What will Triodos Bank do if money is taken from my business account fraudulently?

What are the minimum investment amounts in the impact investment funds?

We offer four impact investment funds - the Triodos Global Equities Impact Fund, the Triodos Pioneer Impact Fund, the Triodos Future Generations Fund and the Triodos Sterling Bond Impact Fund. All the Impact Funds are available in two different share classes, distribution and capitalisation.

You can invest from as little as £25 per month when setting up a regular monthly investment, or from £250 for a lump sum or top up.

Was this helpful?

What happens if the Business Account operator needs to be changed or I want to remove my Business Account operator?

You will need to complete a Change of Account Operator form. Please select the correct form depending on whether you have a loan, current account or deposit account. The forms can be found below, or we can send a form to you if you don’t have access to a printer. We will change these details when we receive the completed form signed by the existing account operator(s).

Was this helpful?

Can you help me to access the Covid-19 loan schemes?

We’re doing our very best to support our customers and other ethical organisations during this difficult time. If you are an existing lending customer, please contact your Relationship Manager to discuss your circumstances.

A new debt finance programme, the Recovery Loan Scheme (RLS) 3, was announced by the Government and will come into effect shortly. Whilst we were accredited under the CBILS and original RLS schemes, we are not an accredited lender for RLS 3 at this moment in time. If you are looking to access this scheme, more information can be found on the British Business Bank website.

If you have a question regarding your existing CBILS or RLS facility with Triodos Bank, please contact your Relationship Manager.

Was this helpful?

What financial support is the Government offering businesses?

The Government has set up several schemes to support businesses through the challenges of Covid-19:

Coronavirus Business Interruption Loan Schemes
There are now several different loan schemes in place to help businesses affected by the Covid-19 outbreak to access bank lending and overdrafts. The distinct schemes are designed to support different kinds of organisations, dependent on size and financing need.

Coronavirus Job Retention Scheme
All UK employers with a PAYE scheme are able to access this support in order to continue paying part of the salary for those employees who would otherwise have been laid off during this crisis (‘furloughed workers’).

Statutory Sick Pay Rebate
This initiative allows small and medium-sized businesses to reclaim Statutory Sick Pay paid for staff absence due to coronavirus

HMRC tax helpline
HMRC has set up a helpline for businesses and self-employed people who are concerned about paying their tax due to COVID-19.

Three-month VAT Deferral
Defer Valued Added Tax (VAT) payments due between 20 March 2020 and 30 June 2020

Small business grant funding
Available for small businesses in England that already pay little or no business rates because of small business rate relief, rural rate relief and tapered relief. Some aspects of business support are devolved. For business support outside of England go to Scotland, and Wales.

Was this helpful?

What is bank impersonation fraud?

Bank impersonation fraud is when a fraudster impersonates someone from the bank in order to trick a victim into making payments to a fraudulent account.

What a fraudster might do:

A fraudster usually calls their victim, though may use email or another contact method. It’s likely they already know information about the victim, including their name and who they bank with.
While impersonating the bank staff member, the fraudster might tell the victim their account is under threat and they need to make payments to a “safe account” or set up payments in order to “block the funds”.
The fraudster might ask for details from the Digipass so they can access the account and make payments to the fraudulent account themselves.
The fraudster might ask the victim to download screen sharing software so they can view or control the victim’s computer. This can make it easier to take control of the account.
In any scenario, the fraudster will foster a feeling of panic in order to get the victim to comply with their requests as quickly as possible.
Fraudsters might also impersonate other well-known, trusted companies such as Microsoft, Apple, BT or HMRC.

What Triodos Bank will never do

We’ll never call you to tell you to log into internet banking or to make a payment to a “safe account”. If we believe your account to be under threat, we can block the account ourselves and do not need you to do anything from your end.
We’ll never ask you for your full Digipass number or your Digipass PIN.
We’ll never ask you to download any software onto your PC or mobile phone.

