"Under the current PSD2, banks hold the power. If a victim of online fraud reports the crime to their bank, the institution then undergoes a review of the case to decide whether they should be reimbursed. The current model can often leave victims in an uncertain and potentially perilous financial position until the bank determines whether or not to repay them."
"Banks often use the gross negligence defense to delay reimbursement. Rantos's opinion, which is not yet legally binding, looks to flip this on its head, forcing banks to pay victims immediately, regardless of whether gross negligence led to the fraud's success, and then reclaim the money after the case is reviewed."
"Under the EU's payment processing regulations, gross negligence can be argued in cases where victims are tricked into handing attackers a one-time passcode or their login details, which the criminal then uses to enrich themselves by making unauthorized payments."
Advocate General Athanasios Rantos has issued a legal opinion recommending changes to the Second Payment Services Directive (PSD2) to strengthen protections for cybercrime victims. Currently, banks control reimbursement decisions and often invoke gross negligence defenses to delay payments, leaving victims in financial uncertainty. Rantos proposes reversing this approach: banks would reimburse victims immediately upon fraud reports, then investigate and reclaim funds if gross negligence is proven. This change would protect victims of scams like bank impersonation and phishing attacks, where criminals trick people into revealing security credentials or one-time passcodes. The opinion aims to shift financial burden from vulnerable victims to banks during the investigation period.
#cybercrime-victim-protection #payment-services-directive-psd2 #bank-fraud-reimbursement #eu-financial-regulation #gross-negligence-defense
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]