The Green Sheet Online Edition
July 14, 2025 • 25:07:01
A view from the UK: APP, where are we now?
It’s been just over nine months since the UK introduced sweeping reforms targeting authorized push payment (APP) fraud, a milestone that offers a chance to reflect on the reforms' impact so far.
While it's still too early for a full assessment, the ripple effects across the payments sphere are already undeniable: an industry shaped by consumer compensation rules, rising operational pressure on providers, and changing fraud tactics that are testing the limits of prevention for businesses.
APP fraud remains one of the fastest-growing financial crimes. Distinct from other forms of fraud, APP scams involve victims being conned into willingly authorizing payments to criminals, usually under misleading fabrications. Once sent, these funds are typically gone for good, with little recourse.
According to UK Finance, UK losses in 2023 totaled an alarming £459.7 million, with online platforms responsible for 76 percent of cases. While most digital scams involve frequent, smaller-value transactions, phone-based variants, though less common, tend to extract significantly larger sums from targets.
To address what had long been a regulatory and reputational sore spot, the Payment Systems Regulator (PSR) mandated that as of October 2023, both sending and receiving banks share liability for reimbursing APP fraud victims. Payouts must be processed within five working days, up to a cap of £85,000.
The reform was designed to level the playing field and offer consumer protections in line with the sophistication of today’s fraud threats. But these changes have not landed quietly.
Reimbursement gains and industry fallout
The first and most visible outcome of the rule change has been a marked increase in consumer reimbursements. More victims are now getting their money back, a clear win for individuals previously left without remedy. But this victory for consumers has brought with it a wave of resistance from across the financial sector.
Payment firms, especially smaller fintechs and PSPs handling real-time payments, are warning that the cost burden imposed by the new liability framework is putting untenable strain on their businesses.
A number of providers have already made the difficult decision to wind down operations or exit the UK market entirely. One notable casualty, the eco-focused fintech firm Tred, pointed to the APP fraud rules as a direct factor in their closure earlier this year, stating that the new model made their business unviable.
Fraudsters adapt, so do banks
Predictably, fraudsters have adjusted swiftly to the new regulatory terrain. As liability shifted, the sophistication of scams kept pace. Voice cloning, deepfake scams and artificial intelligence-driven impersonation attacks are gaining ground, making it harder than ever for users to discern legitimate communication from manipulation.
This uptick in tech-enhanced fraud presents a major challenge for fraud prevention teams and further complicates the job of customer authentication.
The new environment has also accelerated a broader conversation about risk allocation. For years, consumers bore the bulk of APP fraud consequences, often with limited support. Now, some financial firms argue the pendulum has swung too far in the other direction.
They warn that overly generous refund policies could incentivize carelessness among consumers—or even lead to an increase in first-party or friendly fraud, where individuals falsely claim to be victims in order to secure a refund.
In response, many banks have ramped up their protective measures. Multi-factor authentication is increasingly becoming standard, and there’s been a notable expansion in the use of behavioral analytics, machine learning and confirmation of payee (CoP) services to verify recipients before funds are released.
These tools undoubtedly strengthen the integrity of payments—but they also introduce friction into what has become an expectation of seamless, real-time financial transactions.
Meanwhile, real-time payment providers are facing particularly sharp growing pains. Many smaller firms and niche PSPs that were previously able to compete on speed and convenience are now struggling with the operational and financial demands of compliance. For them, absorbing liability costs or introducing extensive verification layers can mean lost customers, thinner margins or unsustainable business models.
Opportunity amid disruption
So, where does this leave us now? There’s no doubt the changes have brought greater awareness to APP fraud and introduced more robust protections for consumers. However, the new burden placed on providers has exposed weaknesses in real-time infrastructure, challenged traditional business models and opened the door to new types of fraud risks.
Ultimately, the advancement of APP fraud policy in the UK could become a blueprint for other markets. Or it might serve as a cautionary tale on the risks of moving too far, too fast. What’s certain is that the battle over who pays for fraud—and how it can be prevented—has only just begun. 
Roger Alexander serves as a key adviser to Chargebacks911’s Advisory Board and its CEO, Monica Eaton, assisting the company with its expansion initiatives, including the highly-anticipated launch of its dispute resolution solution set to address the record spike of authorized push payment (APP) fraud claims. Alexander has previously served in various leadership roles within the payments and financial services sectors, including directorial roles at Barclays and subsequently as the CEO of Switch (the UK’s debit card) and president of Elavon Merchant Services Europe. He is currently a strategic advisor for Tarci and Pennies, a major UK charity. To learn more, visit: https://chargebacks911.com. Contact Roger Alexander via LinkedIn at https://www.linkedin.com/in/alexanderroger/.
Notice to readers: These are archived articles. Contact information, links and other details may be out of date. We regret any inconvenience.