What you can do to protect yourself

Never give out your personal details to someone who has called you unexpectedly.
Never download any software onto your PC or mobile phone when asked by someone over the phone or by email – even if you think you are speaking to a trusted organisation.
Never give anyone your Digipass number or your Digipass PIN. Triodos will never ask for this information.
Do not let someone else use your Digipass – even a colleague or family member. Your Digipass is assigned to you as an individual and must only be used by yourself. If you leave your place of work, please let us know and we can arrange for your Digipass to be cancelled.
If you are unsure about someone who has called you claiming to be from the bank or another company, hang up and call back on the company’s published telephone number.

Was this helpful?

What is phishing?

Phishing is a common type of internet fraud. Phishing emails are designed to appear as though they are from a legitimate source, but intend to steal personal information that can be used to access your account.

Do not respond to any email that asks for any information in relation to your internet banking log in details. If you have received a suspicious email, do not respond and call us if you need any further information.

Our opening hours are published on our help and support page.

Was this helpful?

What is money muling?

Money mules are people used to help launder money, often without realising that’s what they’re doing. They help move illegitimate funds (money gained illegally) between accounts so that the money then appears to be legitimate. They may be asked to receive money into their account, then withdraw it and put it into another account, sometimes in another country. Sometimes the money mules are offered compensation or commission.

Even if money mules don’t know the money they’re transferring is fraudulent, they are still committing fraud and money laundering, and could be sentenced to time in prison or to pay a fine.

Money mules are often recruited into this activity through false job adverts, or social media posts that promote quick money-making opportunities. Sometimes they are duped by fake social media profiles that pretend to want a romantic relationship with the victim to gain their trust and affection before asking this favour or blackmailing them. This is also known as romance fraud.

Never move money between accounts you don’t know and trust, especially because someone else has asked you to, or if you don’t know where that money has come from. If you are suspicious of money laundering, call us immediately on 0330 355 0355.

Was this helpful?

How could fraudsters get hold of my data?

Fraudsters often look for data on people that they can use to impersonate or defraud them.

They may research you or your colleagues, so we advise that you educate your staff about protecting their data and ensure they are fraud aware too.

What kind of data might a fraudster steal?

Personal details, such as your name, address, date of birth and National Insurance number.
Contact details like your mobile phone, landline, work number and email address(es).
Memorable information used for security and passwords, such as mother’s maiden name, schools or university attended, pet names, car makes and names of family members.
Your bank account number, sort code and card details.
PINs, passwords, Digipass number or other login details.

Ways fraudsters might get hold of your data:

Social media and online forums – LinkedIn, Facebook, Twitter, Instagram, Reddit – all public platforms could hold a wealth of information about you, your employees, your business and your customers.
Your company website – if your business has a website, consider what information you include. We advise you not to put your bank details on your website, as fraudsters can use this to impersonate you or your bank.
Competitions and quizzes – particularly those found on social media websites.
Calling you and pretending to be a trusted organisation.
Companies who sell your email address or phone number - always read terms and conditions when signing up for a product or service.
Bank statements, post and paper documents. Always lock away documents that hold sensitive information and destroy them when no longer required.
Hacking into email accounts. Ensure your IT systems are secure and be wary of using shared internet connections outside of work. Consider that your suppliers, customers and partners can also have their emails hacked. We recommend that you do not share sensitive data via email – if you need to, encrypt the information with a password.

Was this helpful?

What should I do if I suspect fraudulent activity may have taken place on my account?

We take all incidents of fraud or suspected fraud seriously and understand it can be very worrying for our customers. We have systems in place to help monitor and protect against fraud but in some instances you may be concerned about a transaction. If so please contact us as soon as possible. For further information on safeguarding yourself against fraud please see the Take 5 campaign information.

Was this helpful?

How do I protect my business from fraud?

