"There’s no such thing as a free lunch here. It’s a question of how can the cost be fairly distributed across the system."
The chief executive of UK Finance, Stephen Jones, has proposed that consumers pay a levy on all payments to compensate victims of fraud, rather than banks footing the bill.
Speaking to the Treasury Select Committee, Jones said he was in favour of a “tiny levy on each payment” so that "customers will pay if the banks have to pay.
He added: "There’s no such thing as a free lunch here. It’s a question of how can the cost be fairly distributed across the system.”
Jones believes a requirement for banks to compensate victims would “attract more fraud into the system” by giving criminals “very perverse incentives” to commit fraud.
Recent figures from UK Finance show that in the first half of 2018, financial providers returned £30.9 million of the £145.4 million lost to authorised push payment scams, despite having no legal requirement to cover consumers for these losses.
However many consumer groups and technology firms have criticised Jones' remarks, stating that the fault lies with banks' systems and that consumers should not be blamed.
Steven Murdoch, innovation security architect at OneSpan, commented: "The Financial Ombudsman warned banks against blaming customers for falling victim to scams just a couple of months ago. Yet, UK Finance is suggesting that customers should be footing the bill for fraud that is the consequence of how banks designed their systems. Fraudsters’ techniques are becoming increasingly sophisticated, with only 38% of banking/security leaders have high confidence in their organisation’s ability to detect and prevent fraud, and fraud threats are evolving at a rate that many organisations cannot keep up with, let alone the average customer.
"The onus should be on financial institutions to protect customers from fraud, but also to support them if the worst was to happen. Requiring that banks pay the cost of fraud will provide an incentive for them to improve their systems to prevent fraud in the first place. To keep up with criminals’ rapidly changing strategies, more value and importance can be placed on dynamic and flexible controls, that can assess risk and intelligently provide the required level of security to detect and prevent fraud, but without putting undue burden on customers."