As Australia’s New Payments Platform (NPP) enables money to move in seconds, scams are accelerating, and reversing a fraudulent transaction can take days, if it’s even possible. The country is seeing a surge in authorised push payment scams, where victims are tricked into sending money to accounts controlled by criminals. The financial industry is now fighting back with a deceptively simple solution: confirm the account name matches the account number before the money leaves. This added layer of verification, known as “confirmation of payee,” is being championed as a way to reduce fraud without slowing down the speed of real-time payments.
On July 2nd the country’s banks switched on an industry-wide Confirmation of Payee (CoP) service, the first national rollout of its kind outside Europe. The scheme, developed by Australian Payments Plus (AP+), flashes a traffic-light match result, green, amber or red, whenever someone pays to a BSB and account number. Customers see instantly if “Sarah Chen” is really behind 062-000 / 1020304, or if something looks off. AP+ expects coverage to reach “the majority of Australians by the end of the year” as more institutions plug in.
The scale of the problem
Faster payments have transformed Australian commerce: the NPP already shifts about A$5 billion every day through services like Osko and PayID. Yet the same 24/7 pipes have turbo-charged authorised push-payment (APP) fraud, where victims willingly send funds to crooks posing as businesses, lovers or government officials. Total scam losses across all channels hit A$2.7 billion in 2023, according to the National Anti-Scam Centre, even after a year-on-year decline. APP fraud is now the fastest-growing slice of that pie.
Banks have thrown armour at the problem—behavioural analytics, biometric log-ins, scam call-blocking apps—but none protect the moment of pay-out. A 2023 pilot run by CBA showed CoP warnings persuaded customers to abandon or amend 31% of suspect transfers, a far higher interception rate than SMS alerts. The logic: stop the money before it moves, not after.
How Confirmation of Payee works
When a payer enters a BSB and account number, the sending bank pings the recipient bank’s database. Three outcomes are returned:
- Match (green): the name and account line up.
- Partial match (amber): the details are close but not exact—maybe “Bob” versus “Robert”.
- No match (red): the name doesn’t tally; rethink the payment.
Because the check happens inside the banking perimeter, no personal data leaves the system—only a yes/no confidence score. That design choice kept regulators happy and allowed AP+ to mandate a single API for more than 100 institutions, from the “big four” to regional mutuals. Commonwealth Bank was first out of the gate, promising full coverage via the CommBank app this month.(commbank.com.au)
Proof it works
Sceptics point to the UK, where CoP has been live since 2020 yet APP fraud is still running at £459 million a year. But zoom in and the picture is brighter: by late-2023 CoP covered 99% of GBP accounts and had already cut APP fraud 17% in its first full year—even before mandatory reimbursement rules kick in next year.
The Netherlands offers an even sharper benchmark. Dutch and French banks that introduced IBAN Name Check reported an 81% plunge in invoice-redirection scams and a 67% drop in misdirected payments. That is the outcome Australian policymakers—and Asian neighbours watching closely—hope to replicate.
Why Asia should pay attention
Across the region, instant-payment rails are blossoming faster than the controls that keep them safe. Singapore and Thailand linked PayNow and PromptPay for retail cross-border transfers back in 2021. Malaysia, Indonesia and the Philippines are next. Yet none of the corridors has a name-match guard-rail at either end. Regulators worry that criminals will simply roam from one jurisdiction to the next, exploiting gaps in identity verification.
Malaysia is already counting the cost: online-banking scams drained RM3.18 billion (US $708 million) between 2021 and April 2024, affecting nearly 100,000 victims. The lesson from Europe is stark—fraudsters gravitate to the weakest link. As Asia stitches its instant-payment grid together, a CoP-style overlay could become the price of entry.
The liability question
Technology alone will not stop scams if customers ignore warnings. In the UK, that dilemma led regulators to force banks to reimburse most APP losses from October 2025. Australia has yet to impose a similar “polluter-pays” rule, but consumer groups are pushing hard. AP+ is betting that if CoP works, mandatory reimbursement may prove unnecessary—a carrot for banks to lean in quickly.
For lenders the calculus is changing. Under the old model, refunding victims was a cost centre; CoP flips the script. Early adopters can market themselves as “scam-safe” and win share from laggards. They also avoid the regulatory hammer that inevitably follows a headline-grabbing loss.
Implementation headaches
CoP is not a silver bullet. Accuracy hinges on clean data—nicknames, joint accounts and trading names can all trigger false “no-match” results that frustrate genuine payees. Smaller institutions face the cost of building near-real-time API gateways. And unlike the UK, Australia chose a “centralised” look-up operated by payments-hub SWIFT, raising the bar on technology integration.
Still, the industry argues that the economics stack up. AP+ quotes independent modelling suggesting every dollar spent on CoP infrastructure will save three dollars in prevented fraud and mistaken payments over five years. The figure assumes scam losses keep climbing at their current double-digit clip—a bet no bank wants to take.
A blueprint for the region
For Asia’s policymakers, Australia’s rollout offers a live laboratory. It is large enough (30 million transactional accounts), complex enough (BSB/account versus alias-based PayID) and digitally mature enough (95 % mobile-banking penetration) to yield meaningful data within months. If CoP bends the fraud curve, expect Singapore, Malaysia and even India’s much-lauded UPI to bake name-check into their next-generation schemes.
Conversely, if adoption stalls—because consumers tap through red alerts or fringe banks drag their feet—regulators may conclude that only mandatory reimbursement creates the right incentives. Either way, the experiment will shape the governance playbook for fast payments across the world’s most dynamic fintech region.
The bottom line
Instant payments are table-stakes for a modern economy; instant regret should not be. Australia has drawn a bright line in the sand: no name match, no money. Whether that maxim resonates beyond its shores depends on how effectively banks operationalise CoP and how seriously customers treat its warnings.