Give us your details and we’ll be in touch asap


All Articles

Business Services

Business Tax

Personal tax

Probate and Inheritance Tax


Business Services

Are you on the alert for authorised push payment fraud?

By RJP LLP on 18 June, 2019

By now we probably all know of someone who has been defrauded online. In the first 6 months of 2018, almost half a billion pounds was taken from UK bank customers by fraudsters. Often the victims authorised the transactions themselves, in a type of fraud known as Authorised Push Payment (APP). This is the term used for situations where victims are provided with details for a fraudulent bank account to pay money into – usually for goods and services they are intending to purchase, and they unwittingly authorise the transaction.

It is described as the country’s fastest growing form of crime. In 2018, UK Finance (UKF) reported that £145 million was lost to push payment fraud in the first half of 2018 alone and there are significant difficulties in tackling the problem because fraudsters are very slick and even those who are informed and vigilant can be duped. That’s what happened to one of the Financial Times’s personal finance writers. He wrote about his experience after being conned out of over £10,000 – money he thought he was paying to his builder for an extension.

We have all had a giggle at the emails from ‘Princes’ in African countries, who ask for smaller sums of money in return for riches beyond belief because their assets have been frozen; they are totally unbelievable, but the case above is not, nor is the one below.

A client of RJP’s recently told us of a situation where her family was almost duped out of £7,500 when organising her father’s funeral. Clearly a time when people are not thinking clearly. Fraudsters had hacked into the funeral director’s email account and during email correspondence with customers they posed as the funeral company itself, asking for payments to be sent to their fake bank account. This was totally unbeknown to the client or the funeral director; the situation only became apparent during phone conversations. Luckily, in this case, the transaction was stopped, thanks to the bank’s own procedures, or it would have been a terrible loss for a family at a time of bereavement.

Common transactions for ‘push payment’ fraud

Typical ‘authorised push payments’ involve the fraudster infiltrating the payee’s email account details, posing as the payee and instructing customers to send (or push) money to a fraudulent bank account.

Here are 3 common examples:
• fraudster poses as a solicitor and asks the customer to transfer the deposit for a property purchase;
• fraudster poses as a builder or other personal service provider to receive a cash transfer;
• fraudster impersonates a friend and persuades you to transfer money.

The frauds almost always involve hacked e-mail accounts, whereby the fraudsters impersonate someone else to deceive, although telephone calls are not unknown. The proliferation of personal data available via social media and the dark web make this possible, enabling fraudsters to deceive customers in increasingly varied and sophisticated ways.


What can you do about push payment fraud?

The biggest problem with push payment fraud is that victims usually only realise once it is too late and the money is long gone, moved into another untraceable account. Since they have authorised the transaction personally, they forfeit the right to a refund (compared with cases where you spot some unexplained activity on your bank statement and can recoup the money lost).

On 28 February 2019, the Financial Conduct Authority (FCA) announced new rules to protect consumers and these came into effect on 28 May 2019. They enable customers who have fallen victim to authorised push payment fraud to seek recompense from the firm raising the invoice, as well as from the firm through which the funds were sent. This means the supplier of goods and services has an obligation to help protect its customers, and banks processing the transactions have a responsibility.

Customers can also pursue matters through the Financial Ombudsman Service (FOS) if they are not satisfied with the support that they receive from suppliers and the financial institutions themselves. For example, a recent 2019 case illustrates how the new rules protect consumers. In this instance, Santander was ordered by the FOS to refund a customer who had been tricked out of £12,000, stating that the customer was a “victim of a sophisticated scam with social engineering at the very heart of it”. The FOS commented: “It’s not fair to automatically call a customer grossly negligent simply because they’ve fallen for a scam. That’s especially true in light of the sophisticated ways criminals exploit banks’ security systems”.


Here is how to prevent the fraud from happening in the first place

Use ‘confirmation of payee’ security software to check that the name on the beneficiary account matches that of the intended recipient. This itself is not infallible, but would protect the consumer in 65% of authorised push payment fraud cases.

However, by far the best way to protect yourself is to be aware and don’t be in a rush. Ask for paper copies of invoices and payment instructions in hard copy too. If you then receive electronic requests for payment and bank details, verify them directly with the service provider to ensure they match.

Most accountants and solicitors will always deal with hard copies when it involves making payments. RJP LLP is authorised by the ICAEW to undertake probate work for clients and this involves organising the payment of often large sums of money – the deceased’s estate - into beneficiaries’ accounts. We will never accept that information electronically without following up with a telephone conversation.

Although it is very positive these new rules are in place to protect consumers, it’s far better to be extra vigilant in the first place. Get paper copies of documents, verify information over the phone as a precaution and always think carefully when authorising a transaction. Fraudsters will always be looking for opportunities to scam the unsuspecting, so work with people you can trust and if something sounds too good to be true, it probably is.

Read more articles like this

Vans redefined as cars. What are the vehicle tax implications?

Covid-19: Claims open for second and final self-employed support grant

Revisions to insolvency laws due to Covid-19

Getting ready for the end of furlough support

Summer Budget 2020 Update

Share this:

All Articles

Business Services

Business Tax

Personal tax

Probate and Inheritance Tax



31 December 2020 - Review disposals of chargeable assets to avoid a possible CGT increase

Capital gains tax is due to be reviewed by the government and if a CGT rise is announced, the new rates may become effective from the next tax year on 6 April 2021. Take advice now if you are thinking of selling property or have other assets giving rise to a capital gains tax liability.