Starling Bank Limited · DRN-6256440

The complaint Miss H complains that Starling Bank Limited hasn’t reimbursed a payment made as part of a scam. What happened Miss H is disputing one card payment for £345 which was made as part of a scam. Miss H had genuinely opened an account with an online marketplace before she was emailed by a scammer impersonating it. Believing it was a legitimate process to verify her payment details and receive payments she followed the instructions provided. As part of this Miss H was tricked into confirming a payment in her banking app which she says she didn’t understand would leave her account at the time. Starling declined to reimburse the payment – it considered that Miss H had authorised it using her biometrics and that it didn’t have grounds for a valid chargeback in the circumstances. When Miss H referred her complaint to our service, the investigator didn’t uphold it. They thought Starling could fairly treat the payment as authorised based on the steps Miss H took to confirm it. They also didn’t think Starling ought to have done more to prevent or recover the payment in the circumstances. Miss H didn’t agree, in summary she said: • She was tricked and so didn’t provide “informed consent”. She doesn’t agree she gave apparent authority as she didn’t intend on authorising a payment. • The warning she received wasn’t relevant as she wasn’t called by the scammer. • The payment should have been considered higher risk as it was to a money transfer service. The investigator explained why they still thought the payment could be considered authorised and they didn’t think Starling ought to have done more to prevent the payment. As an agreement couldn’t be reached, the matter has been passed to me for consideration by an ombudsman. What I’ve decided – and why I’ve considered all the available evidence and arguments to decide what’s fair and reasonable in the circumstances of this complaint. Having done so I’m not upholding this complaint for similar reasons to the investigator. It’s common ground that Miss H has been the victim of a scam, and I’m sorry to hear about how this has affected her. It’s not in dispute that Miss H was tricked into sharing her card details and that she verified the payment in-app. Has Starling acted fairly in treating the disputed payments as authorised?

-- 1 of 3 --

Under the Payment Services Regulations 2017 (PSRs) – the starting point is that Miss H is liable for authorised payments and Starling is liable for unauthorised payments. Where a payment is authorised, that will often be because the customer has made the payment themselves. But there are other circumstances where a payment should fairly be considered authorised, such as where the customer has given permission for someone else to make a payment on their behalf or they’ve told their payment service provider they want a payment to go ahead. When reporting the scam to Starling, Miss H confirmed she shared her card details and that it was her who confirmed the payment in her banking app. She said, “It asked me to verify the payment through the app” and “I was told that the payment would be reversed by the merchant once everything was verified”. So, it appears that the scammer used Miss H’s card details to make the payment and Miss H approved this in her banking app on the belief that the funds would be used as part of verifying her account and that she wasn’t expecting to lose them permanently. Based on the above I think Starling can reasonably treat the disputed payment as authorised – I appreciate Miss H thinks the steps she took should be considered a technicality, and she shouldn’t be held liable on the basis that she was tricked. Miss H says she didn’t give genuine, informed consent. But under the PSRs consent is a formal concept focused on the user completing the agreed steps, for these purposes it isn’t relevant why Miss H did so or that she thought she’d receive the funds back. Normally that would be a matter between the payer (Miss H) and the merchant (which I’ll address later regarding recovery of Miss H’s funds) rather than something Starling is responsible for. While Miss H didn’t give her card information directly to the merchant, I’m satisfied that Starling asked Miss H in a clear way whether she wanted the payment to go ahead – it asked her to review a card transaction and set out the amount she would be paying and the recipient – to which she selected “approve”. It was therefore reasonable for Starling to consider the payment had been made by Miss H or with her consent. Did Starling miss an opportunity to prevent Miss H’s loss? In broad terms, the starting position at law is that a payment service provider such as Starling is expected to process payments and withdrawals that a customer authorises it to make, in accordance with the PSRs and the terms and conditions of the customer’s account. But, taking into account longstanding regulatory expectations and requirements, and what I consider to be good industry practice, Starling ought to have been on the look-out for the possibility of fraud and made additional checks before processing payments in some circumstances I have reviewed Miss H’s account statements. Having considered when the disputed payment was made, its value and who it was made to, I’m not persuaded Starling ought to have found it suspicious or out of character for the account, such that it ought to have made enquiries of Miss H before processing it. The disputed payment was for a relatively low amount and so wouldn’t have appeared high risk and it wasn’t out of character for the account. I appreciate Miss H thinks that the fact it was a payment to a money remitter made it higher risk – but Starling does need to strike a balance between its obligations to follow its customer’s payment instructions with its responsibilities to prevent foreseeable harm. In the context of the payments’ value, Miss H’s account history, and the payment being approved in app by Miss H after she verified herself using biometrics, I don’t think Starling has failed in its obligations by not intervening.

-- 2 of 3 --

Miss H has raised that the warning in her banking app at the time of approving the payment wasn’t relevant to her circumstances. I appreciate that’s the case, but this was a general warning designed to help protect customers against a common scam. For the reasons I’ve explained, I wouldn’t have expected Starling to identify the disputed payment as higher risk to the extent that it needed to provide a tailored warning to Miss H in the circumstances. Could Starling have done anything else to recover Miss H’s money? For completeness, even though Miss H reported the scam quickly, the payment had already been processed. So, Starling wouldn’t have been able to stop the payment even if it showed as pending. I note that well publicised scam reimbursement schemes and the more recent APP reimbursement rules aren’t applicable to card payments. As the disputed payments were card payments, a recovery option that would have been available to Starling would have been through the chargeback scheme. The chargeback process is run by the card scheme provider to resolve payment disputes between customers and merchants – subject to the rules they set. As the scheme is voluntary and limited in scope, Starling wouldn’t be expected to raise a claim that it thought had no prospect of success. Here, Miss H had approved the payment through a stronger authentication process known as 3DS. And as the payment went to a genuine money transfer service, the service was provided, just not for the benefit of Miss H. Based on this there wasn’t a reasonable prospect of success on the available chargeback grounds and so I don’t think Starling acted unfairly in this regard. For these reasons, while I am sorry that Miss H has been the victim of a scam and for the impact this had on her, I don’t think Starling needs to do anything further in relation to the matter. My final decision My final decision is that I don’t uphold this complaint. Under the rules of the Financial Ombudsman Service, I’m required to ask Miss H to accept or reject my decision before 11 May 2026. Stephanie Mitchell Ombudsman

-- 3 of 3 --