Is your bank liable if you are victim of APP fraud?

January 21st 2021

Person making a bank payment on a laptop while holding their phone

Some of you may have come across the term push payments. These are payments where a customer authorises their bank to transfer money from their account to someone else’s account. These are known as authorised push payments (APP). 

In recent times fraudsters have targeted customers using APP. In simple terms APP fraud happens when fraudsters deceive customers to send them a payment to a bank account controlled by the fraudster. Experian noted that APP fraud was said to have accounted for more than £145 million lost in the first half of 2020.

Preying on vulnerable customers

UK Finance – the collective voice for the banking and finance industry – noted that during the current pandemic criminals have had no shame in playing on people’s fear and confusion by using the ‘hook’ of COVID-19 to draw in their victims.

To tackle this growing fraud and provide customers with some redress an APP Contingent Reimbursement Model Voluntary Code was launched on 28 May 2019. This was the result of joint work between merchants and consumer groups. The Code provides a new standard of protection for customers against APP fraud, with signatory payment service providers (PSPs) committing to reimbursing victims provided they have met certain standards under the Code. Importantly the Code does not apply to international payments.

Can the bank be held liable of APP fraud?

A recent High Court judgment found that “it would not be fair, just, or reasonable” to impose liability on the bank when transfers have been made willingly.

In Philipp v Barclays Bank UK Plc [2021] EWHC 10 (Comm) (18 January 2021) Mrs Phillips was the victim of an APP fraud in 2018 when she made two transfers totalling £700,000 to a fraudster. These were international transfers made to bank accounts in the UAE using “BIPS Priority”, the bank’s international payments system.  Accordingly, the new Code in 2019 did not assist her and she then sought to make a claim against her bank.

Mrs Philipp’s claim was that the bank failed to comply with a legal duty to protect her. In simple terms the bank should have questioned the transactions and either stopped or delayed them. The issue for the Court was the duty, if any, owed to customers. The bank denied that it was under a duty to have had in place anti-APP fraud policies.

The bank applied to strike out her claim. It claimed that the alleged duty to protect Mrs Philipp from the consequences of the payments willingly made by her was not recognised in law, and should not be recognised because it conflicted with the established duty upon a bank to comply with its customer’s mandate.

The judgment

The Court noted some key legal issues:

  1. When carrying out a customer’s instruction to make a funds transfer the bank acts as its customer’s agent. As agent the bank owes the customer a duty to observe reasonable care and skill in executing the customer’s orders.
  2. There was a duty to execute the transfers unless an ordinary prudent banker would have had reasonable grounds for believing that the transactions were an attempt to misappropriate funds.

The bank claimed that any duty did not extend to Mrs Philipp against the consequences of her own decisions, where her payment instructions were valid ones and not fraudulently given. In other words, any duty did not extend to protect Mrs Philipp from her own actions.

The Court looked at the duties owed to customers and noted the question was whether the duty applies at all where (whether or not motivated as the victim of an APP fraud) the customer is instructing how monies belonging to her should be spent.

The Court noted the significance of the point that the case concerned an authorised push payment fraud. The authorisation which Mrs Philipp herself gave for the payments undermined any extension of a duty. Accordingly, her claim was struck out.

Next Steps

It must be borne in mind that each case is very fact specific and here the duty alleged against the bank did not support a legal obligation to have had in place any of the alleged policies and procedures claimed by Mrs Phillips.  The Court was not persuaded that the duty extended beyond the situation of attempted misappropriation of the customer’s funds by an agent of the customer.

Our Banking and Finance team have experience of dealing with complex fraud cases and can provide specialist advice on APP frauds and claims arising from mortgage fraud.

Anis Waiz is an Associate Solicitor in Spratt Endicott’s Dispute Resolution practice, specialising in banking and finance litigation. Contact Anis on

*Disclaimer: While everything has been done to ensure the accuracy of the contents of this article, it is a general guide only. It is not comprehensive and does not constitute legal advice. Specific legal advice should be sought in relation to the particular facts of a given situation. This article is accurate at time of publication on 20th of January 2021.