APP Scams: Reimbursement Rules

Claim submission to AB PLUS

Important information about your protection against

Authorised Push Payment scams

From 7th October 2024, if you make a payment in the UK using the Faster Payment Scheme (FPS) or the Clearing House Automated Payment System (CHAPS), you may be eligible for a refund if you become a victim of Authorised Push Payment (APP) fraud.

This change covers these payments when they are made by consumers, but also covers

micro-enterprises and certain charities.* Your terms and conditions will also be updated by 9th April 2025 to include the details of how you’re protected.

Next Steps

You do not need to take any action as a result of this change. The new rules will come into effect automatically from 7th October 2024.

What is APP fraud?

Authorised push payment fraud happens when you are tricked by a criminal into sending money to an account that they control and which you do not.

Making Claims

To make a successful claim, you must report the fraud as soon as possible and provide all the information we need to complete our investigation. We may ask you to report the fraud to the police or do that on your behalf.

Each claim is reviewed on a case-by-case basis, and not all claims may be refunded. For

example, if we can see there has been gross negligence by the account holder. This could include ignoring direct warnings before making a payment.

Lastly, the maximum amount of money you can claim under the rules is £85,000, a limit

which has been set by the Payment Systems Regulator (PSR).

More Information

If you want to find out more about APP fraud, you can go to this page here on the Take

Five website which explains the rules in more detail and provides helpful guidance on how to protect yourself from these scams.

microenterprises are defined as enterprises that employs fewer than ten persons and have either an annual turnover or annual balance sheet total that does not exceed €2 million, charities are defined as a body whose annual income is less than £1 million per year and is a charity as defined by the Charities Act 2011, Charities and Trustees Investment (Scotland) Act 2005 or the Charities Act (Northern Ireland) 2008.

What is an APP Scam?

APP Scams, also known as bank transfer scams, are a type of fraud in which an individual or organisation is tricked into transferring money to a fraudster’s account. This type of fraud typically occurs when the fraudster poses as a legitimate individual or entity (such as a vendor, supplier, or employee of a company) or even family and friends.

The fraudster will usually contact the victim through email, phone, or text message and provide them with false information, such as fake invoices or payment requests. The victim is then instructed to make a payment to the fraudster’s account, often under the guise of urgent or time-sensitive circumstances.

The fraudster will use various tactics to convince the victim to transfer the funds, such as creating a sense of urgency, threatening legal action or penalties, or providing fake assurances of security or legitimacy.

Once the victim transfers the funds, the fraudster will quickly withdraw the money from the account, often leaving the victim with little to no recourse to recover the lost funds.

Can I submit a reimbursement claim to you if I have been the victim of an APP Scam?

If you have been the victim of an APP Scam from 7 October 2024, you may be able to submit a reimbursement claim to us if the following has occurred:

  • you are a consumer, micro-enterprise or charity;
    • “consumer” means an individual who, in contracts for payment services to which the Electronic Money Regulations 2011 and Payment Services Regulations 2017 apply, is acting for purposes other than a trade, business or profession
    • “micro-enterprise” means an enterprise that employs fewer than 10 persons and whose annual turnover and/or annual balance sheet total does not exceed €2 million (or equivalent)
    • “charity” means a body whose annual income is less than £1 million and is registered in accordance with the relevant legislation in the UK
  • you are a customer of ours and hold an account with us;
  • the payment transaction was authorised by you from your account held with us to a third party in the UK;
  • the third-party account that the payment was sent to is not controlled by you;
  • the payment transaction was authorised on 7 October 2024 or later;
  • the payment was sent through the Faster Payments System or CHAPS;
  • the payment was sent to an unintended recipient that you were deceived into transferring to, or it was sent to the recipient after being deceived as to the purpose of the transfer; and
  • the payment transaction was authorised within 13 months of the date you are making a claim.

If your claim meets the requirements set out above and no exceptions under the APP Scam Reimbursement Rules apply, then the final reimbursable amount (as determined by our investigation) will be paid to you within five (5) business days of receiving the claim (unless we are permitted to extend this timeframe under the APP Scam Reimbursement Rules).

Please note that an excess of up to £100 will be applied to an APP Scam claim if you are not a vulnerable customer. This amount will be deducted from the amount reimbursed to you.

Can my reimbursement claim be rejected?

Your APP Scam claim may not be approved by us in the following circumstances:

  • if it did not meet the requirements set out above
  • for any amount claimed in excess of £85,000
  • Any international payments or payments made using cheques or cash;
  • where payments are sent or received by credit unions, municipal banks and national savings banks;
  • if the consumer standard of caution exception applies in clause 2 (unless you are considered a vulnerable customer)
  • if the amount claimed is the subject of a civil dispute or other civil legal action;
  • if you have acted fraudulently, such as by committing first party fraud;
  • if the APP Scam claim has been submitted fraudulently or dishonestly; or
  • if otherwise required by applicable laws, including the APP Scam Reimbursement Rules set out by the PSR, Pay.UK and any other relevant regulatory authorities (as they may be amended from time to time).

