http://www.guardian.co.uk/money/2012/may/04/banks-pin-card-fraud
This is a useful article.
“The Financial Services Authority’s Banking Conduct of business states that a bank may only hold a customer liable … where the customer has acted fraudulently, or has “intentionally, or with gross negligence, failed to comply with his or her obligations … to take all reasonable steps to keep its personalised security features safe.”
Emery argues that it is quite possible for a customer to keep the card and pin safe, but for a fraudster to obtain them – or just the card details – through other means, which they then use to perpetrate the fraud. In such cases, the bank must repay the customer in full, he says. The Financial Ombudsman Service, where lots of these cases end up, relies on the payment services directive, which came into force in November 2009.
It says that if someone is a victim of fraud, the bank must refund them immediately – unless it has good grounds to suspect that the cardholder has been negligent or acted fraudulently.
A spokesman told Money this week that use of the correct card and pin is not “evidence of negligence in itself. We have always made it clear to financial businesses that just because a pin has been used correctly in conjunction with a card, does not, in itself, mean that the cardholder should be found responsible for the debt.”
The upshot is that the bank has to investigate thoroughly, rather than just fob him off, and unless there is clear evidence of fraud, rather than just the use of the correct chip and pin, then they should refund.
Financial Ombudsman is the next step if Lloyds’ continue to be arsey, but I’m sure quoting the correct legislation/guidelines and threatening to go to the Ombudsman will get him somewhere.