Scams tailor-made for the pandemic have been painful reminders of how quickly fraudsters adapt and exploit new vulnerabilities. In the same vein, the increasing integration and acceleration of the European payments ecosystem through SEPA and the ramp-up of instant payments have opened new doors for fraudsters.
Payment service providers (PSPs) across Europe increasingly recognise that their fraud prevention and detection tools not only have to be fast: they should also be able to follow fraud across borders and allow relevant parties to join forces in fighting it. European regulators are also considering further measures to ensure a high level of security for retail payments, as detailed for instance in the European Commission’s Retail Payments Strategy for the EU.
Data and intelligence sharing as a key to boosting fraud detection and prevention
Consequently, many PSPs have started to engage in collective fraud combatting initiatives, both at national and pan-European levels, in addition to strengthening their real-time fraud prevention and detection capabilities (e.g. through AI). Assembling individual pieces of the puzzle to see the whole picture is expected to make a major difference for fraud detection and prevention alike, which is why practitioners have stepped up activities to make progress in both areas.
A fraud expert group launched by the Euro Banking Association (EBA) in 2020 has been looking into providing added value by identifying the minimum requirements for enabling a pan-European fraud intelligence approach. Currently, the group is finalising a pan-European fraud taxonomy to help practitioners to categorise fraud cases in a harmonised fashion and provide a common basis for any intelligence and data sharing activities.
The EBA is not the only entity looking into such topics at a pan-European level. The European Payments Council put in place a group in 2020 to facilitate fraud data collection and analysis, information sharing, and prevention measures related to the SEPA payment schemes. Other initiatives are trying to tackle specific pain points or use cases by facilitating a bilateral exchange of data.
Sharing data as part of the payment transaction: the fraud information field
One very straight-forward bilateral way for PSPs to share information for fraud checking purposes is to include it in the actual payment transaction. This could be done by implementing an optional field in the inter-PSP payment message dataset. This field could be of particular benefit for instant payments, where checks for fraud and anti-money laundering need to be executed within split seconds, leaving no time for background checks.
The SCT Inst Migration Action Round Table (SMART2), an expert group on instant payments facilitated by the EBA, promotes the use of this optional field to provide beneficiary PSPs with contextual information geared at enriching and easing their fraud assessment processes. Information about the payment initiation channel or purpose (e.g. for salary payments) could help beneficiary PSPs detect unusual patterns or exceptional circumstances around one or several payments – patterns that they may not be able to detect based on their data alone.
In their Recommendation Note, SMART2 participants argue that this field would be especially valuable if PSPs were to use it widely and uniformly across Europe. At present, however, a pan-European delivery of this promising fraud-fighting tool is hampered by the fragmented legal landscape: in several countries, PSPs remain concerned that even the exchange of contextual data might entail additional liability risks, especially for beneficiary PSPs.
Making sure you have the right beneficiary: conducting an IBAN/name check
A frequent pain point for payers today is the lack of certainty that a given IBAN relates to the payee they intend to pay money to. This is where the British Confirmation of the Payee or the Dutch IBAN/Name Check solutions come in. They allow gathering feedback from the beneficiary PSP on the match between the payee’s IBAN and name before payment initiation. However, confirming payee identity can be complex for corporate accounts, which represents a particular challenge for any pan-European solution. National solutions often have access to a central registry where they can cross-check registered corporate entities. What is more, it may be difficult to deploy a uniform liability regime for any pan-European solution.
On the other hand, the European Commission has included the assessment of the effectiveness of an IBAN/beneficiary name check in its Euro Retail Payments Strategy, which may be a first step towards overcoming the challenges that have prevented its EU-wide implementation so far.
A new instrument to exchange and check data before the payment: request to pay
For payees and payers looking for additional certainty before the actual payment, the new pan-European request-to-pay instrument scheduled for launch in mid-June 2021 may prove to make a tangible difference. Imagine a consumer responding to the donation call of a new charity: request to pay ensures that the payer receives a notification from the payee to confirm the payment amount and account destination before any money is sent. This information allows the payer to check whether the payment goes to the intended party before accepting to pay.
As the examples in this article show, supply side collaboration is key for the improvement of fraud combatting in the European payments ecosystem. The prospering number of cooperative fraud-fighting initiatives is a promising signal. But the challenges they are struggling with also demonstrate that their success will heavily depend on harmonisation progress made in other areas, with full regulatory harmonisation ranking at the top of this list.
This editorial was first published in our Financial Crime and Fraud Report 2021 - How to Fight Fraud and Master KYC, Onboarding & Digital ID, which provides a comprehensive overview of the major trends driving growth in fraud prevention, identity management, digital onboarding and KYC, transaction monitoring, financial crime compliance, regtech, and more.
About Thomas Egner
About Euro Banking Association
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now