Civil Fraud Update Spring 2025
In this civil fraud update, we focus on key cases, developments and hot topics to help in-house counsel to stay up to date. Our updates tend to reflect the issues and concerns we see raised by clients most often, and this edition is no exception, with APP fraud and the law’s approach to digital assets being regular topics of conversation with our clients:
You can access more detailed briefings using the links; and if you would like further information on a topic then please contact us.
1. APP Fraud
The UK Payment Systems Regulator (PSR) made a significant reduction to the reimbursement limit for Authorised Push Payment fraud claims from £415,000 to £85,000. The new cap aligns with the Financial Services Compensation Scheme reimbursement limit and, according to the PSR, aims to protect consumers while ensuring that the fraud reimbursement scheme is sustainable. The new measures came into force on 7 October 2024.
Payment service providers to whom the scheme applies must amend the terms and conditions of their relevant contracts by 9 April 2025 to provide that they will reimburse their consumers as and when required under the scheme.
The maximum reimbursement level will be reviewed in Q4 2025. The PSR has also committed to publish a post-implementation review by October 2025.
The Payment Services (Amendment) Regulations 2024 entered into force on 30 October 2024. The statutory instrument amends the Payment Services Regulations 2017 to allow payment service providers to delay the execution of an outbound payment transaction by up to four business days where there are reasonable grounds to suspect fraud or dishonesty, thereby supporting efforts to tackle APP fraud.
2. Cryptocurrency exchanges’ liability for APP Fraud
A recent High Court decision considered whether cryptocurrency exchanges could be liable for the return of fraudulently misappropriated cryptocurrency. While the court found in favour of the exchange, on the basis that the cryptocurrency could not be traced to it, the decision merits careful attention by cryptocurrency exchanges. The judge found that the exchange had sufficient knowledge to found liability for allowing the fraudster to withdraw funds from its account. If the claimant had been able to provide more evidence on the movement of the cryptocurrency through different accounts to allow it to be traced, the cryptocurrency exchange might have been held liable.
Of wider interest to all financial institutions dealing with cryptocurrencies will be the judge’s finding that the cryptocurrency constituted property, following a detailed analysis of the authorities and academic arguments. Taken together with the Property (Digital Assets etc) Bill introduced the day before this judgment, the property status of digital assets in English law is very close to being definitively settled.
Interestingly, the judge also found that the cryptocurrency in question was persistent. In other words, coins that were sent from the first account were the same coins that arrived in the second account. The Law Commission had suggested that the transfer of digital currencies might be more likely to take place by the destruction of the coins in the first account and the creation of new coins in the second account. Persistence of digital currencies will affect tracing and proprietary remedies.
Our team has produced an overview of the decision: Digital assets push payment fraud which is available here.
3. Failure to prevent fraud
The UK government has published its long-awaited guidance to organisations on the new offence of failure to prevent fraud (here) and confirmed the offence will be in force from 1 September 2025.
Our team has prepared a summary of the key takeaways from this latest guidance: Failure to prevent fraud | UK government today publishes important guidance on the new offence. This is the latest in a series of articles, discussing this the offence of failure to prevent fraud, including: Part 1: Risk assessments; Part 2: Policies and procedures; and Part 3: Tone from the top and training.