On April 29th, the European Banking Authority (EBA) published an opinion on new types of payment fraud, in accordance with Regulation (EU) No. 2093/2010, which assigns to the Authority the task of developing a coordinated approach to the regulatory treatment and supervision of new or innovative financial activities.
Within the document, the EBA assesses the payment frauds committed in relation to the year 2022, highlighting the use of new, more complex typologies that are no longer based on technical hacking, but rather on so-called “social engineering”, namely psychological behaviours aimed at exploiting the trust of individuals in order to induce them to engage in certain behaviours.
To mitigate the risks of such new types of dynamic fraud, the Authority proposes to implement new security measures aimed at further strengthening the legislative framework provided by (i) the Payment Services Directive (PSD3) and (ii) the Payment Services Regulation (PSR), which will establish anti-fraud requirements for the coming years, as well as (iii) the provisions of the recently entered into force with the Instant Payments Regulation (DPI).