaced by something better. But its temporary removal is driving up house prices, says Merryn Somerset Webb.
