UK banking fraud losses reached £1.17 billion in 2024, with authorised push payment (APP) fraud — where victims are tricked into transferring money directly — accounting for the largest share. From October 2024, new FCA and PSR rules require UK banks to reimburse APP fraud victims in most cases. Yet millions of UK banking customers are still unaware of their rights, vulnerabilities, or the practical steps that reduce fraud risk by over 80%. This guide covers all of it.

The APP Fraud Crisis

APP (Authorised Push Payment) fraud is where you are deceived into transferring money to a fraudster — impersonating your bank, HMRC, a conveyancer, or a utility company. Victims authorise the transfer themselves, making it historically difficult to recover funds. From October 2024, the PSR's mandatory reimbursement rules require UK banks to reimburse victims up to £85,000 in most cases — but you must report promptly.

Your Rights Under UK Banking Regulations

  • FSCS Protection: Cash in UK-regulated banks, building societies, and credit unions is protected up to £85,000 per institution by the Financial Services Compensation Scheme (FSCS). This covers the event of bank failure — not fraud.
  • APP Fraud Reimbursement (from October 2024): PSR mandatory reimbursement rules require UK Payment System Participants (most major banks and payment firms) to reimburse APP fraud victims up to £85,000 within 5 business days, unless the customer was grossly negligent or acted fraudulently.
  • Chargeback Rights: For credit card transactions, Section 75 of the Consumer Credit Act gives you equivalent liability protection on purchases between £100 and £30,000. For debit card transactions, your bank's Visa/Mastercard chargeback scheme provides protection (though not a legal right).
  • Unauthorised Transactions: Under the Payment Services Regulations 2017, you are entitled to a refund for unauthorised transactions unless you were grossly negligent (e.g., wrote your PIN on your card).

Common UK Banking Fraud Types

Fraud TypeHow It WorksKey Protection
APP / Bank Transfer FraudFraudster impersonates bank, HMRC, conveyancerPSR mandatory reimbursement (from Oct 2024)
Card fraud (unauthorised)Card details stolen and used without consentBank refund under PSR 2017
PhishingFake emails/texts to capture login credentialsNever click links in banking emails/texts
SIM swap fraudFraudster takes over your mobile number for 2FAUse app-based 2FA, not SMS
Conveyancing fraudEmail interception changes solicitor bank detailsAlways call your solicitor to verify account changes

Practical Security Steps

  • Never transfer money in response to a phone call — even if the caller claims to be your bank. Hang up and call your bank's official number from the back of your card.
  • Use app-based 2FA rather than SMS authentication where possible. SIM swap attacks can intercept SMS codes.
  • Check the name verification (Confirmation of Payee): All major UK banks now show the registered account name when you add a new payee. If the name doesn't match who you expect, stop the transfer.
  • Separate accounts for different purposes: Keep a small current account for day-to-day spending and the majority of your savings in a separate savings account. Limits exposure if your current account is compromised.
  • Set low transaction limits: Most mobile banking apps allow you to set daily payment limits. Set these to your typical maximum to limit damage from unauthorised access.
  • Report fraud immediately: Call your bank's fraud line (usually 24/7) immediately. The sooner you report, the better the chance of recovery and the stronger your reimbursement claim.

Reporting Banking Fraud

  • Report to your bank immediately via their fraud line
  • Report to Action Fraud: 0300 123 2040 or actionfraud.police.uk
  • If dissatisfied with your bank's response, escalate to the Financial Ombudsman Service (free, independent): financial-ombudsman.org.uk
  • For investment fraud specifically: report to the FCA: 0800 111 6768

Fraud-Proof Your Banking This Week

1) Set up in-app alerts for all transactions above £50. 2) Switch SMS 2FA to app-based 2FA (authenticator app) on all financial accounts. 3) Set a sensible daily payment limit in your banking app. 4) Save your bank's official fraud line number in your phone separately. 5) Check your FSCS protection — ensure savings above £85,000 are spread across different institutions. These steps take under an hour.