Financial Ombudsman Service decision

ClearBank Limited · DRN-6114787

Authorised Push Payment (APP) ScamComplaint upheldDecided 15 January 2026
Get your free legal insight →Email to a colleague
Get your free legal insight on this case →

The verbatim text of this Financial Ombudsman Service decision. Sourced directly from the FOS published decisions register. Consumer names are reduced to initials by FOS at point of publication. Not an AI summary, not a paraphrase — every word below is the original decision.

Full decision

The complaint Mr D is a sole trader, trading as F. He complains that ClearBank Limited (trading as Tide) won’t reimburse money lost to a scam. What happened Mr D’s account is held with Tide and Tide’s bank accounts are provided by ClearBank, so ClearBank is the respondent business here. In the decision I’ll refer to Tide for simplicity. In December 2024 Mr D received a call from a scammer impersonating Tide – he recalls being told about fraud on the account and says he didn’t share any secure information or approve any payments. He’s disputing nine payments, three of which he says took place after he’d reported the fraud to Tide. Tide declined to reimburse the payments on the basis that they were authorised and it didn’t think it should have considered the payments unusual at the time. When Mr D referred the complaint to our service, the investigator upheld it in part. In summary they thought Tide could treat the payments as authorised but that it ought to have done more to identify and prevent some of the payments. They recommended Tide reimburse 50% of the last three payments. Tide accepted this but Mr D didn’t agree. In summary he said: • He didn’t make the payments, approve the payments, or see any warnings. Issues with his phone meant that he couldn’t have simultaneously been on a call and accessed his banking app. • His phone could have been hacked or cloned – he’s offered Tide and our service the opportunity to forensically assess his phone to prove he is telling the truth. The data being relied on is from his banking app and account not his phone. • The payments were out of character for the account and suspicious in themselves – with different kinds of retailers, locations, the amount spent, and with an international element. • There are issues with the evidence provided by Tide, and he has data protection concerns. The matter was passed to me for consideration by an ombudsman and I issued my provisional decision on 15 January 2026. Here I explained that I thought it was more likely than not that Mr D had confirmed the disputed payments in his banking app and that Tide could reasonably consider them authorised. I said that I thought Tide ought to reimburse 50% of the payments that took place after the point at which I concluded Tide ought to have identified that Mr D was at risk of financial harm from fraud. Tide accepted my provisional decision, which included one more payment in the redress than previously set out by the investigator. Mr D didn’t agree, in summary he made the following points:

-- 1 of 6 --

• Mr D raised several concerns with the evidence, including; he doesn’t think the evidence from Tide is reliable or properly shows the transactions were verified. He thinks some of the records are illegal due to system issues with them and that our service should refer Tide to the regulator and not rely on the evidence provided. Mr D also thinks the evidence shows two devices linked to his account and that Tide hasn’t provided evidence of all the warnings it says it showed him. • He thinks Tide ought to have identified the risk to him of financial harm from fraud; adding that the banking app was closed and opened multiple times and the payments were not of low value to him. • He has arthritis and couldn’t have taken the steps in his app at the same time as being on the call and has referenced disability discrimination. What I’ve decided – and why I’ve considered all the available evidence and arguments to decide what’s fair and reasonable in the circumstances of this complaint. Having done so, including carefully considering Mr D’s response to my provisional decision, I’ve reached the same outcome as set out in my provisional decision – that Tide should reimburse 50% of the disputed payments that took place after he contacted it about a possible scam. I’ll explain why. Mr D has made several detailed points about his complaint which I have only summarised above. But I’d like to reassure him that I have considered his submissions in full. And I hope the fact that I do not respond in a similar detail here will not be taken as a discourtesy. As an informal dispute resolution service, we are tasked with reaching a fair and reasonable conclusion with the minimum of formality. In doing so, it is not necessary for me to respond to every point made, but to consider the circumstances as a whole. Has Tide acted fairly in treating the payments as authorised? Under the relevant law - the Payment Services Regulations 2017 (PSRs) – the starting point is that Mr D is liable for payments he authorised. Tide is generally expected to reimburse unauthorised payments. Where a payment is authorised, that will often be because the customer has made the payment themselves. But there are other circumstances where a payment should fairly be considered authorised, such as where the customer has given permission for someone else to make a payment on their behalf or they’ve told their payment service provider they want a payment to go ahead. It's common ground that Mr D has been the victim of a scam here. But there is a dispute over Mr D’s role in authorising the payments. Tide has treated the payments as authorised on the basis that the payments were confirmed in Mr D’s banking app as part of the stronger authentication process, known as 3DS. It concluded that Mr D had done this on the basis that his banking app was accessed from his device, though it did accept he was tricked into doing so. However, Mr D says he didn’t do this, and while he did receive a call from someone impersonating Tide, he says he didn’t share any information or knowingly provide any access to the caller. Where evidence is incomplete, missing or contradictory, I need to determine what I think is more likely than not to have happened. I do this by weighing up what I do have and making a

