View more on these topics

Paul Lewis: Banks have more to answer for on scams and fraud

Making banks liable would speed up designing theft out of the money transfer process

Melling Equestrian Investments conned an 85-year-old widow out of £300,000. She was persuaded to hand over the cash on the promise of a 12 per cent return on an investment in a world class horse racing development in Costa Rica.

Christine Barford had just sold a cottage and wanted income from the money, so £3,000 a month was very attractive. And Mr Melling was such a nice man.

But the racecourse did not exist. And the firm’s plush office – illustrated in glossy brochures and on its polished website – was in fact a mailbox in a shop in London’s West End.

The firm’s director, Hugo Melling, did not return my calls. Which is not surprising as the fraud is part of a plot in the BBC Radio 4 soap opera The Archers.

However, this realistic and carefully researched theft raises many questions that people who have lost money ask.


What did Christine’s bank do when she transferred £300,000 to a thief? The bank may have known she had sold a cottage and thought that the money was to be invested.

The script does not tell us but, earlier this year, Money Box reported on the case of a London businesswoman, Alex, whose bank allowed thieves to take 33 separate payments in 24 hours totalling £183,000.

The payments were completely uncharacteristic and to new payees but the bank did not stop them or contact her. That is the kind of event banks should be flagging and stopping.

A couple of weeks ago, the Payment Systems Regulator published its own report into one sort of scam – so-called “authorised push payment scams” – where an individual is persuaded to transfer money to the thieves or allow them to take it believing they are in fact protecting the funds from crooks.

It said £101m was stolen by push payment scams in the first half of 2017: half of it from 17,000 individuals, the rest from businesses. Every transaction inevitably begins with a bank transfer of one sort or another. Usually a very out of character one involving a lot of money to a new payee.

One proposal to stop such scams is the introduction of “confirmation of payee”. When that is in place, before an online transfer is made, the customer will be asked if they are sure they want to pay Melling Equestrian Investments £300,000, for example. In this case, of course, that would not have made any difference. Christine would have said yes.

Confirmation of payee is due to be available from next summer, though it may not be taken up by every bank until 2021. It will certainly help with accidental mis-keying of an account number. But the essence of many frauds is that the victim does want to transfer the money to the crook.


A thief will initially get the victim to transfer their money to a UK bank account. That arouses less suspicion than sending money to Costa Rica, which might wake even the sleepiest bank to question what was going on. In Alex’s case, another UK bank allowed crooks to open more than a dozen accounts which were then used to receive the money from her account.

Banks respond to accusations of allowing crooks to open accounts by saying they follow the FCA’s Know Your Customer guidelines and the thieves passed all the checks. In other words, the criminals are better at hiding their intentions and perhaps their real identities than the banks are at discovering them.


In The Archers, Christine still hopes her money will be recovered. “They can do all sorts of things nowadays; track money everywhere, freeze people’s accounts.”

Money moved through the banking system does leave a trace everywhere it goes. Victims like Christine and our listener Alex reasonably hope their bank can track it and seize it. The truth is, criminals are quicker and cleverer at hiding it than the banks are at finding it.

Money is moved from account to account, to different banks, then to other countries, ending up in one with lax banking rules and no extradition. Data protection and privacy laws, as well as the slow pace of bank investigations, usually mean that even if its movement is eventually traced, the money is – as Christine was warned -long gone.


Christine was foolish and gullible. But she was an 85-year-old woman from a small village in Borsetshire who was not used to dealing with money, up against smooth, experienced, sophisticated thieves. No contest. Or as her friend Peggy told her: “These con men are so very convincing”.

Indeed they are. In the 12 months to June, the latest Crime Survey of England and Wales found that nearly half of all crimes – five million out of close on 11 million – were frauds. Separately, Financial Fraud Action says that recorded fraud across all payment systems totalled £769m in 2016. Another £1.4bn attempted fraud was stopped. The system lets through more than a third.

