Authorised Push Payment (APP) Scam

Under the Payment Services Regulations 2017, a payment is unauthorised if the account holder did not make it themselves or give permission for it, and the provider is responsible for refunding unauthorised payments unless the consumer was g

Banks must monitor account activity for unusual transactions and take reasonable steps to protect customers from apparent fraud risks, including intervention before processing suspicious payments.

A bank signatory to the Contingent Reimbursement Model Code must reimburse victims of Authorised Push Payment scams unless specific exemptions apply, and the bank's failure to intervene pre-payment does not excuse liability where the scam w

Under the Payment Services Regulations 2017, a payment service provider must refund unauthorised payments unless the consumer failed with intent or gross negligence to keep secure information safe.

A payment service provider must reimburse unauthorized payments unless the consumer failed to keep their security credentials safe with gross negligence or acted fraudulently.

Banks must provide meaningful, targeted risk-based intervention when customers make unusual international payments that display characteristics of investment scams, in accordance with the Payment Services Regulations 2017 and the FCA's Cons

An EMI should intervene and warn customers when transaction patterns indicate heightened fraud risk, particularly for cryptocurrency-related payments.

Firms must implement proportionate fraud prevention measures and scam warnings tailored to identifiable risks, particularly for cryptocurrency payments, to avoid foreseeable harm under the FCA's Consumer Duty.

Banks have a contractual right to refuse payment instructions or delay them to investigate suspected fraud, and good practice requires them to exercise reasonable vigilance for signs of APP scams even where not legally obligated to do so.

Payment service providers must intervene with human checks on unusually large international payments from new accounts to protect customers from scams, even though customers are presumed liable for authorised payments.

Payment service providers should reimburse victims of authorised push payment scams under the CRM Code unless limited exceptions apply, including where the customer lacked a reasonable basis for belief in the payee's legitimacy.

Under the Faster Payment Scheme Reimbursement Rules, a bank must reimburse an APP scam victim where deception caused the payment to be made for a purpose other than intended, particularly if the victim is a vulnerable consumer.

An Electronic Money Institution must take reasonable steps to identify and intervene in suspicious payment patterns that demonstrate hallmarks of fraud, even for new customers.

Compensatory interest on refunded amounts in scam cases should be calculated from the date of each individual payment to the date of settlement, not from the date of the final transaction or claim logging.

Banks must intervene with tailored warnings when payment patterns suggest APP scam activity, and liability for losses should be shared where the bank fails to intervene despite clear warning signs.

A bank may fairly reimburse a customer for authorised payments made as a result of fraud when the bank missed opportunities to intervene through additional checks.

Banks must take appropriate steps to intervene and protect vulnerable customers from investment scams when warning signs are present.

A firm signed up to the Contingent Reimbursement Model Code must reimburse an authorised push payment scam victim unless it can establish the customer made the payment without a reasonable basis for belief in the payee's legitimacy or had a

Banks should monitor accounts for unusual transactions and take additional steps to prevent scams, irrespective of customer authorization, particularly when patterns suggest potential fraud.

Banks must intervene to prevent APP scams where they have reasonable grounds to suspect fraud, even when the customer has authorized the payment.

A bank should intervene and question suspicious transactions to prevent authorised push payment scams, and bears responsibility for losses that could have been prevented by effective earlier intervention.

Payment Service Providers must monitor accounts for signs of fraud and scams, intervening with additional checks or warnings on high-risk transactions such as cryptocurrency payments, even where the customer has authorised the transaction.

A bank signatory to the Contingent Reimbursement Model Code should reimburse customers who make payments as a result of APP Scams unless specific exceptions apply, and banks should exercise due diligence when customers make unusually large

Payment service providers must exercise reasonable care to identify and intervene in potentially fraudulent transactions, particularly when payment patterns show unusual escalation and characteristics inconsistent with the customer's normal

A payment can be fairly considered authorised if confirmed by the customer in their banking app through stronger authentication, even if the customer was manipulated by a scammer into doing so.

