MOTIKA & PARTNERS

Joint Report on (Electronic) Payment Fraud is Released

BUSINESS | ECONOMY

READ MORE

A joint report on payment fraud statistics was released by the European Central Bank (ECB) and the European Banking Authority (EBA), and it has confirmed the beneficial impact of strong client authentication (SCA) on fraud levels.

The report indicates the advantages of the SCA regulations brought about by the PSD2* as well as the corresponding technical standards that the EBA released in 2018 after closely collaborating with the ECB.

The report looks at the volume and value of both the overall number of payment transactions and the subset of fraudulent transactions. It mainly evaluates the amount of payment fraud that businesses in the European Economic Area (EEA) reported, which was €2.0 billion in the first half of 2023 and €4.3 billion in 2022. Apart from the combined figures, the report additionally showcases information based on quantities and arranged according to the kind of payment methods, such as credit transfers, direct debits, card payments, cash withdrawals, and electronic money transactions.

Particularly for card payments, SCA-authenticated transactions showed reduced fraud rates compared to non-SCA transactions, both in terms of amounts and volumes. Additionally, when the counterpart is located outside of the European Economic Area (EEA), where the use of SCA is not legally required and may not have been requested, fraud shares for card payments—both in terms of values and volumes—are ten times greater.

According to the report, the distribution of damages resulting from fraudulent activities among obligation bearers varies according to the type of payment used.

Legal necessity to monitor fraud data

The ECB and the EBA intend to retain monitoring on fraud statistics going ahead and provide the aggregate data once a year. The recently released joint, preliminary report provides observations in a descriptive manner while subsequent editions should offer insights into the data and trends noted.

PSPs ((Payment Service Providers) must provide their competent authorities (NCAs) with statistical data on fraud related to various payment methods in compliance with PSD2’s Article 96(6). In turn, NCAs are expected to supply this data in aggregated form to the ECB and the EBA. The EBA Guidelines on fraud reporting under PSD2, which go into effect on January 1, 2019, provide assistance for these rules by outlining the information that needs to be submitted in accordance with PSD2.

PSPs operating in the Euro area are required by Regulation (EU) No 1409/2013 of the European Central Bank on payments statistics to report comprehensive information on payment fraud to their national central banks. These central banks share the aggregated data with the ECB.

In line with this, data on payments statistics under the ECB Regulation and the EBA guidelines must be reported on a semi-annual basis. The reporting, which is prepared in conjunction by the ECB and the EBA, must provide a thorough summary of the most recent data gathered under the aforementioned frameworks.

You can review the 2024 Report on payment fraud here.


*PSD2 is a revised payment services European directive introduced in 2009 with the aim to improve the payments landscape. Learn more about this highly important European regulation for electronic payment services here.