Criminals are experts at impersonating people, organisations, and the police. They spend hours researching you for their scams, hoping you’ll let your guard down for just a moment. Stop and think. It could protect you and your business’ money. Before making a payment, follow the advice fromTake Five to Stop Fraud:

Take a moment to stop and think before parting with your money or personal information. It could keep you safe.
Ask yourself, could it be fake? It’s ok to reject, refuse or ignore any requests. Only criminals will try to rush or panic you.
Do your research and be suspicious of any too-good-to-be-true offers or prices.
Remember, your bank or the police will never ask you to transfer money to a safe account.

When you are making a payment:

Always follow any advice or warnings from your bank or payment service provider.
Your bank might ask you extra questions about a payment. This is to help keep you safe. Always answer these questions truthfully. If someone is asking you to lie or telling you what to say to your bank, then it’s very likely to be a scam.
It might take slightly longer for a payment to leave your account. This is so we time to do extra checks to keep you safe from fraud.

Was this helpful?

What should I do if I have received a suspicious email claiming to be from Triodos?

What is vishing?

Vishing is where a fraudster uses voice messages or phone calls to try to steal identities, and financial information like your PIN, card details and Digipass code.

The term comes from the combination of ‘phishing’ and ‘voice’. Phishing is where fraudsters use email, regular phone calls and fake websites to dupe people into giving them personal details and financial information.

Vishing is specifically the use of a VOIP service (Voice Over Internet Protocol, or an internet phone service), which enables fraudsters to communicate with their potential victims via automated voice messages and the phone keypad.

Vishers can create fake caller ID profiles so that their phone number seems legitimate, and vishing requests sound urgent, to panic the victim into acting without thinking.

Examples of vishing:

Your bank account has been compromised
You receive call from what appears to be Triodos Bank’s phone number. When you answer, you hear a recording pretending to be from Triodos, saying that your bank account has been compromised, and you need to call a freephone number to reset your security details. Calling this number, you would hear another automated message asking for your bank account number, Digipass code or other personal details via the phone keypad.
You’re eligible for a loan
You are offered loan or credit terms too good to be true (they probably are), and to receive the money, you just need to pay an upfront fee or provide your security details.
You’re due a refund
You receive a message that says you are due a refund. This is usually someone claiming to be from a trusted organisation. If you opt in – usually by pressing a number on your telephone - you will be redirected to a call centre agent who will attempt to defraud you or steal your information.
Don’t miss this investment opportunity
An automated voice message tells you about an investment opportunity too good to turn down. You’ll be encouraged to transfer money to invest in a company or service that doesn’t exist.
You’ve won a prize
Victims hear an automated voice message about a free offer or prize, and just need to pay postage, redemption or admin fees to claim. There’s often a deadline to hurry people into handing over their card details.

What you can do

If you receive an unexpected phone call with an automated response, hang up, search for the company’s genuine contact details online and check whether the call was legitimate. If it was, the company will be able to help you, and if it was a vishing attempt, letting the company know enables them to take action, and you will have protected yourself from fraud.

If the call relates to an investment opportunity, check the FCA register to see if the investor is regulated, and confirm the company exists by checking Companies House.

How to report a vishing scam

If you think you have been a victim of a vishing attack, call us immediately on 0330 355 0355. Then report to the FCA using their reporting form.

If you have lost money to suspected investment fraud, report it to Action Fraud on 0300 123 2040.

Was this helpful?

How much of my deposits are protected by the Financial Services Compensation Scheme?

The Financial Services Compensation Scheme (FSCS) is a UK body which gives you automatic protection up to £85,000 if your bank, building society, or credit union goes out of business.

Your eligible deposits with Triodos Bank UK are protected up to a total of £85,000 by the FSCS. An eligible deposit is money in accounts such as current and savings accounts, including cash ISAs. With Triodos, this will also cover cash held in investment accounts but not the investments themselves.

Please note that the £85,000 will apply to the total of all eligible deposits with Triodos Bank rather than per account or product. Any deposits over this amount are unlikely to be covered.

For more information, please visit the Triodos FSCS webpage.

Was this helpful?

When is a fraudulent authorised push payment (APP) payment covered?