Firms must act fairly and reasonably to protect customers from fraud, but customers remain liable for authorised payments unless covered by the Contingent Reimbursement Model Code.

Banks must reimburse victims of Authorised Push Payment scams under the CRM Code unless specific exemptions apply, and cannot dismiss claims as mere civil disputes without proper investigation.

Banks should reimburse customers who fall victim to Authorised Push Payment scams under the CRM Code, even where sophisticated fraud is involved, if the customer genuinely believed the payment was for legitimate purposes.

A bank should reimburse a customer under the CRM Code for an Authorised Push Payment where the customer transferred funds believing they were for legitimate purposes but which were actually fraudulent, even if sophisticated due diligence wa

Banks must reimburse customers for Authorised Push Payment scams under the CRM Code when the customer believed the payment was for legitimate purposes but it was actually fraudulent.

A bank that is a signatory to the CRM Code must assess APP Scam claims on their merits rather than dismissing them as private civil disputes without proper investigation.

Banks must reimburse customers for authorised payments made in response to scams under the CRM Code, except where the customer exhibited gross negligence or the bank had reasonable grounds to believe the payment was for a legitimate purpose

Banks must make reasonable fraud checks on transactions according to regulatory expectations and good industry practice, and where they fail to do so, they may share responsibility with the consumer based on contributory negligence.

An account holder is normally only responsible for payments they have authorised, but authorisation can be given through permission for others to make payments on their behalf, even if the account holder has been deceived by a scam.

Banks must monitor accounts for unusual transactions and intervene proportionately to prevent customers suffering financial harm from fraud, even where payments are customer-authorised.

Payment service providers should monitor customer accounts for fraud and scam risks, and intervene when transaction patterns present a material risk of financial harm.

Electronic money institutions must take steps to keep customer accounts safe by looking out for payments indicating risk of fraud and intervening where appropriate.

Under the Payment Services Regulations 2017, financial institutions must refund customers for unauthorised transactions unless the customer acted with gross negligence or intent to share security details.

A business that fails to fully rectify a consumer's credit file following confirmed identity fraud must compensate for demonstrable losses caused by the continued adverse reporting.

Authorised Push Payment (APP) scams covered by the CRM Code require reimbursement where a customer transfers funds believing they are for legitimate purposes but they are in fact fraudulently obtained.

Firms signatory to the CRM Code must reimburse customers who are victims of Authorised Push Payment scams unless specific exceptions apply.

Under the Contingent Reimbursement Model Code, a firm must reimburse a customer who is the victim of an authorised push payment scam where the customer transferred funds for what they believed were legitimate purposes but which were in fact

A consumer who authorizes a payment to accounts in their own name can still be a victim of an Authorized Push Payment (APP) scam under the CRM Code if they were deceived about the legitimacy of the investment and lost control of the funds.

A payment services provider should intervene on suspicious payments, and consumers bear shared responsibility when they fail to heed red flags despite the provider's failures.

Payment service providers cannot hold account holders liable for unauthorised payments made via distance contracts under the Payment Services Regulations 2017, even if the account holder shared security credentials following a scam.

A bank signatory to the CRM Code must reimburse victims of authorised push payment scams on the balance of probabilities, even while external investigations are ongoing, unless a specific exemption applies.

Under the Contingent Reimbursement Model Code, firms must reimburse scam victims unless they can establish the customer ignored effective warnings or lacked reasonable basis for belief in the transaction's legitimacy.

A bank signatory to the CRM Code should reimburse a victim of an APP scam unless limited exceptions apply, and a police investigation does not prevent the ombudsman from assessing the complaint.

A bank signatory to the CRM Code must reimburse customers who are victims of authorised push payment (APP) scams except in limited circumstances, and cannot indefinitely pause a decision pending police investigation.

A financial institution must take reasonable steps to protect customers from authorised push payment fraud and should have intervened when transaction patterns suggested the customer was likely being scammed.