Please note that the above list is a non-exhaustive list of the reasons your APP Scam claim may not be approved. We must assess your APP Scam claim on a case-by-case basis in accordance with the relevant APP Scam regulations and will only approve a claim that meets all regulatory requirements.

What is the consumer standard of caution exception?

The consumer standard of caution is a set of requirements which all customers are expected to meet. If any component is not met due to the customer’s gross negligence, then an exception will apply and a payment service provider will be entitled to reject an APP Scam reimbursement claim.

Under the consumer standard of caution, customers are expected to meet the following requirements:

  • to have regard to any specific interventions, such as warnings, given by their payment service provider or competent national authority (such as the police);
  • to promptly report the scam to their payment service provider upon learning or suspecting of falling victim to a scam;
  • to comply with appropriate information requests from their payment service provider to support the assessment of the claim; and
  • to report to the police or allow their payment service provider to do so on their behalf, if required.

Where the victim was a vulnerable customer at the time the payment transaction was authorised, the consumer standard of caution exception will not apply.

How do I make an APP Scam claim?

From 7 October 2024, customers with eligible APP Scam claims (being claims that meet all of the requirements set out above) will be able to complete an online claim form. Please note that in order to investigate an APP Scam claim, we may be required to share personal information (such as your name and account information) with the receiving payment service provider.

To submit an APP Scam reimbursement claim to AB PLUS, please use this online form:

Claim submission to AB PLUS

If you are dissatisfied with the outcome of an APP Scam claim, you may follow our existing complaints process (including referring your complaint to the Financial Ombudsman Service if eligible). Details of our complaint’s procedure can be found here: https://abmoneyplus.com/contact-us/abcomplaint-us

How do I protect myself against APP Scams?

We recommend customers try to take proactive steps to protect themselves against APP Scams, such as those listed below.

  • Be wary of sceptical or unsolicited offers (such as investment opportunities that seem too good to be true) or payment requests. Make sure to research the company/individual first and don’t be afraid to verify their identity by contacting them directly through their official contact details.
  • If you have received an unexpected call or message from an organisation, verify that it is genuine by contacting the organisation directly through their official contact details.
  • If someone is pressuring you to make a payment quickly, take the time to think about it before authorising any payments to them.
  • Report suspected scams to relevant national authorities as soon as possible. Other helpful resources can be found at: https://stopscamsuk.org.uk/

What other types of fraud should I be aware of?

Account takeover

Account takeover is a type of fraud where criminals gain unauthorised access to a customer’s account, typically through phishing scams, social engineering, or various forms of hacking to trick the account holder into providing sensitive information.

Once a criminal has access to an account, they can steal funds, make unauthorised transactions, or change the account details to lock the legitimate owner out of their account, causing significant financial losses.

Preventative measures include implementing strong authentication measures and security protocols such as multi-factor authentication, monitoring for suspicious login activity, educating customers, and having a response plan and a refined procedure in place for notifying affected customers and law enforcement agencies.

Cyber fraud

Cyber fraud refers to any fraudulent activity that takes place online and typically involves using the internet or technology to deceive individuals and organisations into providing sensitive information.

It includes phishing scams, identity theft, hacking, and malware attacks. Cyber fraud can be committed by individuals or organised groups who target vulnerable entities lacking adequate security measures.

Examples include email scams requesting, fake websites, and ransomware attacks, leading to financial loss, reputational harm, and legal consequences.

To prevent cyber fraud, keep software up to date, use strong and unique passwords, be wary of suspicious emails and messages, use two-factor authentication and keep sensitive information private.

CEO email fraud

CEO email fraud, also known as business email compromise, is a type of cyber fraud where criminals impersonate a CEO or another high-level executive to trick employees and partners into transferring funds or sensitive information, causing significant financial losses and reputational damage.

The fraudster creates an email address similar to the targeted executive’s by slightly altering the domain name, then requests urgent payment or transfer from the finance or accounting department, and uses various tactics to create a sense of urgency or authority by claiming the requested funds are needed to close a critical deal. The funds will then be sent to the criminal’s account through a series of intermediaries or shell accounts. These are often difficult to trace.

To prevent this fraud, payment firms should implement strict authentication protocols for all financial transactions including multiple levels of approval, educate employees, conduct regular security audits, and have a response plan in place for recovery of stolen funds and notifying law enforcement.



A&B GENERAL (UK) Limited is regulated and authorised by the Financial Conduct Authority under the payment services (API) A&B General (UK) Limited is EMD Agent of the (EMI) Payrnet Limited and of Payrnet is authorised and regulated by the FCA registration number 716949 in UK. Registered Office: M302, Trident Business Centre, 89 Bickersteth Road, Tooting, London, SW17 9SH. Company Registration number: 6928080

The card and accounts are issued by PayrNet Ltd and licensed by Mastercard International Incorporation. PayrNet Ltd is authorised by the FCA to conduct electronic money service activities under the Electronic Money Regulations 2011 (Firm Reference Number 900594).

The Financial Services Compensation Scheme does not cover electronic money products. No other compensation scheme exists to cover losses from your electronic money account. Your funds will be held in one or more segregated bank accounts with a regulated third party credit institution, in accordance with the provisions of the Electronic Money Regulations 2011.