Rules in place from 07 October 2024 mean that banks must reimburse Authorised Push Payment (APP) scam claims which meet the below criteria. If you have authorised a payment which does not meet the below criteria, please still contact us as soon as possible on 0330 355 0355 (or +44 (0)1179 739339 if calling from abroad) to report this.

Covered

⦁ Payments made within the UK. You are not covered for a payment sent overseas.
⦁ Payments made using Faster Payments (a quick way of sending money between bank accounts).
⦁ Payments made using CHAPS.
⦁ Payments from personal accounts if they are not being used for trade or business.
⦁ Payments made by micro-enterprises and certain charities.

Not covered

There are some situations where you won’t be able to get your money back. This includes if:
⦁ you haven’t taken the steps needed to meet the Consumer Standard of Caution.
⦁ you paid using cash, a cheque, or a credit, debit, or prepaid card.
⦁ it’s a civil dispute: for example, if you've paid a genuine retailer or business but you aren’t satisfied with the product or service you’ve received.
⦁ you have acted fraudulently yourself – including if you have lied or misrepresented your circumstances for financial gain.
⦁ it’s a payment you have made to another account that you control.
⦁ the payment you made is unlawful: for example, if the payment was for an illegal item.
⦁ it is a payment to and from an account with a credit union, municipal bank, or a national savings bank.

If a payment is taken from your account by someone else without your permission it is called unauthorised fraud. For example, if your bank card is stolen and used to buy something in a shop or online. There are separate rules that cover this type of fraud. Contact us immediately if you spot any transactions that you do not recognise.

Was this helpful?

What is smishing?

I think I’ve received a spam text – what should I do?

If the text is from a sender you know, or from a shortcode (five to eight digits long):

Reply ‘STOP’. You shouldn’t be charged for this, and it will let the sender know you don’t want to receive their text messages.
If you’re unhappy about receiving the text or continue to receive them after asking the sender to stop, you can complain to the Information Commissioners Office (ICO) on 0303 123 1113 or online.

If the spoof text message (sometimes known as smishing) is from an unknown sender, or from an organisation you’re not familiar with:

Do not reply or click on a link in the text. Responding confirms your number is active and could result in you receiving more messages or calls.
Report the spam text to your network operator. Simply forward the text to 7726. An easy way to remember ‘7726’ is that they’re the numbers on your phone keypad that spell out the word ‘SPAM’. You may get an automated response thanking you for the report and giving you further instructions if needed, like forwarding on the number the spam text message was sent from. You won’t be charged for forwarding spam texts to 7726.

Was this helpful?

If my business has been a victim of Authorised Push Payment (APP) fraud, how long will it take to be reimbursed?

Every claim will be assessed on a case-by-case basis. As part of the process we will consider the evidence presented by you, any service providers involved and – where relevant – a third party, such as the police.
If your claim is valid, in most cases your business account should be reimbursed within five business days of making a claim. Business days are Monday to Friday and exclude all UK bank holidays and includes additional holidays in Northern Ireland and Scotland.
In some case it can take up to 35 days to be reimbursed. This is when we need extra time to gather information from you, the bank that received the payment, or a statutory body (such as the Financial Conduct Authority) to inform their assessment of the case.

Was this helpful?

Why does Triodos use NatWest Group as its clearing bank in the UK?

Historically, smaller challenger banks such as Triodos had no option but to utilise one of the “big four” banks (NatWest Group, Lloyds, HSBC and Barclays) for payment clearing services.

So it is not unusual to see banks of Triodos’ size (or indeed some far bigger organisations) still utilising the “big four” clearing banks.

However, there is currently a real drive by the government, via the Payments Systems Regulator, to promote competition in the banking sector and to encourage innovation in payment systems.

This has resulted in a wider choice of clearing options (including alternative providers and/or direct clearing) now available to challenger banks.

While changing our clearing arrangements would be a very large undertaking we continue to review the options, remaining conscious of maintaining a high quality of service for all our customers.

Was this helpful?

