FCA Findings Bolster Case for Wider Liability in Tackling Romance Fraud

The UK Financial Conduct Authority’s (FCA) discovery of widespread failings in how financial institutions detect, prevent and respond to romance fraud strengthens the argument for extending liability to social media and telecoms firms.

According to the FCA’s , romance fraud cost victims more than £106m in the 2024–25 financial year, a nine percent increase on the previous period.

In one of the most serious cases, a single victim lost £428,000.

Romance scams typically involve criminals building false emotional or romantic relationships with victims, often through social media or dating sites, before persuading them to send money. Around 85 percent of cases originate online.

Steve Smart, executive director of enforcement and market oversight at the FCA, described it as a “vicious crime”.

“All too often it is the vulnerable that fall victim. The impact, financially and personally, can be devastating. We recognise the challenge banks and payment firms have in combating this complex crime and this review aims to help them stay one step ahead of the criminals,” he said.

He added that consumers “all need to be on guard so we can protect ourselves and loved ones by recognising the romance fraud red flags.”

Gaps in detection systems

The FCA found examples of banks providing strong and compassionate support to affected customers, including firms that made repeated welfare calls and monitored accounts closely.

However, it also uncovered multiple missed opportunities to stop suspicious activity.

In one case, a victim made 403 payments over the course of a year without detection.

The review noted that prevention is particularly difficult because victims are often deeply emotionally involved and reluctant to accept they are being defrauded. In nearly half of the cases reviewed, customers misled staff about the purpose of payments.

The regulator highlighted several effective practices such as temporarily blocking high-risk payments, flagging previously victimised customers and referring vulnerable individuals to specialist support teams. A number of firms also used the Banking Protocol to alert police in high-risk cases.

Despite these examples, the FCA said gaps remain in firms’ detection systems, investigative processes and staff training. In some cases, employees failed to challenge customers making unusually large or repeated international transfers, including payments involving crypto-assets.

The report also raised concerns about the inconsistent treatment of vulnerable customers.

In several cases, victims who expressed suicidal thoughts or reported threats of violence from fraudsters did not receive appropriate safeguarding or referrals.

Under the Consumer Duty, firms must act in good faith, avoid foreseeable harm and ensure that customers receive the support they need. This includes recognising signs of vulnerability such as emotional distress, isolation or financial hardship.

The regulator encouraged firms to improve early detection, engage compassionately with victims and collaborate through data-sharing initiatives such as Cifas APP Victim Check to prevent repeat victimisation.

The FCA concluded that combating romance fraud requires a coordinated effort by banks, payment firms and online platforms to identify risks, intervene early and support victims effectively.

The case for extending liability

The FCA has made clear with this that it wants payment service providers (PSPs) to adopt a proactive and victim-focused approach to romance fraud.

Firms should have robust detection and monitoring systems capable of identifying suspicious transactions, including low-value payments and unusual account activity.

Staff should also be well trained to spot red flags, critically probe customer explanations and recognise signs of vulnerability such as emotional distress or social isolation.

The FCA is emphasising the need for PSPs to be able to combine effective technology, skilled staff and empathetic customer support to better prevent financial loss and protect vulnerable customers from increasingly sophisticated romance scams.

Even with these expectations for PSPs, the FCA’s review implicitly strengthens the case for including social media and telecoms firms in reimbursement or prevention frameworks.

The regulator notes that 85 percent of cases originate online, particularly through dating sites and social media, meaning banks often see the problem only after funds have been transferred.

This delayed visibility limits banks’ ability to intervene, suggesting that online platforms, as the first point of contact, play a critical role in preventing financial harm.

By framing platforms as key enablers in romance fraud, the FCA’s findings support arguments for extending responsibility beyond banks and other PSPs.

This aligns with long-standing calls from the financial sector, including lobbying groups such as the Payments Association and UK Finance.

Our premium content is available to users of our services.

To view articles, please Log-in to your account. Alternatively, if you would like to gain access to the tools that will help you navigate compliance risk with confidence please get in touch today.

To read more articles like this, along with gaining access to the tools that will help you navigate compliance risk with confidence, request a demo of our RegTech platform today.

��žž