A firm may decline APP scam reimbursement under the CRM Code if the customer failed to act with reasonable care, unless the customer is considered vulnerable under the specific CRM definition.

A financial institution may be liable for losses from investment scams where it could have intervened through warnings or contact, but contributory negligence should not be applied to reduce compensation when the consumer was targeted by a

A payment service provider has a fair and reasonable obligation to monitor accounts and intervene in potentially fraudulent transactions, particularly where there are signs of multi-stage cryptocurrency scams.

Payment Service Providers can be liable for APP scam losses outside statutory reimbursement rules where they fail to provide adequate warnings that would have prevented the fraud.

Under the Payment Services Regulations 2017, a payment can be considered authorised where a customer completes in-app authentication, even if induced by a scammer, provided the authentication screens clearly presented payment details and ap

Banks must intervene when payments are unusual or suspicious enough to reasonably suggest fraud risk, balancing fraud prevention against customer service disruption.

Banks must identify and prevent sufficiently unusual or uncharacteristic payments to protect customers from fraud, particularly where cryptocurrency purchases are involved.

Banks must intervene on large cryptocurrency payments where fraud risk is heightened, but consumers bear partial responsibility for losses from investment scams.

A bank must intervene where it identifies substantial payments indicating risk of financial harm from known scam types, particularly cryptocurrency investments.

Banks must intervene with probing questions when customers make large cryptocurrency payments, as such transactions carry elevated scam risk.

Under the CRM Code, a firm must reimburse APP scam victims unless the customer was deceived into transferring funds for fraudulent purposes that differed from their believed legitimate purpose.

Under the CRM code, firms must reimburse customers who are victims of scams except in limited circumstances, and this assessment can be made on the balance of probabilities without waiting for criminal investigations to conclude.

Banks must intervene when customers make payments to cryptocurrency exchanges, but consumers share responsibility when they fail to conduct basic due diligence checks before transferring substantial sums.

Banks must monitor accounts for unusual transactions indicative of fraud and scams, and take additional steps or warnings before processing payments where appropriate, particularly for cryptocurrency-related transactions.

A bank signatory to the CRM code must reimburse customers who are victims of scams as defined in the code, even though the customer authorized the payment.

A bank should intervene on suspicious cryptocurrency payments when the circumstances indicate potential fraud, even when funds are sent to an account in the customer's own name.

An EMI must balance its contractual duty to process authorised payments with a fair and reasonable obligation to implement proportionate fraud prevention measures and intervene where payments appear suspicious.

Payment Service Providers must reimburse APP scam victims within defined timeframes under the Reimbursement Rules and cannot delay decisions pending police investigations.

A firm signed up to the CRM Code should reimburse a customer who is the victim of an APP scam unless limited exceptions apply, and it is appropriate to determine such complaints based on available evidence rather than waiting for ongoing ex

Banks must reimburse customers for authorised push payment fraud under the CRM Code unless they can rely on a valid exception, which requires an effective warning and the customer's failure to take reasonable care.

A firm must take reasonable steps to identify and warn customers about unusual payment patterns that may indicate fraud risk, even when a payment is technically authorised.

An EMI must take reasonable care to organise its affairs responsibly and effectively with adequate risk management systems, and must avoid causing foreseeable harm to customers by having inadequate systems to detect and prevent scams.

A bank should intervene to prevent fraud when presented with warning signs such as rapid successive payments for gift cards, even if the consumer bears some responsibility for their own lack of caution.

Payment services providers must monitor accounts for fraud risk and intervene proportionately before payments are made, even when the reimbursement rules cap is met.

A bank may be responsible for refunding authorised payments if it fails to carry out adequate checks to protect customers from investment scams, with liability apportioned based on the customer's own due diligence.

Banks may be expected to take additional steps to protect customers from fraud through further checks before processing payments, even when customers have authorized the transactions.

Firms should take reasonable steps to identify and warn customers of potential fraud or scams where payment patterns are unusual, even when the customer has authorised the payment.