The Payment Systems Regulator is consulting on a “contingent reimbursement” model, which would make banks responsible for losses where they “have not met the required standards – provided the victims have taken appropriate care”. It rejected extending the credit card model where banks are liable for all losses unless the victim is complicit in the crime or has been “grossly negligent”.

Banks let crooks open accounts, allow fraudulent transfers and usually fail to follow stolen money to its final destination. If there is negligence, it is surely with the banks. Making them liable would speed up designing theft out of the money transfer process, just as car theft has been designed out of vehicles.

Paul Lewis is a freelance journalist and presenter of BBC Radio 4’s ‘Money Box’ programmeYou can follow him on Twitter @paullewismoney



NS&I courts adviser business by improving access

NS&I is looking to improve its relationships with advisers as it plans a raft of measures to improve how easy it is for IFAs to see their clients’ investments with the state-owned savings bank. In response to adviser frustrations that they cannot easily access valuations, maturity dates or other information on client investments with NS&I, […]


Which financial services names have made the Rich List?

Peter Hargreaves has jumped to 42nd position on the Sunday Times Rich List, a climb of nine places from last year, after seeing his wealth grow £849m to £3.2bn. Hargreaves is no longer on the Hargreaves Lansdown board but has kept a 32.2 per cent stake in the company – the value of which has […]


News and expert analysis straight to your inbox

Sign up


There are 6 comments at the moment, we would love to hear your opinion too.

  1. Question. If an adviser became aware of a scam, for example, they were asked by a ‘client’ to transfer money to a bank account, would they know what to do?

    Report it to the bank, but who and where? Not as easy or obvious as it sounds. And even if you give the details of the account to the bank, how quickly do they act? Again, the answer might surprise a few people.

    Paul – you might want to ask a few questions around this (to banks and regulators). A simple and co-ordinated system for financial services companies to share info would make sense and may save a few investors too.

    • Its worrying that you wouldn’t know what to do in this case.

      If it looks like a potential scam report it to Action Fraud; if its a issue with tax-dodging, then send it to the HMRC; if its an issue involving a regulated entity that appears to be committing fraud then the FCA and/or PRA.

      If in doubt check the FCA’s scamsmart pages there are reporting numbers and emails for most situations.

      • Helpful, thanks. Perhaps you haven’t actually tried doing this in practice.

        Take the example of a ‘client’ who emails and asks you to transfer money. You know it’s not your client but the scammer has given you the bank account details to make the transfer to. You are now in possession of a fraudulent account details.

        If I follow your advice in respect of Action Fraud or Scamsmart the scammer will probably be able to use the fraudulent account for many more days, probably weeks.

        IF you know who to speak to at the bank you might get something done by the end of the day if you call in the morning. When you don’t know who to speak to at the bank you can spend a considerable amount of time finding out who to give the information to. I know through painful experience and it’s incredibly frustrating. It’s also different for different banks

        There should be a quick and easy way to deal with these things and make life more difficult for the bad guys. It’s not rocket science.

        Matt, thanks for your concern but please look up ‘rhetorical question’ – you can rest assured I’m just fine on what to do.

  2. Requiring the account name as well as the Account Number and Sort Code would avoid mis keying.

    However, if the customer has specified the account correctly, there are limits to the bank’s right to refuse to carry out a valid customer request.

    If banks did so, the customer’s and Paul Lewis would howl long and loud.

  3. This is why the FCA Register of those Regulated to give “Investment Advice” is so important, Banks can not and should not just stop a transaction, The Problem is the balance of Privacy and Accountability, I do think though for anything over an agreed Industry Figure, say £100,000 The banks should have a “Pausing” facility, I can not see any honest recipient objecting

  4. I had a transaction today from a client of mine. An email came in asking for the unexpected withdrawal of some additional cash. I did what most of us should do. I called him on his mobile to confirm the instruction was from him and asked him the reason behind the transaction. Both confirmed by the client’s own voice with funds to go to his known bank account, file note done and paperwork sent to him for signature. Job done by knowing my client and being able to talk to him.

Leave a comment