In the first part of this blog series on financial scams, Dr. Tim McGuinness and Debby Montgomery Johnson (also a scam victim herself), Board Directors at the Society of Citizens Against Relationship Scams (SCARS) talked about how to interact with potential scam victim once there was a potential scam transaction alert. In this article, we will look at some specific initiatives that FIs use once they get a scam alert and ways to improve customer education.

The UK is the first country to embark on a serious effort to add controls to help reduce customer scam losses. One of the controls is called the Banking Protocol. When a customer comes into a bank branch and requests a suspicious transaction (e.g., withdraw £20,000 in cash), the branch staff are authorized to call the local police to the branch to help intervene with the customer. The BBC reported that the Banking Protocol was used 11,643 times in 2022 and nearly 50,000 times since 2017. See the figure below.


The number of transactions questioned under the Banking Protocol since 2017

According to the BBC article, the use of the Banking Protocol saved £55 million in 2022 and £258 million since its inception in 2017. For this to work, UK bank staff had to be trained “to detect the warning signs that someone is being scammed.”

How Banks are Introducing Friction to Protect Customers

I talked with a UK banker to see what they are doing with scam alerts. The banker stated, “The only real way to get customers to come out from under the spell of scammers is to add friction to the customer journey, and as you well know in the banking sector, business and channel design teams are often reluctant to do this.”

So how does the bank introduce friction? In the online channel, there are multiple points along the journey where customers are ‘challenged’ on the purpose of the payment, whether they know who they are paying and whether they have recently been contacted by someone pretending to be the bank or another organization requesting them to move money. This messaging is tied to the type of transaction. If the payment is for an investment, then investment scam questions will be presented. During the online session, the payment can be delayed, and the customer is asked to call in.

The banker I spoke to noted they are seeing UK fintechs adding more intricate friction. One example is having the customer provide a photo selfie with a visible handwritten sign containing a code from the mobile app. It is a clever way to get the customer to step back from the payment journey, get a phone, a pen, and piece of paper. As the banker notes, “In doing so, it may get them out from under the spell and back to their rational brain.”

Another example comes from Australia. National Australia Bank (NAB) recently reported that $270 million worth of transactions and a daily average of 12% of payments in the NAB app were abandoned after a customer received a payment prompt, based on a 15-week period between March 2023 and July 2023. NAB controls had identified these transactions as “scam suspicious” and initiated payment prompts to their customers. As one NAB executive explained, “While we’re focused on making banking simple and digital, we’ve added this extra friction to help alert customers to warning signs.” As an aside, due to the high volume of crypto currency scams in Australia, NAB is now outright blocking some payments made to high-risk cryptocurrency exchanges.

Making Customer Education More Effective

In talking with Dr McGuinness, Director at SCARS, he provided insights on how the industry can improve customer education. Dr. McGuinness noted that the information on scams he typically sees being shared with customers is too generic. Plus, scam victims never thought it would ever happen to them.

Dr. McGuinness recommends creating education material that addresses the actual mechanics of the scams. Here are some of ways he talks about identifying a scam:

  1. Did a stranger contact you out of the blue? On social media, online games, through a text or message, or an email?
  2. Did they express feelings for you in less than a month? Or offer unsolicited financial or investment advice?
  3. Did they regularly ask for personal information about your likes, what you do, and your daily routine? Do they dig deep into having you talk about yourself?
  4. Is there some sense of urgency or time-based need or opportunity that needs money such as something wrong with a family member, a financial or government account, or an issue that has to be addressed immediately?
  5. Do they offer you huge gains on an investment, or have a box of gold or money from an inheritance, or huge profits from a business?
  6. Do they want you to keep secrets?


As scam levels rise globally, it is clear what we are doing today is not working, and new strategies need to be deployed. Some of the strategies discussed in this article are low hanging fruit that can be tried without having to consume tremendous resources. First, some level of smart friction needs to be introduced, especially in real-time payments systems. This might not be a popular choice for some internal stakeholders, but if done right, it can have positive outcomes.

Second, bank fraud staff need to be trained to deal with customers who have been mentally manipulated by the scammer. A great example of this is Santander’s Break the Spell team who are specially trained to work with customers suspected of being victims of romance scams.

Finally, customer education and communication needs to change. More focus should be put on the actual mechanics used by the scammer to manipulate a victim as well as providing more effective alerts to customers during the transaction process.

Recent Posts