Under the FPS Reimbursement Rules, a payment service provider must reimburse APP scam payments made by vulnerable consumers regardless of whether the consumer failed to exercise caution.

Banks must reimburse customers who are victims of APP scams under the CRM Code, unless specific exceptions apply, and a scam exists where a fraudster acts with dishonest deception rather than a genuine business failing.

Payment service providers are liable for unauthorised payments unless the customer authorised them, even if obtained through deception, but customer shares responsibility where they actively confirmed payments despite warnings.

A bank's obligation under the Contingent Reimbursement Model Code to reimburse APP Scam victims depends on whether the consumer exercised appropriate care in executing the payment.

Electronic Money Institutions must monitor accounts for unusual transactions and take additional steps to prevent fraud, particularly in cryptocurrency scams.

Payment service providers cannot hold account holders responsible for unauthorised payments made via distance contracts unless the account holder is proven to have authorised the transaction themselves.

A bank should intervene to prevent payment fraud when it identifies unusual and out-of-character transaction patterns that indicate a customer may be at risk of financial harm.

Banks cannot indefinitely defer APP scam reimbursement decisions under the CRM Code merely by awaiting external regulatory investigations when sufficient evidence of scam intent already exists.

Under the CRM Code, firms must reimburse customers vulnerable to APP scams unless specific exceptions apply, and vulnerability assessments must consider the customer's circumstances at the time of the scam.

Under the Contingent Reimbursement Model (CRM) Code, a customer is entitled to reimbursement for APP scam losses even when funds are transferred to an intermediary that is FCA authorised, provided the customer lost control of funds for frau

Payment service providers are only responsible for reimbursing authorised push payments made to accounts not under the consumer's control under the Faster Payments Scheme Reimbursement Rules; customers bear responsibility for other payments

A bank may be held responsible for reimbursing an authorised payment made as a result of an APP scam, even where the payment was sent to a genuine regulated intermediary, if the underlying investment was itself a scam.

Banks must reimburse victims of Authorised Push Payment scams under the CRM Code unless limited exceptions apply, and cannot delay decisions pending criminal proceedings.

Banks signed up to the Contingent Reimbursement Model Code must reimburse victims of Authorised Push Payment scams unless specific exemptions apply, and fairness does not require delaying determination pending criminal investigations when s

Under the CRM Code, firms must reimburse victims of APP scams unless the customer ignored an effective warning or lacked a reasonable basis for belief in the legitimacy of the payee or transaction.

Banks must reimburse victims of APP scams under the CRM Code unless the transaction constitutes a private civil dispute.

A bank may be required to reimburse a customer for an authorized payment made as a consequence of fraudulent deception, even where the CRM Code's APP scam definition does not apply, if the firm receiving funds had dishonest intentions from

A bank signatory to the CRM Code must reimburse victims of authorised push payment scams unless the bank establishes that the customer ignored an effective warning or lacked a reasonable basis for belief in the payee's legitimacy.

Under the CRM Code, a sending firm may choose not to reimburse a customer for an APP scam if the customer failed to meet their requisite level of care, but the firm must have provided an Effective Warning at the time of the transaction.

A bank must intervene when a customer's transaction pattern is inconsistent with their normal behaviour and raises scam concerns, even if the customer has been coached by scammers about what to say.

Banks are not required to reimburse APP scam victims under the CRM Code when the customer fails to meet their own obligations regarding reasonable caution.

Authorized payment scam losses are the customer's liability unless the bank failed to exercise reasonable care and follow industry best practice standards for identifying vulnerable consumers and detecting suspicious transaction patterns.

A bank is not required to intervene and refuse payment authorization when transactions to cryptocurrency platforms, though part of a scam, do not appear unusual relative to the customer's account usage patterns.

Authorised push payments made by consumers following successful scams are not covered by chargeback scheme protections, and banks are not obligated to reimburse losses where the consumer authorised the transaction.

