FCA introduces new rules on handling complaints about Authorised Push Payment fraud.

The Financial Conduct Authority (FCA) has today published new rules allowing victims of Authorised Push Payment (APP) fraud to complain to the payment services provider (PSP) receiving their payment.

In the case of APP fraud, the PSP is often a bank which holds the accounts of either the victim or fraudster. Currently, the sending PSP, but not the receiving PSP, must handle these complaints in line with existing complaints handling rules in the FCA Handbook. These obligations have now been extended to the receiving PSP and victims can refer their complaints to the Financial Ombudsman Service if they are unhappy with the outcome. The new rules will come into force on 31 January 2019.

Christopher Woolard, Executive Director of Strategy and Competition said:

‘The FCA takes APP fraud and the harm it causes to consumers very seriously. Now victims of APP fraud can make a complaint to the PSP receiving their payment and if they’re not satisfied with the outcome, can refer their complaint to the Financial Ombudsman Service (link is external).’

APP fraud is where a fraudster tricks a payer into making an APP to an account controlled by that fraudster. UK Finance data on APP fraud show there were 43,875 cases of APP fraud and total losses of £236 million in 2017.

Following a super complaint by Which? (link is external) the FCA and Payment Systems Regulator (link is external) (PSR) investigated APP fraud and found that receiving PSPs could do more to identify fraudulent incoming payments and prevent accounts from being compromised by fraudsters. The FCA shares concerns with the PSR and the industry that APP fraud is a growing problem. Separately, a steering group established by the PSR is developing a voluntary industry code, which aims to set standards for PSPs to prevent and respond to APP fraud and reimburse victims of APP fraud in certain circumstances.


  1. PS18/22: Authorised push payment fraud – extending the jurisdiction of the Financial Ombudsman Service
  2. CP18/25: Approach to final Regulatory Technical Standards and EBA guidelines under the revised Payment Services Directive (PSD2)
  3. The FCA consulted on requiring PSPs to record and report any complaints about APP fraud to the FCA in CP18/25; the outcome of this will be published separately.
  4. The rules published today also extend the FCA’s complaint handling rules, and the Financial Ombudsman Service’s jurisdiction to include complaints by a payer about the receiving PSP’s cooperation with the sending PSP to recover funds from a payment transaction where incorrect details had been provided (regulation 90(3) of the Payment Services Regulations 2017).
  5. The PSR is the regulator for the payment systems used in APP fraud. Full information can be found on the PSR’s website (link is external).
  6. The FCA is the regulator for PSPs and is responsible for the complaints handling rules.
  7. In September 2016, Which? made a super-complaint (link is external) to the PSR and the FCA, setting out concerns about the protection available to victims of APP fraud.
  8. On 1 April 2013, the FCA became responsible for the conduct supervision of all regulated financial firms and the prudential supervision of those not supervised by the Prudential Regulation Authority (PRA).
  9. The FCA has an overarching strategic objective of ensuring the relevant markets function well. To support this it has three operational objectives: to secure an appropriate degree of protection for consumers; to protect and enhance the integrity of the UK financial system; and to promote effective competition in the interests of consumers.
  10. Find out more information about the FCA.