-- 2 of 6 --

finding on the balance of probabilities. I understand Mr D has concerns about the accuracy and completeness of Tide’s records, and I have considered this as part of my review. I’ve considered the timeline of events to help me do this. • Mr D’s call logs show the first call came in at 17:34 and lasted almost 15 minutes – during this time five payments were approved in Mr D’s banking app – this is supported by the activity log provided by tide. • There is then a shorter call at 18:03 for less than three minutes, during which time the user in Mr D’s banking app declines a payment at 18:04. • Mr D began a fraud chat with Tide in his app at 18:08 and at 18:11 wrote in the chat: “I have just received a phone call from XXX. He says I am being reimbursed for fraudulent charges on my tide account, a total of £1206.10. I can see that the money has been taken out, but nothing has been paid back to me. I am just checking that this is real and not a scam.” • The next call is at 18:26 for almost an hour, during which time one payment is declined in the banking app and four further successful payments were approved. • While Tide responded to Mr D in the in-app chat at 18:32 asking about the phishing call, Mr D says he didn’t see this. He responded at 19:32 by which time all of the disputed payments had taken place. On balance, while I accept the scammer may well have used Mr D’s card information to make the online payments, I think it’s more likely than not that Mr D completed the steps to approve the payments in his banking app. I understand Mr D says this wasn’t possible, particularly given his medical condition, and I have considered the alternatives. But I still think this is the more likely scenario because: • Tide has said they were completed using the device Mr D uses normally to access his account. • If the scammer didn’t need Mr D to share any information or take any steps in his app it’s not clear why they would have called him. • The act of declining a payment in Mr D’s banking app directly before Mr D raised his concerns with Tide indicates it was him accessing his account. • Given the timings of the calls, I think it’s likely that the scammer was then able to persuade Mr D they were genuine before he went on to approve further payments. • It is possible that Mr D took these steps on the belief this was for another reason, such as to receive a refund given what he told Tide about expecting a refund, but only Mr D knows this. It’s unlikely that a scammer would decline payments they were making. I’ve considered the possibility that Mr D’s phone was compromised in some way, but I don’t have any evidence to support that being the case. It isn’t our role to forensically examine devices, only to consider the evidence we receive. It isn’t my intention to call Mr D a liar or question his character, I recognise he is the victim of a scam and that scammers can use sophisticated techniques to manipulate their victims who are not always aware of the impact of the actions they’re convinced to take. The screen in Tide’s app would have shown Mr D information about each payment including the merchant and amount. The page said “you have 5 minutes to approve this payment once it has been initiated” and gave the option to select “Approve payment” or “Reject payment”. There was also a warning that said “Tide will never call you to ask you to approve this payment in the app.” As these screens are part of the automated process, I’m persuaded they would likely have been the same each time.

-- 3 of 6 --

I understand that Mr D was likely tricked into taking these steps (though he disputes this) and that he didn’t realise at the time that he would be losing this money. But I consider Tide asked him in a clear way if he consented to the disputed payments, and he selected “Approve payment” each time. So, I think it was reasonable for Tide to rely on this as confirmation that Mr D did consent to the payments. It follows that I think it’s acted fairly in treating the payments as authorised. I’ve considered whether it was still reasonable to rely on this for the four successful disputed payments that took place after Mr D had raised his scam concerns with Tide in the chat at 18:11. I don’t think Tide had enough information at this point to identify that Mr D didn’t consent to the payments when he was approving them. But I do think that the information Mr D gave Tide is relevant to whether it ought to have identified a risk to Mr D of financial harm from fraud which I’ll go on to address next. Did Tide miss an opportunity to prevent Mr D’s loss? In broad terms, the starting position at law is that Tide is expected to process payments and withdrawals that a customer authorises it to make, in accordance with the PSRs and the terms and conditions of the customer’s account. But, taking into account longstanding regulatory expectations and requirements, and what I consider to be good industry practice, Tide ought to have been on the look-out for the possibility of fraud and made additional checks before processing payments in some circumstances. I have reviewed Mr D’s account statements. Having considered when the disputed payments were made, their values and who they were made to, I’m not persuaded that Tide ought to have found the first six disputed payments suspicious, such that it ought to have made enquiries of Mr D before processing them. I understand Mr D’s points around the retailers, locations and pace. But these were online payments from a business account that wouldn’t have appeared particularly high risk. With hindsight, it is easy to point out the ways in which these payments might differ from Mr D’s usual spend, but that doesn’t mean Tide failed to appropriately identify the risk to Mr D at the time. Tide needs to strike a balance between its obligations to follow their customer’s payment instructions with their responsibilities to prevent foreseeable harm. Ultimately these would generally be considered relatively low value payments to legitimate businesses. I note that the investigator asked Tide to make an award relating to the last three payments on the basis that Mr D contacted it in-app during the scam explaining he’d had a call from someone he thought was from Tide and he wanted to check “it was real and not a scam”. They thought at this point Tide ought to have done more to protect Mr D. Tide has accepted this and agreed to reimburse 50% of the loss from payment made after this point in time. I’ll address later on whether I think it’s fair to make a deduction in this way, but I think it’s reasonable to conclude that Mr D reaching out to Tide at this point meant that when the staff member was asking questions of Mr D that they could have identified a risk to him and blocked further payments until it had been able to discuss the scam with Mr D. However, I think the evidence indicates that it was four payments rather than three that were approved in-app after 18:11. While the transaction details evidence shows a payment for £6.10 being made at 16:45 there is no corresponding payment approval in the activity log at this time like there is with the other disputed payments. There is however, a payment approval at 18:55 on the activity log. On the information available, given this payment appears to be international, I think it’s likely this has affected the timing in the evidence. I also note that the initial scam call began at 17:34 so it’s not clear how this payment fits into

