As of March 2022, Nando’s has seen a sharp increase in the levels of online ordering refunds compared with previous months. This is attributed mainly to an increase in fraudulent behaviour around delivery order refunds, specifically with two main types of refunds (both trigger full refunds): Order Marked Delivered but Not Received (OMDNR) - An order is marked as delivered by the Deliveroo rider but the customer claims they never received the orderSpilt/Damaged orders - A customer claims that the items in the order have been damaged in transit.

Scale of fraud: In January 2022, Nando’s was refunding (across the two refund types mentioned above) approximately 100 orders per day with a total cost of around £3000.At its peak towards the end of March, before action was taken, Nando’s was refunding approximately 365 orders per day at a total cost of £16K per day. Measures enacted at the end of March have stabilised this rate at around 300 orders costing approx. £10.5K per day. Account take over fraud could result in a fine of up to £17million (20m Euro) or 4% of global turnover Fraud at Nando's The growth of our digital channels has also expanded the domain for online fraud.

Malicious actors have more opportunities to commit fraud or take over accounts, meanwhile, our customers expect an easier digital experience, including fast authentication and seamless web and mobile interactivity. To build and maintain brand love and trust, we must strike a balance between delivering seamless multichannel digital experiences, whilst maintaining strong security standards. Optimising our digital channels to meet regulatory demands, fulfill consumer expectations, and ensure resilience against attacks, making cross-functional decisions when designing the secure journey.