Financial Ombudsman Service decision

DRN-6321946

Unauthorised TransactionComplaint not upheld
Get your free defence insight →Email to a colleague
Get your free defence insight on the case against you →

The verbatim text of this Financial Ombudsman Service decision. Sourced directly from the FOS published decisions register. Consumer names are reduced to initials by FOS at point of publication. Not an AI summary, not a paraphrase — every word below is the original decision.

Full decision

The complaint Mr K complains Nationwide Building Society (“Nationwide”) refuses to refund him for transactions on his account he says he didn’t authorise. What happened The facts of this complaint are well known to both parties, so I won’t repeat them in detail here. In short, Mr K says he noticed eight transactions on his account between 14 and 20 March 2025 which he didn’t authorise. He says no one else has his Nationwide online banking login details, and no one has had access to his device. Mr K says he has had some trouble logging into the app recently and his card had been declined online, and he thinks this might be related to the fraud on his account. Mr K says Nationwide should refund the transactions in dispute as unauthorised. Nationwide considered this complaint but decided not to uphold it. Our investigator then completed an independent review of all the evidence and information provided in this case to come to a fair and reasonable conclusion. Having done so, she felt the evidence strongly suggests the transactions were all authorised as they were completed online via the Nationwide app on Mr K’s device. Mr K wasn’t happy with this outcome, so the complaint has been passed to me for a final decision. What I’ve decided – and why I’ve considered all the available evidence and arguments to decide what’s fair and reasonable in the circumstances of this complaint. Before I set out my thoughts, I want to acknowledge that I have summarised this complaint briefly and, in less detail than has been provided. I’ve focused on what I think is the heart of the matter. Please rest assured that while I may not comment on every point raised, I have considered it. I’m satisfied that I don’t need to comment on every individual point or argument to be able to reach what I think is the right outcome. Our rules allow me to do this and reflect the fact that we are an informal service and a free alternative for consumers to the courts. Generally speaking, Nationwide is required to refund any unauthorised payments made from Mr K’s account. Those rules are set out in the Payment Service Regulations 2017. Mr K said he didn’t carry out the transactions in dispute. I then have to give my view on whether I think Mr K did authorise the transactions or not. The evidence shows that all the transactions in dispute were faster payments, made in Mr K’s online banking app by adding the payee and transferring the money directly to the beneficiary’s account. The evidence also shows this was done from Mr K’s device, the same device that has been linked to his account since 2023. Mr K says he hasn’t shared his device with anyone else, and his phone is protected with a passcode and biometrics. Mr K also told us that he hasn’t shared his online banking details with anyone else.

-- 1 of 2 --

So, the question here is, how could someone else have made these transactions on Mr K’s device and via his online banking app, which recorded biometric login for each transaction. And, Mr K told us he had his device in his possession the whole time, but he is adamant he wasn’t responsible for these. Mr K said his online banking app not working correctly around the time these transactions were made, and now that he has reset his phone it is working well. I haven’t seen any evidence from Nationwide that the app had any problems around the time, but I’ve taken what Mr K has said about this into consideration. So, I’ve considered the possibility that someone might have remote access to his phone, but based on the evidence, I don’t think that’s likely. I’ll explain why. We initially asked Mr K if he had received any suspicious phone calls, clicked on any suspicious links, or downloaded any new unknown apps – to which he said no to all. To gain remote access to someone else’s device, remote access software needs to be installed. In addition to this, a one-time passcode (OTP) needs to be shared with the remote third party to connect with the device in question. But Mr K hasn’t told us anything of this sort, in fact he says he has only received OTPs to log in to his banking app and hasn’t clicked any links from messages or emails. And without the app and the OTP, it’s unlikely someone else could’ve gained remote access to his device. Our investigator outlined a situation in which Mr K was tricked into making these payments by a scammer. But Mr K hasn’t responded to confirm that this is what happened either. It follows then that the evidence shows it’s more likely that Mr K made these payments. And in the absence of any persuasive evidence as to how someone else could’ve made these payments without his knowledge and consent, I can’t say it is fair to ask Nationwide to refund them as unauthorised. So, I am not upholding this complaint and Nationwide do not need to do anything further. My final decision I am not upholding this complaint. Under the rules of the Financial Ombudsman Service, I’m required to ask Mr K to accept or reject my decision before 26 May 2026. Sienna Mahboobani Ombudsman

-- 2 of 2 --