Are we doing enough to combat fraud in the Payments landscape?

Split initiatives are a weakness in fraud defense

Today, payer and payee banks often hold only partial insights, leading to missed fraud signals and delayed responses. The lack of unified visibility in fraud data means that even isolated efforts can fall short, leaving gaps for fraud to slip through.

As fraud becomes increasingly sophisticated, we urge the payments industry to adopt a holistic approach based on shared responsibility, data exchange, and coordinated tools for fraud prevention.

Now, we want to continue the conversation on building momentum and why unified actions matter more than ever.

Fighting fraud on three levels in the payment market

There are already several examples of how efforts are being made at national, international, and industrial level. In Sweden, banks and public authorities are taking joint action to combat fraud, European regulators are strengthening fraud protection, and there is a shift toward unified technical standards.

National Initiatives – Finance Sweden’s Action Plan

In 2024, Sweden launched its Joint Action Plan against rising fraud. It brings together the six largest banks, Finance Sweden, and the national law enforcement. This came as a direct response to the growing number of fraud attacks targeting elderly and vulnerable people, particularly those involving social engineering. By joining forces, banks and authorities aim to strengthen fraud prevention through six targeted measures focused on protecting consumers, improving collaboration, and raising the industry standard for safer payments. The action plan includes measures such as:

• Transaction limits and time delays
• Dual authorization
• Product review and restrictions
• New product control
• Enhanced monitoring
• Data-sharing agreements

A small price to pay for safety

We firmly believe that Sweden’s action plan is a strong step toward better consumer protection, especially against APP fraud. Time delays give potential victims a critical pause to reconsider, and dual authorization adds a second line of defense for those exposed to social manipulation or unauthorized transactions.

As the payment landscape becomes faster and more seamless, tighter controls and product restrictions might feel like a step backward in user experience. However, they are necessary safeguards to help protect vulnerable users from easily onboarding into risky products. It also helps prevent fraudulent funds from being diverted into organized crime and money laundering schemes. Though it might feel like a loss of convenience, it’s a small price to pay for added safety.

Still, the plan’s success depends on consistent application across banks. If protections aren’t uniformly enforced, fraudsters will exploit the weakest links. Banks need to be transparent and accountable in how they enforce these protections. Overall, Sweden’s initiative provides a practical and scalable approach to combating fraud.

Are EU’s regulatory push enough to fully combat fraud?

The EU is taking significant steps with the suggested Payment Service Package. It includes PSD3 with upgraded directives from PSD2, the new Payment Services Regulation (PSR) and FIDA.

Key provisions include:

• Liability changes for Payment Service Providers (PSPs)
• Requirements for monitoring and incident reporting
• Facilitated data-sharing for fraud prevention
• Mandatory consumer protection tools with payee verifications

One standout feature we’d like to highlight is the mandatory payee name and account verification. By giving payers real-time protection to confirm recipient details before executing a payment, it offers a crucial safeguard against APP fraud. This verification, along with stricter customer authentication protocols, and greater transparency is supported under the PSR, making them directly applicable across the EU for more consistent implementation. It also clarifies the use of personal financial data for fraud prevention, easing previous GDPR-related barriers.

Still, payee verification alone isn’t a silver bullet. Fraudsters can create near-identical accounts with names closely resembling legitimate entities—E.g., “421 Resource Management” vs. “421 Resourcé Management” — to trick even cautious payers, making detection difficult.

Ultimately, the payment service package fosters trust and gives institutions a unified framework. For instance, PSPs can build layered defenses by combining consumer protection tools with behavioral analytics. But meaningful impact depends on consistent implementation, smart backend systems, and continued consumer awareness. These tools are only as strong as the ecosystem supporting them.

Industry advancements with ISO 20002

Unlike legacy formats that were often vague and inconsistent, ISO 20022 allows every payment message to carry detailed, machine-readable information. It allows for early flagging of anomalies and detecting suspicious activities.

This level of structure gives fraud prevention teams what they’ve been missing:

• Clarity: Fewer data gaps & blind spots for fraudsters to exploit.
• Automation: Structured fields allow real-time validation, reducing the need for manual review.
• Cross-border consistency: A single global standard makes it harder for fraud to hide in translation between jurisdictions.

Payment processing systems can now operate with cleaner, more consistent data to flag risks more precisely. At the same time, fewer false positives will reduce pressure on fraud teams. For compliance teams, ISO 20022 significantly boosts AML capabilities. With structured fields for payer/payee details, transaction purposes and unique identifiers, transactions become easier to screen, trace, and audit.

These improvements help both the sending and receiving end of a payment to quickly and accurately identify irregularities in names, account numbers, or payment patterns. The richer data also boost pattern detection and share intelligence across banks and borders. It also aligns with global AML frameworks by making it simpler to flag new types of fraud and trace suspicious money flows, strengthening not just individual systems but the collective resilience of the payment ecosystem.

By standardizing and enriching the data exchanged in each transaction, ISO 20022 creates an ecosystem that enables advanced monitoring systems to thrive. It doesn’t just streamline processing; it acts as a core layer of defense, making it far more difficult for fraudulent activity to pass undetected.

Can speed and safety co-exist in the Future of Payments?

Remember the three levels of effort – national, international, and industrial? Just like that, effective fraud defense must operate on three fronts:

1. Before payment: Empowering consumers through education, adjustable delays, payee verification and dual authorization, to recognize and resist scams.

2. During the transaction: Building robust infrastructure with ISO 20022.

3. After payment: Leveraging seamless data sharing and monitoring with behavioral analytics.

As payments are moving closer toward real-time speed, we must prioritize security at every step. So yes, speed and safety can co-exist. But only when built-in defenses, like ISO 20022, protection tools and monitoring operate at the same pace.

Clear guidance, consumer education and mentioned tools, our pre-payment layer, are vital complements to prevent fraud. But more can be done, we should urge governments to mount broad public-awareness campaigns to teach citizens, especially the vulnerable, how to recognize and avoid scams.

All these efforts mark real progress, but most remain in early stages. Full impact depends on unified implementation and closing remaining gaps. Without consistent execution across borders and institutions, fraudsters will find entry points.

With real-time payments, the threat of real-time fraud will exist. And so, it must be countered with real-time prevention. Creating a safe and reliable payment landscape is not only a common interest amongst stakeholders, it is a must.

Nevertheless, our hopes are high for the future.