LONDON — “Bank snitches on grandma” is hardly a headline Britain’s banks want to see.
But a new U.K. bill could make that fear a reality, as the government asks banks to become the unofficial cops of social security fraudsters.
U.K. lenders are urgently pushing back against proposed rules which would allow the government to snoop on bank customers in the name of preventing people from fraudulently claiming state benefits.
The draft legislation — reaching its final stages in parliament — would allow the government to ask banks for extensive details of account holders if they claim almost any form of state funds.
Lenders are worried about the reputational backlash they face by becoming the inadvertent policemen of the benefit system.
“UK Finance and its members have been engaging the government on the current proposals which target both fraud and error,” Daniel Cichocki, the City lobby group’s director of economic crime policy and strategy said. “It is important that the use of these powers is proportionate and any impacts on vulnerable customers considered.”
Broad reach
As it stands, the Department for Work and Pensions (DWP), which oversees the welfare system, is able to request information on bank account holders’ transactions only if there are reasonable grounds to suspect fraud.
But the Data Protection and Digital Information (DPDI) bill, changes that by allowing the government to asks for the transaction details of anyone receiving state benefits at its own discretion.
It has a broad reach including state pensions and social security benefits such as universal credit, working tax credit, child tax credit, child benefit, pension credit, jobseeker’s allowance and personal independence payments.
DWP could, for example, issue a mammoth request to banks for the names of individuals on benefits who have a certain amount of money in their accounts. Someone claiming universal credit cannot have more than £16,000 in cash, savings and investments, so if the government finds a penny more in an account of a benefit claimant, they could be cut off.
But banks don’t want to be the vehicle for the increased snooping powers, especially as the provision is extremely broad in scope. The legislation does not set out a code of practice, which would define what data the government could request, as well as how often they could request it.
“It’s a regulatory nightmare for banks,” said Susannah Copson, legal and policy officer at Big Brother Watch, an anti-surveillance advocacy group.
The number of customers whose details would be passed on to DWP would be huge — likely in the tens of thousands, according to a bank lobbyist, who was granted anonymity to speak freely, as the talks are sensitive and ongoing.
“The scale of data they will have with these powers is quite considerable. So there’s likely to be thousands of customer investigations,” the lobbyist said.
Last-minute changes
The DPDI bill was proposed in 2023 and is still being scrutinized in the U.K. Parliament. It has a range of aims, including improving data security, bolstering national security and preventing fraud. It also wants to require social media companies to hold onto the data of the deceased to aid investigations.
The initial bill did not contain the controversial provision for DWP to request account data from banks. But the government inserted the power via some last-minute amendments last November. Ministers argue the change will save the taxpayer “up to £600 million over the next five years.”
Cracking down on benefit fraud has long been a key aim of the Conservative government. A DWP spokesperson denied the provision amounts to snooping and said more detail is coming: “This measure has been designed to improve efficiency and accuracy in the benefit system, while minimizing any additional administrative burdens on business.”
The DWP is working closely with the banking industry through a working group to create a code of practice on how the plan will work, the spokesperson added. “This is not a surveillance power, and banks are only being asked to share relevant data with us only when it signals potential fraud and error.”
Yet banks — who have already faced bad press in a row over “debanking” individuals whose politics they don’t agree with — fear being responsible for a vulnerable individual losing their benefits.
There’s the fear of error, too: in a preliminary test run by banks, almost half of the accounts which raised concerns were in fact joint accounts.
Banks’ argue that customers are also set to lose. The cost to implement the required systems and checks is likely to be very large and they say this will have to be passed on to borrowers and savers. The policy could also divert bank resources from tackling other types of crime.
“This presents quite a strong draw on resources… that we think would be better placed on serious fraud and organized criminal gangs,” the bank lobbyist said. The net loss to the DWP for benefit fraud or error was £7.3 billion in 2023. Money laundering, by contrast, costs the UK £100 billion a year. And fraud costs the U.K. economy £219 billion a year, a report found.
Fishing expedition
“It’s going to be quite a significant administrative burden,” said Kathryn Wynn, a partner specializing in data protection and privacy at Pinsent Masons. “The risk is [the DWP] goes on a fishing expedition, and they’re not really sure what they’re looking for but because they’ve got powers to request the data, they request it.”
The industry has some support from authorities. Watchdog the Equality and Human Rights Commission advised the government in its written response to the bill to remove the clause, arguing it may lead to “unnecessary and disproportionate checks on the bank accounts of benefit claimants, disproportionately impacting people with certain protected characteristics, including disabled people.”
“We share concerns raised by others that ‘this data could easily be misinterpreted, and benefit sanctions incorrectly imposed’ on vulnerable people in need of support,” the EHRC wrote in advice last year.
Lords on benefits
Should the bill go ahead, the banking industry wants assurances from both the government and regulator Financial Conduct Authority (FCA) about their increased role.
The sector has already received some comfort from the FCA, according to the bank lobbyist. The regulator confirmed that the industry does not have to automatically treat individuals flagged to DWP as potential committers of fraud, which would require them to take action.
Strict rules surround how banks should treat customers suspected of fraud or money laundering, and financial institutions face serious penalties for non-compliance. In 2022, Santander was fined almost £108 million by the FCA for repeated anti-money laundering failures.
The FCA declined to comment.
The bill has already moved through the House of Commons, and is now at the committee stage in the House of Lords, where the next discussion will take place on March 20.
Members of the House of Lords — many of whom are at an age where they qualify for the state pension — are already taking aim at the legislation.
“We’re all unanimous in thinking [this clause] is completely unacceptable,” Timothy Clement-Jones, a Liberal Democrat peer, told POLITICO.
Labour peer Prem Sikka argued there is “no justification for this universal power.”