-- 4 of 6 --

the scam if it occurred earlier that day. So, on the evidence available, I think it's reasonable to include it in the list of payments that ought to have been prevented. As Tide accepted my provisional decision, I’ve taken this to mean it agrees this payment should be considered in the settlement. Should Mr D bear any responsibility for his loss? In considering this point, I’ve taken into account what the law says about contributory negligence as well as what’s fair and reasonable in the circumstances of this complaint. The call came from a private number and Mr D says the caller told him there had been fraud on his account which I can understand may well have created a sense of panic and urgency. But by the point at which I’ve concluded Tide ought to have intervened (and therefore regarding the payments relevant to my award), Mr D already had concerns that it could be a scam and told Tide as much. But (as I’ve concluded above) he then went on to approve further payments rather than continue with his chat with Tide. As Mr D denies doing this, we haven’t received an explanation from him as to what happened to persuade him to take these steps, why he did this or why he thought what the scammer told him was plausible. Mr D would have been able to see he hadn’t received a refund and that payments he was approving were leaving the account and payments he was declining weren’t leaving the account. There was also a relevant warning on the payment approval page explaining Tide wouldn’t ask him to approve a payment which I think it would have been reasonable to read and take seriously given Mr D already had concerns about the caller. As I’ve said, I’m persuaded the automated screens would have shown the same warnings each time. For these reasons I think it is fair to hold Mr D responsible for 50% of the payments I’m making an award for in the circumstances. Could Tide have done anything else to recover C’s money? I understand Mr D thinks Tide ought to have done more to stop the payments when he reported the scam, but it wouldn’t have been able to do this as they had already been processed. This is the case even if they showed as pending. As the disputed payments were online card payments, a recovery option that would have been available to Tide would have been through the chargeback scheme. This is a scheme run by the card scheme provider to resolve payment disputes between customers and merchants – subject to the rules they set. Tide wouldn’t be expected to raise a claim that it thought had no prospect of success. As the payments were 3DS approved, it’s unlikely a chargeback would be successful on the grounds of authorisation. And considering the merchants are genuine companies and money remitters, there’s no reason to think the goods/services wouldn’t have provided. Though I accept likely not for the benefit of Mr D. So, while a chargeback could have been successful at the discretion of the merchants I don’t think Tide would have done anything wrong by not pursuing a chargeback on all of the payments in the circumstances. Other points It appears both parties are aware of this, but for completeness more recent codes and regulations which detail where reimbursement is appropriate for victims of authorised push payment fraud do not apply to card payments and so aren’t relevant to this complaint.

-- 5 of 6 --

Mr D has raised concerns in relation to Tide’s compliance with its obligations including around data protection. Our service isn’t a regulator and doesn’t penalise businesses or set their processes / procedures. It is the Information Commissioner’s office and the Financial Conduct Authority that would be responsible for their respective areas. I have considered the individual merits of this complaint – the crux of which is the disputed payments and whether Tide has fairly declined to reimburse them. I understand Mr D’s concerns around the evidence presented but I’m satisfied I have enough to reach a fair outcome in the circumstances. Mr D has referenced some concerns about the service he received from Tide. Insofar as this is ancillary to the payments he is disputing (rather than the complaints process itself) I have considered this. There is an inevitable level of distress and inconvenience that comes with falling victim to a scam and dealing with this, which I don’t think Tide is responsible for. I recognise there has been some confusion caused by Tide, particularly around the chargebacks, but overall I don’t think that the service provided was poor such that a compensatory payment would be appropriate in the circumstances. My final decision My final decision is that ClearBank Limited should: 1. Pay Mr D 50% of the four disputed payments processed after 18:11 on the relevant date – I’ve calculated this to be £638.04. 2. Pay Mr D simple interest on the amount in point 1 at a rate of 8% from the date of the payments to the date of settlement. If ClearBank Limited considers that it’s required by HM Revenue & Customs to deduct tax from this interest, it should tell Mr D how much it’s taken off. It should also give Mr D a tax deduction certificate if he asks for one, so he can reclaim the tax from HM Revenue & Customs if appropriate. Under the rules of the Financial Ombudsman Service, I’m required to ask Mr D to accept or reject my decision before 10 April 2026. Stephanie Mitchell Ombudsman

-- 6 of 6 --