Banking & Fintech /

EBA and ECB: Joint Report on Payment Fraud – The Crucial Role of Strong Customer Authentication (SCA)

In the realm of law and financial regulation, ensuring the security of payment transactions amidst the rising tide of fraud is a key challenge. In this context, the European Banking Authority (EBA) and the European Central Bank (ECB) have recently published a joint report that thoroughly analyzes payment fraud within the European Economic Area (EEA).

The report meticulously examines the total number of payment transactions and the subset of fraudulent transactions, both in terms of value and volume. It provides detailed data categorized by various payment instruments, including credit transfers, direct debits, card payments, cash withdrawals, and e-money transactions. 

This report not only presents current data but also emphasizes the fundamental role of strong customer authentication (SCA) in combating these threats.

€4.3 Billion – The Cost of Payment Fraud in 2022

The report reveals that payment fraud in the EEA reached €4.3 billion in 2022, while in the first half of 2023, it amounted to €2.0 billion. These figures are alarming and highlight the need for continuous monitoring and strengthening of security measures.

The report reveals that payment fraud in the EEA reached €4.3 billion in 2022, while in the first half of 2023, it amounted to €2.0 billion.

Why SCA Matters?

Strong customer authentication, mandated by the PSD2 directive and supported by technical standards developed by the EBA, provides a legal foundation for protecting against payment fraud.

As the report indicates, transactions authenticated through SCA exhibit significantly lower fraud rates compared to those not subject to this requirement, particularly in card payments. It is no coincidence that these regulations have gained importance in the context of increasing cross-border transactions within the EEA.

Payment Fraud Outside the EEA – A Global Problem

An interesting aspect of the report is the comparative analysis of payment fraud levels in transactions involving counterparts outside the EEA, where SCA is not a legal requirement. In these cases, fraud rates are up to ten times higher than within the EEA. From a legal perspective, this data strongly argues for the need to harmonize security standards at an international level, which could significantly reduce the risk of payment fraud on a global scale.

The report also examines the distribution of fraud losses depending on the type of payment instrument used. These differences indicate varying levels of liability and risk depending on the transaction type—from credit transfers to card payments to e-money transactions. In light of these findings, legal and financial specialists must consider the specific characteristics of each instrument when assessing risk and contractual liability.

What’s Next?

The EBA and ECB, leveraging their legal competencies, have committed to ongoing monitoring and systematic publication of payment fraud data, with plans to release aggregate data annually. While the current report presents data descriptively, future editions may provide more detailed analyses and insights, which will be crucial for further regulatory development in this area.

The EBA and ECB, leveraging their legal competencies, have committed to ongoing monitoring and systematic publication of payment fraud data, with plans to release aggregate data annually.

Conclusion

The EBA and ECB play a critical role in overseeing payment service providers within the EEA, relying on detailed transaction and fraud data reported in compliance with the PSD2 directive. Under Article 96(6) of PSD2, payment service providers are required to report statistical data on fraud to their competent authorities, who then submit aggregated data to the EBA and ECB. The EBA Guidelines on fraud reporting under PSD2 and the ECB Regulation on payment statistics mandate this semi-annual reporting of detailed fraud information.

The joint report from these institutions confirms that strong customer authentication (SCA) effectively reduces payment fraud. Regular analysis and reporting of this data allow for real-time adjustments to regulations, which is crucial for the security of payments across the European Union. This report provides a solid foundation for further strengthening consumer protection and the stability of payment systems.

The full report is available on the EBA and ECB websites.

Author team leader DKP Legal Anna Cichoń
Contact our expert
Write an inquiry: [email protected]
check full info of team member: Anna Cichoń

Contact us

Flaga Polski.POZNANPOLAND
Młyńska 16
61-730 Poznań
+48 61 853 56 48[email protected]
Flaga Polski.WARSAWPOLAND
Rondo ONZ 1
00-124 Warsaw
+48 22 300 16 74[email protected]
Flaga Polski.KRAKOWPOLAND
Opolska 110
31-355 Kraków
+48 61 853 56 48[email protected]
Flaga Polski.ZIELONA GÓRAPOLAND
Jana Sobieskiego 2/3
65-071 Zielona Góra
+48 61 853 56 48[email protected]
Flaga Włoch.MILANITALY
Via F. Sforza 15
20122 Milan
+48 61 853 56 48[email protected]
See all local services