According to the ‘2024 Report on Payment Fraud’, jointly issued by the European Banking Authority and the European Central Bank in August, payment fraud losses for European credit transfers have remained stable over the past few years. If one compares these figures to card statistics, however, it becomes clear that this is not good news: for credit transfers, the average value of a fraud loss stood at EUR 1,823, which is roughly 21 times that of fraudulent card transactions. At current, customers bear more than 80% of these losses – that is 3.4 times the losses they have to absorb in relation to card-related fraud.
The effective tackling of credit transfer fraud and the minimisation of customer impact will be key success factors for the rise of instant payments, which is currently driven by the new EU Instant Payments Regulation (IPR).
As of October 2025, payment service providers (PSPs) in Europe are mandated to offer instant payments to their customers. European reach and identical price levels for the different SEPA credit Transfers will make instant payments increasingly attractive.
This is already beginning to show: while SEPA Instant Credit Transfers (SCT Inst) still accounted for a small fraction of total payments in 2023, they were growing at a rate of 35% per year. In July 2024, EBA CLEARING’s instant payment system RT1 processed 95.2 million SCT Inst, the highest number of transactions processed per month since its launch in 2017.
Instant payment growth is set for significant acceleration, and if past evidence holds, it will be driven by new and emerging payment behaviours rather than by the displacement of conventional SEPA Credit Transfer (SCT) volumes.
Instant payments could become very attractive for consumers and businesses, but they are just as attractive for fraudsters: funds can be moved faster between payment accounts and across borders, and PSPs have only seconds to run fraud checks and a very limited chance to recover funds in case of fraud.
As a result, the total fraud rate for SCT Inst is around 6 times higher than for SCT. It will grow substantially, if not addressed, as instant payment volumes increase.
PSPs have been working to remove unnecessary or bad friction from the instant payment transaction process. The goal is to make it as seamless as tapping your card to pay. But these convenience levels also come with heightened risk, especially for use cases that do not involve a point-of-sale. SCT Inst transactions are 24/7 and can reach any beneficiary account within seconds: once the transfer is sent, it is gone for good.
Fraudsters are good at instilling a sense of urgency, getting victims to send the transaction without thinking twice. Protecting customers means creating good friction, pauses in the right moment and for a real reason of concern. Otherwise, we might see fraud rates soar, confidence in the system crumble and customers moving towards other payment rails.
The IPR introduces the requirement for PSPs to perform a Verification of Payee (VOP) check before sending any SEPA credit transfer. The payer's PSP will verify if the payee's name matches the payee's IBAN and inform the payer of the match outcome allowing them to decide whether to authorise the payment. This will help address certain fraud types, such as creditor impersonation. It will also help reduce misdirected payments due to customers mixing up IBANs.
With VOP checks, PSPs can introduce good friction to the payment process, which will help build confidence and a safer instant payments ecosystem. But one should keep in mind that, while it is powerful, VoP is not a silver bullet. It will neither be useful in all payment channels nor will it prevent all cases of authorised push payment fraud.
On top of it, fraudsters will adapt quickly. This means that the ecosystem needs to adapt even more quickly.
PSPs should look beyond regulatory compliance and make VOP part of a more holistic approach to address growing fraud challenges. To successfully fight fraud end to end, this approach should involve collective action and anticipate PSD3 requirements.
With EBA CLEARING, STEP2, and RT1 users have joined forces to fight fraud across SEPA. Together, they have developed Fraud Pattern and Anomaly Detection (FPAD), a fraud-fighting functionality that gives the users of the company’s SEPA Credit and Instant Credit Transfer services access to a wide range of real-time fraud prevention and detection tools. The fraud patterns and anomalies detected by FPAD complement the PSPs’ individual anti-fraud capabilities with a pan-European network view on transaction and beneficiary risk. The FPAD tools and insights can and will also be leveraged for a pan-European VOP solution. But most importantly, they will help PSPs make a difference in tackling all of the other important fraud-related challenges too.
This editorial was first published in The Paypers' Next-Gen Technologies to Detect Fraud and Financial Crime Report 2024. The report explores how banks, fintechs, and PSPs are using AI and emerging technologies to detect and combat sophisticated fraud.
About Erwin Kulk
Erwin Kulk is Head of Service Development and Management at EBA CLEARING, where he is responsible for the management of the EURO1, STEP2, and RT1 services, as well as the development of new services. He has over 20 years of experience in the field of interbank payment processing.
About EBA CLEARING
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now