A bank is only liable to reimburse authorised payments if they constitute an APP scam under the CRM Code definition, which requires the payee to have acted with fraudulent intent from the outset or early stage.

Authorised payment services transactions place initial liability on the consumer, but providers may be expected to intervene with additional checks or warnings where heightened scam risks are present.

An authorised push payment must meet the definition of an APP scam under the Reimbursement Rules (involving fraudulent deception where the recipient is not as intended or the payment purpose differs) for a PSP to be required to reimburse th

A bank must process authorized payments but may need to intervene where circumstances suggest risk of scam, though customer authorization and lack of obvious red flags limit this duty.

Payment Service Providers are not liable for Authorised Push Payments that fall outside the FPS/CHAPS Reimbursement Rules, and cannot be expected to intervene where the transaction does not appear unusual relative to the customer's account

Authorised Push Payment scams require criminal deception; disputes over defective goods or services are civil matters not covered by reimbursement rules.

Authorised push payment scams under the Reimbursement Rules require the recipient to not be who the consumer intended to pay or the payment to not be for the intended purpose, and private civil disputes are excluded from coverage.

A bank is not liable for authorized push payments (APP) scams where the customer has authorized the payment, even if the recipient fails to deliver goods or services, unless the bank failed in its duty of care.

Under the CRM Code, a bank is not required to reimburse an authorised push payment scam victim if the victim did not have a reasonable basis for believing the payment was for genuine goods/services or that the payee was legitimate.

APP scam reimbursement under the CRM Code and FPS rules does not apply to private civil disputes, and the burden of proof for fraud requires convincing evidence of criminal deception.

Customers authorising payments to accounts they control are not automatically entitled to reimbursement under APP scam reimbursement rules, and providers are not liable if dishonest answers during intervention would have prevented scam disc

Banks are not required to reimburse authorised push payment scams where the payment was sent to an account outside the UK, as the PSR Reimbursement Rules only apply to UK accounts.

A bank is expected to process authorized payments in accordance with regulations, but may have obligations to intervene where circumstances suggest potential fraud despite customer authorization.

An Authorised Push Payment (APP) scam under the Reimbursement Rules requires criminal deception; a private civil dispute where a consumer pays an intended recipient but receives defective or incomplete goods/services is not covered.

An Authorised Push Payment scam requires evidence that the recipient intended to defraud the consumer at the time the payment was procured, not merely that the promised goods were not delivered.

A bank is only required to reimburse authorised payments under the CRM Code if the customer was victim of an APP scam where the third party intended to defraud from the outset, not merely a civil dispute over non-delivery of services.

An APP scam requires fraudulent or dishonest conduct to manipulate a consumer into transferring funds to an account not controlled by them, where the recipient or purpose differs from the consumer's intention; private civil disputes are exc

A payment to an intended recipient for an intended purpose does not constitute an APP scam under the Reimbursement Rules, even if the payee fails to deliver as expected or engages in civil wrongdoing.

Authorized push payments that result from a genuine civil dispute (unpaid loan) rather than fraud are not covered by the CRM Code and cannot be reimbursed by the bank.

Unauthorised Push Payment (APP) scams covered by the CRM Code do not include private civil disputes such as unpaid loans between acquaintances.

Payments authenticated using registered device biometrics and confirmed through explicit app screens constitute authorised payments under the Payment Services Regulations 2017, even when made under scam duress.

Payments made to a customer's own account under their control are not covered by APP scam reimbursement rules, and a bank's obligation to intervene depends on whether intervention would likely have prevented the loss.

A bank is not liable for processing an authorised payment merely because the funds were subsequently lost to fraud, absent sufficient grounds to suspect the customer was at risk of financial harm.

A private civil dispute between a consumer and a seller over goods quality does not constitute an Authorised Push Payment (APP) scam under the Reimbursement Rules, as the consumer was not deceived about the identity of the payee or the purp

APP scam reimbursement under FPS rules requires the recipient not to be the intended payee or the payment purpose to differ from the consumer's intent; a civil dispute over non-delivery of goods does not constitute an APP scam.

