UK bank TSB says it will now refund any of its 5.2 million customers who have been victims of fraud – even in cases where the customer has been tricked into authorising payments to fraudsters themselves.
Under its new “fraud refund guarantee” TSB customers will be refunded for any loss they suffer as a result of third-party fraud. In general, banks tend to reimburse fraud losses only in limited circumstances.
TSB is of course quite familiar with fraud payouts as hundreds of its customers found themselves out of pocket last year following a catastrophically poor IT migration from its former parent company’s systems, to a new setup created by Spanish owner’s Sabadell.
The week-long outage was compounded by knock-on effects, delays, and procedural errors like sending letters of apology containing other people’s details.
Total cost to TSB: ca. £330m. But the damage didn’t stop there.
The ensuing chaos created a fertile environment for new scams when cyber criminals seized the opportunity to send phishing emails and texts asking users to verify their bank details.
A full on reputational crisis by any measure.
So is TSB’s Fraud Refund policy a case if turning necessity into virtue, or has the bank cleverly twigged an opportunity to re-position itself ahead of competitors?
Making it easier to trust digital banking
Calling it a “UK banking first”, TSB cited statistics from UK Finance showing that a quarter of the British public have been affected by online fraud in the past year, and that some £1.2bn was stolen through bank fraud in that period.
Not terribly surprising when you consider UK banks’ atrocious track record for protecting systems and customer data. A simple, straightforward, highly-public commitment to de-risk customer accounts from fraud sets TSB a mile apart from its high street banking rivals.
Other banks will offer a refund if a fraudster removes money from a customer’s account without their knowledge. But if a customer authorises the payment – even after being tricked by a clever scam – they can struggle to get their money back.
Pressure to reconsider how they respond to fraud is having an effect. The biggest UK banks and building societies signed up in February to an industry code (voluntary) committing them to better treatment for fraud victims, and the UK finance regulator has simplified the process for fraud victims to start a compensation claim. TSB however is the first to really seize it for business advantage.
Privacy and security as differentiators
We’ve written about Apple and IBM’s moves to put themselves ahead of the pack by baking privacy protections into their business models. TSB’s move could be seen in the context of a larger trend to find competitive advantage in better security.
Alongside major data breaches, big tech companies have a big reputation problem when it comes to transparency and how data is used. With banks the issue is focused more on breaches and scams – where it could be argued that the customer is at least partly to blame for clicking a link they shouldn’t have, or providing personal and financial info to a stranger over the phone. With whom does the responsibility lay?
TSB may be tapping into a broader sentiment about individuals’ ability to distinguish legitimate communications when online fraud grows more and more sophisticated with each passing day. Or perhaps they sense a growing resentment about how quickly the economy has gone digital, without the necessary investment to ensure that its underlying technologies are secure.
Annual industry reputation reports for the banking sector should be due out in the next few months. It will be interesting to see if TSB’s attempt to re-position around security will pay the sort of dividends it hopes.