Fighting Fraud (Fraud Act 2006 and Digital Fraud Committee Report) Debate

Full Debate: Read Full Debate
Department: Home Office

Fighting Fraud (Fraud Act 2006 and Digital Fraud Committee Report)

Lord Young of Cookham Excerpts
Friday 30th June 2023

(1 year, 4 months ago)

Lords Chamber
Read Full debate Read Hansard Text Watch Debate Read Debate Ministerial Extracts
Lord Young of Cookham Portrait Lord Young of Cookham (Con)
- View Speech - Hansard - -

My Lords, it is a real pleasure to follow the noble Baroness. We are all absolutely delighted that she has made a recovery from her recent hospitalisation and is once again able to take part in our proceedings. The points she made about AI and the skills shortage are well taken. I look forward every weekend to reading her column in the Sunday Times. It is also a pleasure to be reunited with the fraud squad who took part in the committee and to endorse what others have said about the qualities of our chairman and support staff.

The theme running through our inquiry and this debate is the mismatch between, on the one hand, the incidence of fraud and the damage it causes and, on the other, the resources devoted to it. This was well summed up by the Chief Inspector of Constabulary, Andy Cooke, an impressive witness. He said that:

“You could probably times the £80 million by five and you would start to make a small dent in relation to the scale of the problem”.


His comments were reinforced by what Mark Fenhalls, chair of the Bar Council, told us:

“The state has retreated from the investigation and prosecution of fraud over the last 15 years”.


Prosecutions went down from 20,000 a year in 2010 to about 5,000 a few years ago. The government response to our report, while welcome, was drafted by one of our more cautious civil servants:

“We recognise that there needs to be improvements in the response to fraud, from the reporting process through to investigations”.


But, in fairness to the Government, the Minister Tom Tugendhat took a more robust approach when he gave evidence.

Before I sat on this committee, I was doubtful about the success of police and crime commissioners. However, I was impressed by the performance of Mark Shelford, the Avon and Somerset police and crime commissioner, and his approach to fraud. I was delighted to read in his report:

“I personally have taken on the national lead role for economic and cybercrime on behalf of the Association of Police and Crime Commissioners”.

We need more like him.

I will focus my remarks on authorised push payment fraud and compensation. The Payment Systems Regulator, the PSR, reported that there are more incidents of APP fraud than any other type of fraud in the UK, with 95,000 incidences in the first half of last year and gross losses of £250 million. I wholeheartedly agree with one part of our recommendation in the report, which has been adopted: that the recipient bank should be in the frame as well as the paying bank. The paying bank is acting on the instructions of a legitimate customer. The recipient bank has allowed a fraudster to open an account, almost certainly with false details, or is operating an account on behalf of a money mule, aiding and abetting a crime. If banks devoted the energy with which they pursue noble Lords, who are politically exposed persons, to explain how we got every penny we own to checking up on the authenticity of the new accounts operated by fraudsters, there would be a lot less crime.

I want to refer to an exchange which did not feature in our report. It took place on 10 March last year, when one of our witnesses was Revolut, which is basically in the money transfer business. I asked a question about suspicious authorised push payments:

“What percentage of customers do you convince that it is a fraud and that the payments should stop? To what extent does the customer just go on?”


This was the answer from Nicholas Taylor:

“Our machine learning models correctly identify over 90% of attempted APP fraud … It is incredibly difficult to break the spell. We have all the normal warnings before you make a transfer, but our models detect and block a payment post fact, where we think it is a fraud, and then we make the customer talk to one of our agents. Even after we have directly intervened, 80% of them still go on to make the payment”.


We heard at an IPT breakfast seminar last July that the larger banks have even more sophisticated systems, using behavioural biometrics, data analysis and other technologies to detect fraudulent payments, and their experience is the same. Sadly, as we heard from one of the brave victims who gave evidence to us in Birmingham, at least one victim went ahead despite repeated warnings from her bank. I think that exchange influenced our response to the issue of reimbursement. We said:

“While we recognise the case for mandatory reimbursement of victims of APP fraud, we are concerned that a blanket reimbursement policy may lead to increased levels of moral hazard and fraud, and the perception that it is a ‘victimless crime’. In some cases, it may even lead directly to new avenues for APP-reimbursement frauds”.


We asked the Government to revise their proposals to legislate to allow the PSR to mandate blanket reimbursement of APP fraud conducted via faster payments. The government response did not take on board the risks of an overgenerous compensation scheme, it just recognised the urgency to protect consumers and said that they have given powers to the PSR to direct banks to reimburse victims of APP fraud.

The PSR then issued a comprehensive consultation document on proposals for reimbursement and responded earlier this month on 7 June. This was one comment on its proposals:

“Under the new legislation, 100% of consumers’ APP fraud losses will have to be reimbursed by PSPs, except in extreme cases of negligence on the part of the customer, which will—by all indications—be extremely rare”.


I am all in favour of improving the current position, in which only 46% of fraud is reimbursed. We need minimum standards and a common approach, but the proposals will apply to all cases, except where the customer has acted fraudulently or with gross negligence.

My concern is that, with consumers protected in this way, some customers may be willing to make more risky payments without properly considering the consequences, whereas we should be considering exactly the opposite. The proposal means that people who are careless will be fully compensated. I think this is overgenerous. If you are careless with your wallet, your insurance company certainly will not compensate you. If you are careless and damage your car, you will not be compensated. Obliging the banks to compensate you unless you have been grossly negligent is overgenerous, weakens the message that people should be careful and, far from deterring fraudsters, will encourage them. It is also inconsistent with the paragraph I quoted from our report. There is time to put this right, as the PSR is still consulting, before finally agreeing the regime. I will not be popular for saying this, but I urge them to think again.