A bank is not liable for losses from an investment that fails unless it breached its own account opening or monitoring procedures, regardless of whether the investment was a scam.

A firm is only liable to reimburse a customer for an authorised payment if there is sufficient evidence that the payment was obtained through fraud with criminal intent by the recipient.

A payment is authorised under the Payment Services Regulations 2017 if the customer consented to it, regardless of whether they were deceived about the circumstances, and consent does not require informed consent.

A bank is only required to reimburse an authorised push payment scam under the CRM Code if the recipient's actual purpose was fraudulently different from the customer's understood purpose.

A bank is only required to reimburse an authorised push payment scam under the CRM Code if the customer was deceived into transferring funds to a different person or for fraudulent purposes, supported by evidence of the recipient's dishones

Authorised Push Payment scams under the Reimbursement Rules require criminal deception about the payment purpose or recipient identity, whereas civil disputes over service quality or pricing do not qualify for reimbursement.

Authorised push payment scams under the CRM Code require proof that the consumer was deceived into transferring funds to a different person or for fraudulent purposes, and do not apply to civil disputes over services not received or defecti

A civil dispute between a consumer and a payee for non-delivery of goods or services does not constitute an Authorised Push Payment scam under the FPS Reimbursement Rules unless there is convincing evidence of fraudulent intent at the time

A firm is not responsible for an APP scam loss unless the consumer can provide convincing evidence demonstrating they were dishonestly deceived about the purpose of the payments, with criminal intent established.

An authorised push payment only falls within the CRM Code's scope if it meets the definition of an APP scam involving deception about the recipient's identity or fraudulent purpose; a civil dispute over defective goods or services is exclud

Under the FPS Reimbursement Rules, a PSP may apply an excess to an APP scam claim unless the victim was a Vulnerable Consumer whose vulnerability materially affected their ability to protect themselves from the scam.

Account providers must process authorised payments but also have a duty to monitor accounts for fraud and intervene in unusual transactions, though payments pre-dating the CRM Code are not covered by that scheme.

A firm may decline reimbursement for fraud losses if the consumer lacked a reasonable basis for believing the investment was legitimate, but cannot refuse reimbursement based on inability to verify legitimate grounds if sufficient confidenc

Banks must balance fraud prevention obligations against execution of authorised payments; customers bear liability for authorised payments even if deceived, but banks may be liable if they fail to act on information that should alert a prud

An EMI should monitor accounts for unusual transactions and intervene where suspicious activity suggests fraud risk, but customer non-cooperation with intervention attempts can prevent effective fraud detection.

A consumer must provide sufficient evidence to prove funds were lost to a scam before a financial institution can be required to reimburse them.

A payment services provider is expected to process authorized payments, but may intervene if transactions appear suspicious; however, intervention must be proportionate and the customer remains presumed liable in the first instance.

A bank must process authorized payments but may intervene proportionately if it identifies fraud risk, though the consumer remains presumed liable in the first instance.

A bank may be required to intervene on payments to protect customers from fraud where the transaction pattern raises concerns, but only if intervention would likely have prevented the loss.

A firm must monitor for unusual transactions and intervene where there is elevated fraud risk, but intervention is only required if it would likely have prevented the loss.

An EMI must monitor accounts for fraud risks and provide proportionate warnings when suspicious transactions are identified, but is not liable if clear warnings are given and the customer proceeds regardless.

Banks must intervene on high-value cryptocurrency transfers to warn of fraud risk, but are not liable if the consumer ignores warnings and provides false information about the transaction purpose.

A firm must monitor for unusual account activity and intervene to protect customers from fraud, but is not liable for losses where the customer resists protective questioning.

A firm must monitor for unusual account activity and take reasonable steps to protect customers, but is not liable for losses unless its failure to intervene was the effective cause of the customer's loss.

