HSBC customer, Mr P, claimed his bank didn’t do enough to protect him from handing over £265,000 to cryptocurrency fraudsters.
On seeing a healthy profit, Mr P wanted to withdraw some of his money but was denied access by the ‘financial adviser’ and told that he would have to pay more money in order to get any of his investment back. This raised a red flag with Mr P, who refused to pay the extra amount.
The greedy fraudsters then tried a different tactic, offering Mr P another opportunity to invest with a more experienced adviser at the firm (and therefore, one assumes, have the opportunity to achieve even better profits), but again Mr P declined.
When Mr P decided to withdraw all of the money he had invested, he realised his account was empty and his money – and the so-called adviser – had gone. The online account, supposedly showing his profits was, in fact, fake and the scammers were the ones cashing in.
Mr P reported the scam to the police and his bank, HSBC. The bank carried out an investigation but would not pay him back any of the money he lost. Mr P took his case to the Financial Ombudsman Service (FOS).
The Financial Ombudsman Service (FOS) is an independent, Government-backed body responsible for investigating and settling disputes between financial businesses, such as banks, and their customers. They look at all the evidence available and consider what would be fair and reasonable given the case circumstances and the industry regulations and guidelines in place at the time.
Mr P’s case was investigated and upheld in part. That means FOS found partly in favour of Mr P’s complaint, that HSBC didn’t do enough to protect him when he became the victim of a scam, but not fully. HSBC still disagreed with the investigator’s decision, so the matter was sent to the Ombudsman for a final verdict.
The Ombudsman, Claire Pugh, agreed that Mr P had been the victim of a scam. The cryptocurrency investment and its supposed endorsement by a TV programme were both fake. Mr P was persuaded to download software onto his computer, which gave the ‘adviser’ access to sensitive information.
A total of 31 card payments had been made by Mr P to the cryptocurrency exchange, each ranging from £1,000 to £10,000. The payments were made over the course of a two-month period, totalling £265,000.
Unfortunately, Mr P’s case highlights some of the scam tactics we commonly hear of:
- Downloading software onto a computer or phone to gain access to sensitive information or online accounts.
- Displaying ‘profits’ on a fake online account, often an investment simulator.
- Refusing the investor access to their own account to withdraw funds.
- Demanding more money to access funds or to invest in an ‘even better’ opportunity.
- Scammers emptying an investor’s account and moving the money on, making it difficult to trace or recover.
The Ombudsman concluded that all the payments had been authorised by Mr P and, according to the Payment Services Regulations 2017, Mr P would be held liable for any loss. While Mr P never intended for his money to get into the hands of scammers, it could not be denied that he gave his bank the authority to make the payments on his behalf.
Banks have been quick to deny any wrongdoing in cases like Mr P’s but there have been an increasing number of decisions by FOS in favour of the customer, not the bank. These customers have been the victim of what is known as Authorised Push Payment (APP) Fraud.
APP Fraud resulted in consumers losing £583 million in 2021 and £485 million in 2022, according to UK Finance, with more than three-quarters of cases starting online. Investment fraud made up the largest proportion last year at £114 million.
Note that, in contrast to APP Fraud, there is an opposite scenario where someone else uses your bank card or accesses your online bank account to make payments without your permission (i.e. unauthorised by you). In that case, you would not be deemed liable for the financial loss and the bank would reimburse you.
The Ombudsman went on to say that HSBC would only get involved once it had been notified of a scam and could, at that point, try to recoup the lost money through what is known as the chargeback process. This would mean trying to claim the money back from the cryptocurrency exchange involved but, as the transactions were successful and cryptocurrency was successfully purchased, a chargeback claim would not have been successful.
The Ombudsman’s main criticism of HSBC was not putting in place sufficient checks to prevent the payments from going out to the scammers in the first place. The number of payments, one after the other in quick succession, over a period of weeks and months, and for large amounts, should have alerted the bank that something unusual and uncharacteristic was happening.
As well-resourced industry experts, banks are far more aware of fraud and scam tactics than their customers, and they should have measures in place to monitor accounts, delay payments, question the purpose of payments and even stop payments completely.
The Ombudsman had to consider Mr P’s other banking habits around the time the payments started going out to the cryptocurrency exchange. He had made a number of large payments unrelated to the crypto investment, so HSBC would not necessarily have flagged the new transactions as unusual in the beginning. Only after Mr P transferred £50,000 (the first 6 payments) could his spending have been deemed markedly different and, at that point, the bank should have stepped in and asked more questions or warned him about the possibility of fraud.
The Ombudsman found no evidence of Mr P being coached by the scammers to lie about the payments he was making so, had the bank questioned him, the investment scam would likely have been uncovered. However, the Ombudsman found that Mr P could have done more detailed research about the company he intended to invest in, including checking their details on the Finanical Conduct Authority’s Financial Services Register. The FCA is the official regulator of financial services in the UK and maintains a register of all the firms that are approved to carry out financial service activities. It also highlights firms that are operating illegally.
Lastly, the Ombudsman said that Mr P should have stopped making further payments into the crypto exchange, once he realised he was having difficulty accessing his account and withdrawing any profits, however, she understood he was being pressurised to do so.
In conclusion, the Ombudsman ordered HSBC to pay Mr P £166,500, a sum that fairly reflected the payments they could have stopped going out, less 25% for the responsibility Mr P should bear for his own actions.
You may be entitled to compensation if your bank failed in its duty to protect you. Our dedicated Crypto Scams team has a deep understanding of how these scams work and what you can do to recover the money you have lost.
Our APP Fraud team has many years of experience in financial claims, including taking claims to the Financial Ombudsman Service (FOS). We understand the process involved, the time limits that can apply and the legal arguments and defences that the banks may raise.
We offer a free, no obligation assessment of your case and, if we do take on your scam refund case, we operate on a ‘no win, no fee’ basis, meaning you do not pay us anything if your claim is unsuccessful.
Contact us on 0800 169 5925, email firstname.lastname@example.org or complete one of the forms below.
It is important to get advice as soon as possible as strict time limits can apply.
Minimum case values may apply.
Meet Sarah, who heads up our experienced Authorised Push Payment Fraud Claims team.
Sarah and her colleagues are on hand to help with your claim.
- Always fight your corner.
- Explain anything you don't understand.
- Provide full transparency on our charges.
- Never ask for any upfront payment.
- Recover the best compensation we can.
- Keep your personal information safe.
- Respond quickly to any queries.