How do you say Triodos?

Are you part of the current account switching service (CASS)?

What is invoice fraud?

This is when fraudsters send fake invoices claiming to be from a real business you work with. Sometimes they hack the emails of your supplier to send the invoice, so the email address is genuine, but the payment details are changed to those owned by the fraudster. It’s sensible to call your suppliers on the number on their website to verify their payment details before you pay new account details for the first time.

Steps you can take to protect against invoice fraud:

Check invoices carefully
All staff who process supplier invoices and have the authority to change bank details should check supplier names, addresses, invoice amount and bank details to ensure they’re correct.
Verify payment changes
If a supplier asks to update their payment details, always verify it with them by calling the number on their website.
Follow up invoice payments
When you pay a supplier invoice, let the supplier know the payment has been made, confirming the amount and bank details paid into.
Check bank statements carefully
Report all suspicious debits to your bank immediately.
Call suppliers back
If you are suspicious about a phone request, say you’ll call the supplier back. Use the number published on their website or saved to your phone so you know it’s the genuine number you’re calling.
Review public information about your suppliers
Fraudsters often thoroughly research suppliers of organisations so that they can convincingly impersonate them. It may be a good idea to remove any information about your suppliers from your website and other public materials.

Was this helpful?

How can I spot a fraudulent phone call?

It can be very difficult to spot a fraudulent call. The best thing you can do if you get an unexpected call – especially if the person is asking you to make a payment or move funds, or rushing you to make a decision – is to call the organisation back on the number published on their website.

Fraudsters may call you or someone in your team and pretend to be a well-known business like BT, the bank, HMRC, the police, a supplier or even another person in your business.

Examples of what a fraudster might ask you to do:

Move your money to a safe, secure holding account
Fraudsters often call businesses pretending to be from their bank. They may ask you to move your money to a safe account because of suspected fraud or risk to your account. In reality, this ‘safe’ account is controlled by the fraudster. Hang up and report it to Action Fraud UK and your bank.
Change the payment details of one of your suppliers
Fraudsters often impersonate suppliers and ask businesses to pay into a new account – controlled by the fraudster. Check the caller is genuinely your supplier by calling back on the number on their website or, better still, by calling your direct contact at the company.
Download something – software, a programme, app or other online tool
Fraudsters may tell you there’s something wrong with your computer and it’s not secure. By downloading some software, they’ll be able to fix it for you. They might even offer you compensation or a refund for this inconvenience. In reality, the downloaded software could give them access to your computer. They may ask you to log in to your internet banking so they can issue your refund, when really they’re asking you to authorise payments into their own account. Triodos will never call you out of the blue and ask you to transfer money into another account, or download something onto your device.
Tell them your Digipass codes
Your Digipass codes give permission for money to leave your account. Never give these codes, no matter what they tell you. We will never ask you for these codes.

Was this helpful?

How can I check that calls from Triodos Bank are genuine?

If you receive a call from Triodos, we’ll be happy for you to question who we are and call us back on the number published on our website, just to make sure. If you can, call us back from a different phone, as an extra safety precaution. Fraudsters can clone numbers, so it may look like the number we use to call you.

We will never call you to ask you to transfer money or for your Digipass codes, and we will never ask you to download software onto your device. If someone calls pretending to be from Triodos, and they ask you to do these things, hang up immediately and report it to us on 0330 355 0355.

Was this helpful?

What is CEO fraud?

CEO Fraud is when cyber criminals hack into company email accounts, or set up a fake personal email account, to impersonate the CEO, Managing Director or senior staff and ask an employee to make payments to an account managed by the fraudster. They’ll typically target a company's finance department, but may also target other employees who have authority to make payments.

Usually the request sounds urgent, to panic the employee into acting without thinking and going through the usual checks and balances. The kinds of payments they’ll ask you to make are invoices for a supplier, utility or service, or products the company needs.

Related FAQs

Related how-to guides

Related downloads

Find what you were looking for?

Your personal cookie settings