APP Fraud Reimbursement
The obligation on UK payment service providers to reimburse customers who are victims of authorised push payment scams under mandatory rules effective October 2024.
Also known as: APP reimbursement, mandatory reimbursement, PSR reimbursement
Last reviewed: 10 June 2026
Authorised push payment (APP) fraud occurs when a consumer is tricked into sending money from their own account to a fraudster's account. Until 2024, UK banks reimbursed victims only voluntarily under the Contingent Reimbursement Model (CRM) Code, leading to inconsistent outcomes. The Payment Systems Regulator (PSR) introduced mandatory reimbursement rules under the Faster Payments scheme, effective 7 October 2024.
Under these rules, both the sending and receiving payment service providers split reimbursement liability 50/50. The default maximum reimbursement is £85,000 per claim (the FSCS deposit protection limit), though the PSR can raise this. There is a mandatory excess of £100 (which providers may waive). Customers lose the right to reimbursement only in narrow circumstances: gross negligence, deliberate fraud by the customer, or claims within certain exempt categories.
The receiving bank's inclusion in the liability split is designed to incentivise tighter onboarding controls and faster account closures when fraud is detected. Consumers who are unhappy with a reimbursement decision can escalate to the Financial Ombudsman Service.
Examples
- A consumer is tricked by a fake HMRC caller into transferring £4,000 to a mule account; her bank reimburses her under the mandatory APP rules within five business days.
- A victim's bank initially refuses citing gross negligence; he escalates to the FOS, which finds the bank failed to apply adequate fraud warnings.