Consumers are generally liable for authorised payments, but banks must maintain adequate systems to detect and prevent foreseeable scams and provide tailored warnings, while consumers bear shared responsibility for losses where they fail to

A firm is required to process authorized payments, but can only be held liable for APP scam losses where the consumer establishes fraud on the balance of probabilities, which requires evidence beyond mere hypothesis that the investment fail

A bank's duty to protect customers from scams applies to the account holder entity, but reimbursement cannot be ordered unless that entity suffered the financial loss.

A bank is not automatically liable for scam losses simply because a scam occurred; it must have reasonably prevented the payments or hindered recovery for recompense to be fair.

A bank must process authorised payments, but should intervene proportionately where fraud risk is apparent, and liability depends on whether intervention would have prevented the loss.

A payment services provider is expected to process authorised payments but should intervene if there are clear indications of fraud risk, with intervention being proportionate to the circumstances.

A financial institution is not required to reimburse scam losses where the consumer cannot provide sufficient evidence that a scam occurred as described, particularly when the consumer's testimony alone cannot be reliably established.

Authorised Push Payment scams are only covered by the Reimbursement Rules where there is criminal deception; civil disputes between consumers and payees, such as dissatisfaction with goods or services, fall outside this protection.

A payment service provider is not liable for authorised payments made by a customer unless it failed to intervene where it had reasonable grounds to suspect fraud and such intervention would likely have prevented the loss.

An EMI must process authorised payments but should monitor for fraud risks; however, where a customer provides misleading information and ignores warnings, the firm is not liable for losses from scams they authorised.

A bank is not liable for an authorised payment made by a customer to a genuine merchant, even if the customer was deceived by a scammer, unless the bank unreasonably failed to prevent or recover the payment.

A bank is presumed not liable for authorized payments unless it reasonably ought to have prevented them or unreasonably hindered recovery.

A firm is only required to reimburse an APP scam victim if the consumer has provided evidence establishing fraud on the balance of probabilities; mere investment failure does not constitute a scam absent supporting evidence.

A firm is not liable for authorized payments unless the customer was demonstrably the victim of an APP scam, which requires proof on the balance of probabilities that fraud occurred rather than mere contract failure.

A firm must process authorised payments but may be liable if it fails to intervene on unusual account activity, though intervention must have been likely to prevent the loss.

A firm's fraud prevention obligations are predicated on establishing that a scam actually occurred and the consumer was coerced into it, which requires consistent evidence and testimony from the complainant.

A bank's obligation to protect against fraud and scams is predicated on the consumer having been actually scammed, which requires consistent evidence of coercion and the circumstances of how the scam occurred.

A bank is expected to process authorized payments, but may take additional protective steps if payment instructions are unusual enough to trigger fraud concerns under Payment Services Regulations 2017 and industry good practice.

A bank or EMI must protect customers against fraud and scams so far as reasonably possible, but the starting position is that liability for an authorised payment rests with the payer, even if duped into making it.

A payment service provider is not automatically liable for losses from authorised payments made by a scam victim, even if it provided warnings, unless it failed to act fairly and reasonably in the specific circumstances.

A bank must process authorised payments but may fairly reimburse customers who fall victim to fraud if intervention could have prevented the loss, though the CRM Code does not apply to international payments.

Under the Payment Services Regulations 2017, a consumer is liable for authorised payments unless they can demonstrate they were unauthorised or that the bank failed to intervene when it should have done so.

A bank is not automatically liable for losses from scams merely because a scam occurred; it is only fair to require reimbursement if the bank reasonably ought to have prevented the payments or hindered recovery, while the customer remains p

An electronic money institution is expected to process authorised payments, and is not liable for fraud losses unless a proportionate intervention would have prevented the payment.

Payments made in private civil disputes between consumer and payee, rather than criminal APP scams, are not covered by faster payment reimbursement rules.

