There are expanded risks and consumer harms that come with financial service digitalisation. A digitised financial system has more participants, multiple points of vulnerability and a wider range of risks as fraud and cyberattacks can be perpetrated from anywhere around the globe. Consequently, more consumers are being deceived into transferring money, sharing credentials, or authorising payments that feel legitimate in the moment, but devastating in hindsight. Consumers are also more at risk of losing funds or data through system and provider error or breach.

By 2028, global losses to online payment fraud alone are projected to reach $362 billion. As digital finance becomes more embedded in everyday life, there is greater need to cultivate sound digital financial systems that assist consumers who fall victim to these increasing threats.

In earlier blogs in this series, we explored how liability in digital finance is shifting, and how responsibility is being distributed across banks, fintechs, telecom providers and digital platforms. This blog argues that with the complexities of modern data sharing value chains, liability is far more complicated when there is a data loss that results in financial loss. These complications mean:

1. Liability determination may take longer than it did in traditional recourse models.
2. It is even more unclear to consumers who is liable and consequently where to go to lodge a complaint.

Therefore, even where liability rules exist, an important question remains:

When a consumer loses money, where do they go for help, and how can financial systems ensure effective and quick redress in this complexity?

The answer is not always obvious, and in many markets, the absence of clear, accessible recourse leaves victims exposed. Even where specialised recourse mechanisms are in place, they are seldom designed for the complexity of modern data sharing value chains as they assume a direct relationship between financial service providers (FSP) and their clients.

In those cases, there is usually a clear recourse channel directly to the FSP, and an escalation pathway to a designated external recourse structure such as a financial ombudsperson or regulator. That external recourse system typically has jurisdiction only over financial service providers, meaning the recourse system may not be able address loss that arises from a different part of the digital financial services value chain.

Moreover, in many jurisdictions there is still a tendency for providers to push disproportionate liability onto consumers, which can go unchecked by regulation. This can be problematic especially when consumers are not best placed to protect themselves, which is often the case. As recourse mechanisms are essential infrastructure for trust, inclusion and consumer protection, they must be carefully redesigned alongside liability regimes to account for these new complexities and harmful biases.

Evolving approaches towards recourse

Across the world, jurisdictions are updating or introducing different models for recourse. Although there is no uniform recourse structure across the globe, and no jurisdiction has fully navigated the current complexities, the following elements and structures significantly contribute to an effective recourse framework:

Clear complaint channels alongside rapid acknowledgement and response

Australia’s “no wrong door” approach. The key tenet of this approach is that it should not matter whether the consumer reports a scam to their bank, their telco, or an online platform – the complaint must still be addressed in an appropriate way. Under the updated scams prevention framework, effective from March 2026, the Australian Financial Complaints Authority will be the single external dispute resolution provider, which is intended to improve the coordination and efficiency of recourse for consumers.

Mechanisms that decouple recourse from liability in cases of unauthorised payments in multi-party transactions combined with clear escalation channels

Europe’s PSD2. Under PSD2, a consumer must submit a complaint directly to their relevant payment service provider (PSP), which is required to respond within 15 business days. In cases of unauthorised transactions, the payment account holder (typically the consumer’s bank) must refund the consumer promptly upon notification. The burden of resolving liability does not fall on the consumer. Once the refund is made, the account-holding PSP may seek compensation from other PSPs involved in the transaction, where appropriate. This approach presents an example of how jurisdictions can decouple recourse and liability. If the consumer is not satisfied with the PSP’s response, they can escalate the matter to an alternative dispute resolution channel such as an ombudsman, the relevant regulator or if still unattended seek judicial recourse.

Consumer-friendly burden of proof

The United Kingdom’s shared reimbursement model. The complaints and escalation procedures for consumers in the United Kingdom are similar to those in the European Union. However, the United Kingdom introduced one of the most significant reimbursement frameworks globally, where sending and receiving payment service providers share responsibility in reimbursing consumers who have lodged complaints surrounding authorised push-payment fraud losses. Under this framework, consumers must be reimbursed unless the provider can show the consumer was grossly negligent. This is intended to create confidence in the payment system and incentivise prevention.

Protection that does not depend on litigation

In the absence of specialised mechanisms, the default assumption is that consumers can seek justice through legal channels. However, this is rarely realistic because judicial routes are often slow, expensive, inaccessible, intimidating, and not suited to the rapidly moving nature of digital fraud and losses. It is also inappropriate for these, already backlogged courts, to be dealing with small-value payment disputes. Moreover, consumers may face literacy barriers, which can reduce the likelihood of them engaging with legal channels. The specific country examples above all ensure that legal action is either unnecessary in recourse or the last resort when all other channels have failed.

Recourse in the African context

An important question is how global ideas towards recourse translate to African markets.

Recourse is also becoming increasingly complex on the African continent. However, most jurisdictions, including some of those that have larger markets, do not have even foundational recourse elements in place. A review we did for the Alliance for Financial Inclusion showed that only 11 of 20 African member institutions report addressing complaints-handling specific to digital financial services in their regulation. Most African financial regulators understand the principles of good recourse, but do not have the funding or support to implement them. Ultimately, whether by choice or default, recourse is usually considered as an add-on rather than a priority.

Even where basic recourse structures exist on paper, practical accessibility and effectiveness remain limited.

Many African jurisdictions, such as Kenya, require financial service providers to maintain complaints channels and standards, and the avenue for a consumer to escalate a complaint is often the regulator. Although a sector regulator can be a valuable recourse pathway, there are often internal issues such as a lack of capacity, lower priority, or inadequate skillsets, which can make the regulator ill-equipped to handle these escalated complaints. This means that in many cases even simple recourse escalation is not effective, making the shift to suitable recourse in the more complex modern environment even more challenging for African nations.

More developed recourse mechanisms still have limitations.

For example, South Africa’s evolving ombuds landscape, including the National Financial Ombud Scheme, creates a single entry point for consumers. However, its authority does not extend to telecommunications providers or online platforms, which are now central actors in financial processes. This means more work needs to be done to ensure a single recourse channel for consumers.

Efforts to align recourse to new liability structures prove challenging.

In Uganda, courts have begun shifting liability through judicial decisions but judges themselves have noted that redistribution of scam and fraud losses is ultimately a matter of public policy for regulators and parliament. For now, certain requirements such as sound reporting channels and stronger fraud detection obligations have been introduced. These measures strengthen reporting channels but do not yet amount to a clear, systematic liability and recourse framework.

Recourse mechanisms need to be revisited in almost all jurisdictions.

Recourse mechanisms have yet to catch up with the complexities of liability in digital finance. Although there are promising international examples, there is a broader need to reconsider how best to structure recourse mechanisms to centre the consumer, ensuring accessible and effective recourse that ultimately safeguards inclusion, trust and the integrity of the financial system itself. This gap provides an opportunity for African jurisdictions to build recourse mechanisms that address the foundational elements that are still underdeveloped and take into account the complexity inherent in digital financial services.