Signatories to the CRM Code, governed by the Lending Standards Board (LSB), have made strides forward in their effort to stamp out transactions resulting in Authorised Push Payment (APP) scams, though areas of inconsistent application persist, according to the latest review.
The “2022 review of adherence to Contingent Reimbursement Model (CRM) Code for APP scams” evaluated signatories’ application of its provisions across the customer’s entire payment journey. It concluded that firms have:
- placed an increased focus on scam prevention
- adopted sound governance structures and suitable executive accountability
- adopted customer transaction analytics to prevent suspicious payments
- enhanced digital effective warnings to be more targeted
This progress on consumer protections comes at a time when financial security is of paramount importance to households across the UK, with the cost-of-living crisis front of mind for everyone.
The review goes on to set out areas on which signatory firms should focus. These include developing further safeguards for when payments are initiated through face-to-face interactions, enhancing customer communications, and conducting further work to support vulnerable customers.
Whilst in some instances customer communications following a scam were found to be improving, actions in this area have been submitted to firms by the regulatory body where improvements are still needed. This included ensuring the rationale for a reimbursement decision is made clear to prevent customers from falling for future scams. The LSB also reinforced the Code is not binding on customers, after finding examples where the rationale behind a reimbursement decision was based on the customer not meeting a ‘standard of care’.
Emma Lovell, chief executive of the LSB, said: “APP scams have a lasting impact on victims’ mental health and their trust in others. Across industries, a greater focus on scam prevention is needed to stop both the harm caused to customers and lost funds going on to fund serious, organised crime.
“Signatory firms, under the Code’s requirements, have an improved focus on preventing APP scams from happening in the first place. We would urge those not signed up to do so, providing their customers with these increased levels of protection.”
The CRM Code, launched in 2019, is the only set of protections for customers to detect, prevent, and respond to APP scams. The review was conducted across the nine firms that were signatories to the CRM Code as of 1 February 2022.