Banks must monitor accounts for fraud risks and intervene with warnings, but customers who ignore such warnings and are not forthcoming about payment purposes cannot recover losses under the CRM Code.

An electronic money institution must process authorised payments but may take additional protective steps where transactions present heightened fraud risk, though consumers remain presumed liable for authorised payments in the first instanc

A bank is presumed liable only where it should have prevented payments through additional checks, and liability should be fairly apportioned between the bank's intervention failures and the customer's own protective measures.

A payment made with the account holder's credentials and OTPs is authorised under the Payment Services Regulations 2017, even if the account holder was deceived by a scammer using remote access software.

Cryptocurrency withdrawal services fall outside FOS jurisdiction as they are not regulated financial activities under DISP 2.3, though fiat currency transfers and conversions may be reviewable.

A bank is not liable to refund money sent by a customer to a payment recipient they themselves selected and authorized, even if the recipient account was ultimately controlled by scammers, where the customer had the technical capability to

A scam reimbursement claim under the CRM Code requires evidence that the recipient intended to defraud from the outset, not merely that a civil dispute or breach of contract occurred.

The CRM Code only applies to APP scams where a customer is deceived into transferring funds to a different person or for fraudulent purposes, not to civil disputes with legitimate businesses.

Under the Contingent Reimbursement Model (CRM) Code, a bank must reimburse customers for authorised push payment scams only where funds were transferred for purposes the customer believed were legitimate but were in fact fraudulent, excludi

Private civil disputes between consumers and payees are not covered by APP scam reimbursement rules; an APP scam requires evidence of criminal deception where either the recipient or purpose of payment was misrepresented.

A bank is not liable for authorised payments made by a scam victim unless the bank's failure to intervene proportionately would have prevented the loss but for that failure.

A bank is not liable for authorised payments made by a customer who was deceived, unless the bank failed to take proportionate fraud prevention steps that would have prevented the loss.

APP scams require evidence of criminal deception; private civil disputes between consumers and payees are not covered by reimbursement rules.

Payments to legitimate suppliers who fail to deliver goods or services constitute civil disputes rather than Authorised Push Payment (APP) scams and fall outside the Reimbursement Rules.

A bank's primary obligation is to process authorized payment instructions without delay, and it is not responsible for protecting customers from risky investment decisions unless there is clear evidence of fraud that proportionate intervent

A bank's primary obligation is to process authorized payments without delay, and it is not responsible for protecting customers from risky investments unless it can be shown that a proportionate intervention would have prevented the loss.

An Authorised Push Payment scam under the CRM Code requires dishonest deception about the purpose of the payment at the time it was made, not merely subsequent failure to deliver on promises.

A private civil dispute between a consumer and payee does not constitute an Authorised Push Payment (APP) scam under the FPS Reimbursement Rules, and banks are not liable for losses arising from such disputes.

A private civil dispute between a consumer and a service provider over non-delivery of work does not constitute an Authorised Push Payment (APP) scam under the FPS/CHAPS Reimbursement Rules, even if the consumer believes they have been defr

Payment service providers must process authorised payments but should take proactive steps to identify and prevent potentially fraudulent transactions; however, intervention will only justify refunding if it would have prevented the loss.

A bank is expected to process authorised payments, but should proactively intervene in unusual transactions that suggest fraud risk; however, it is only liable for losses if such intervention would have prevented the scam.

A firm must process authorised payments but must also monitor for unusual transactions and take reasonable steps to protect customers; however, the consumer must demonstrate on the balance of probabilities that they were victims of an APP s

A firm must process authorized payments but customers must demonstrate fraud on the balance of probabilities to obtain reimbursement for investment losses.

A customer who authorises a payment lacks a reasonable basis for belief that an investment is genuine when red flags such as social media sourcing, guaranteed returns, and personal account transfers are present, allowing the bank to rely on

A bank's duty to prevent fraud is limited to what it could reasonably have identified based on observable warning signs, and the bank's obligation is assessed against whether it acted fairly and reasonably in its circumstances.