Mandatory reimbursement and new prevention tools are reshaping how the financial sector responds to fraud, as losses remain above £1bn annually.
Banks and payment firms are assuming a greater share of responsibility for fraud losses in the UK, as regulatory changes shift the focus from investigation toward prevention and reimbursement.
Criminals stole an estimated £1.17bn through banking fraud and scams in 2024, according to new data from the government, underscoring the scale of a problem that now accounts for more than 45% of all crimes against individuals in England and Wales.
The report, authored by Abbas Panjwani and Greg Oxley, frames fraud as both high-volume and systemically embedded, noting that around one in 14 adults experienced some form of fraud in a single year.
Liability shifts to the payments layer
A defining change has been the introduction of mandatory reimbursement for authorised push payment (APP) fraud, which came into force in October 2024.
Under the new framework, payment service providers are required to reimburse victims in most cases, replacing a system where outcomes varied significantly between firms. The briefing notes that reimbursement rates had previously ranged widely, reflecting inconsistent application of voluntary standards.
Even before full implementation, the policy appears to have had an impact. In 2024, 59% of APP losses were returned to victims, either through recovery or reimbursement.
The shift reflects a broader regulatory approach that seeks to “incentivise PSPs to invest in fraud prevention”, aligning liability with the institutions best placed to intervene at the point of payment.
Prevention moves into the transaction flow
Alongside reimbursement, the UK has expanded a series of controls designed to stop fraudulent payments before they are executed.
Confirmation of payee (CoP), introduced in 2020 and later extended across hundreds of additional firms, now covers the vast majority of Faster Payments transactions. The system provides a final check on account details, warning users where names do not match.
At the same time, regulatory changes introduced in 2024 allow payment firms to delay certain transactions by up to four business days where fraud is suspected, compared to a previous one-day limit.
The government said the earlier timeframe provided “insufficient time” to detect complex scams, particularly those involving social engineering.
Together, these measures point to a model in which fraud detection is increasingly embedded within the payments journey itself, rather than relying on recovery after funds have been transferred.
A long-standing enforcement gap
While prevention measures have expanded, the report highlights persistent challenges in enforcement.
Only around 4% of recorded fraud offences were referred to police forces for investigation in the year ending March 2025, reflecting what the report describes as longstanding concerns over prioritisation and resources.
Fraud is frequently characterised as a “low priority crime” for local forces, with capacity constraints and the cross-border nature of offences limiting investigative outcomes.
Previous inspections and parliamentary scrutiny have repeatedly pointed to fragmented responsibilities and inconsistent responses across police forces, with some lacking specialist fraud capabilities altogether.

From fragmented response to coordinated strategy
The government’s Fraud Strategy 2026–2029 seeks to address these issues through greater coordination rather than a wholesale expansion of enforcement. The strategy aims to “disrupt crime, support economic resilience and deliver justice”, with a focus on data sharing, prevention and victim support.
Among its key initiatives is the creation of an Online Crime Centre to facilitate collaboration between the public and private sectors, as well as the rollout of Report Fraud, a national reporting platform launched in December 2025.
Report Fraud replaces Action Fraud, which had faced sustained criticism from parliamentary committees for poor performance and a lack of public confidence. The new system is intended to provide a “robust and improved reporting mechanism” while improving the flow of intelligence to law enforcement.
Early indicators suggest faster case handling and improved user satisfaction, although data on investigative outcomes remains limited.
Industry role continues to expand
The report also underscores the central role of financial institutions in the UK’s fraud response. Banks are required to monitor transactions, conduct due diligence and report suspicious activity under anti-money laundering rules, while also supporting law enforcement investigations.
Industry-led initiatives, such as the Banking Protocol, have been developed to intervene in real time where customers are believed to be at risk of scams, reflecting a shift toward earlier detection.
However, the growing burden on the sector has also prompted debate over whether responsibility should be shared more broadly, particularly with technology platforms that are often used to initiate fraudulent activity.
As fraud becomes more sophisticated and scalable – driven by online platforms, data breaches and emerging technologies – the response is moving away from traditional enforcement toward prevention within financial infrastructure.