Written evidence submitted by the Lending Standards Board

The Lending Standards Board (LSB) welcomes the opportunity to respond to the Treasury Committees call for evidence on the Inquiry into Economic Crime.

The Lending Standards Board (LSB) is the primary self-regulatory body for the banking and lending industry, driving fair customer outcomes within financial services through independent oversight. Adherence to our Standards and Codes is a clear indication to customers that a registered firm is committed to best practice in the treatment of its personal and business customers.  Our registered firms comprise of the major UK banks and lenders, credit card providers, debt collection agencies and debt purchase firms and has approximately 95% market coverage. 

We work with firms to achieve fair customer outcomes through our oversight of:

The LSB is writing in response to this inquiry, as the body responsible for the governance and oversight of the CRM Code. The LSB is currently carrying out a full review of the CRM Code, following the first full year of its implementation, with a view to publishing the findings early next year.

The CRM Code

The CRM Code, launched on 28 May 2019, is a voluntary industry code which sets out good industry practice for preventing and responding to Authorised Push Payment (APP) scams. The Code was developed through collaboration between consumer and industry groups, to reduce the impact of APP scams on consumers, micro-enterprises and small charities by introducing measures that would reduce the occurrence of APP scams and see victims of APP scams reimbursed.

The Code aims to achieve this by ensuring that consumers, who bank with a provider who is a signatory to the Code, will be reimbursed if they have been the victim of an APP scam and they have taken a reasonable level of care when making a payment.

The Code also requires signatories to put in place measures to reduce the occurrence of APP scams.

The Code provides protections to customers when they authorise a transfer of funds executed across Faster Payments, CHAPS or an internal bank transfer that turns out to be fraudulent. The Code therefore provides protections against a range of scam types, including invoice and mandate fraud, CEO fraud, impersonation scams, purchase scams, investment scams, romance scams and advance fee fraud.

Currently there are nine firms, comprising 19 brands, signed up to the Code. The nine firms are;

As such the Code provides protections against APP scams for a significant proportion of UK consumers.

Since 1 July 2019, the LSB has been the official independent governing body for the CRM Code. Having assumed governorship of the CRM Code, the LSB committed to monitor the implementation of the Code, to ensure its effectiveness and to maintain and refine it. This included a commitment to conduct a full review of the Code, following the first year of implementation. As set out above, this is now under way.


In addition to undertaking a full review of the CRM Code, the LSB has been monitoring the implementation of, and compliance with, the Code through a series of thematic reviews.

The first of these reviews was carried out between October 2019 and January 2020, and the review focused on the approach to reimbursement of customers under CRM Code provision R2(1)(c). The review included an assessment of the key controls and processes firms have in place to demonstrate compliance with the provision, including considering how firms have interpreted the provision and assessing the level and depth of staff training.

Overall, the LSB found that all firms involved in the review had taken positive steps to implement the requirements of the Code for reimbursing customers and that where the Code is implemented effectively, it is providing protection for customers. However, a number of key areas of improvement were identified – reimbursement; effective warnings; customer vulnerability and record keeping. The LSB issued individual reports to each firm which contain recommendations and required actions as a result of the review, and is continuing to work with those firms to ensure that these are implemented by each firm, including tracking through to completion.

The LSB is also currently undertaking a further thematic review of provision SF1(2) on the use of effective warnings by firms. The review will assess whether the systems, processes and controls within a firm maximise the opportunity to create and provide warnings, which would reasonably be expected to be effective in discouraging a customer from proceeding with a payment which might result in them being a victim of an APP scam. The LSB will publish a summary report of the review findings in December.

Review of the CRM Code

Our full review of the CRM Code, following the first year of implementation, is currently ongoing. In July 2020, we issued a consultation setting out questions in a range of different areas, such as:

We are currently processing the responses to our consultation, which closed on 30 September 2020.

To further support the review, we have requested and received data from all nine signatory firms. The data requested included information about types of APP scams, resolution decisions and customer reimbursement levels, and covers the period from 28 May 2019 to 30 June 2020. We are currently undertaking an analysis of the data and expect to publish the findings alongside our report following the consultation.

Through the review process, the LSB is continuing to engage with a wide range of stakeholders to ensure that any recommendations made following the review, and any plans we set out to update the Code or to amend the supporting guidance, take into account ongoing developments in the payments landscape.

Further details of the review of the CRM Code can be found on our website.

Engaging with the Treasury Committee

While the Economic Crime Inquiry has a broader scope, we would note the role of the CRM Code in relation to consumers who are impacted by APP scams. Since taking over governance of the CRM Code in July 2019, the LSB have been working actively with the industry, stakeholders and consumer groups, as well as signatory firms to drive fair outcomes for victims of APP scamsAs governor of the Code, the LSB has unique insights in respect of the effectiveness and operation of the Code and also the APP landscape. As such, it will be important for the Treasury Committee to consider the protections offered by the CRM Code to consumers as part of its overall inquiry.

As our review of the CRM Code is ongoing, the LSB would be happy to engage with the Treasury Committee and, where it is useful, provide information and insight regarding the implementation of the CRM Code since May 2019. 

November 2020