JOINT PRESS RELEASE – FOR IMMEDIATE RELEASE
European credit sector associations call for boosting fraud prevention efforts across the fraud chain
Brussels, 17 September 2024 – The European Credit Sector Associations, composed of the European Association of Cooperative Banks (EACB), the European Banking Federation (EBF), the European Savings and Retail Banking Group (ESBG) welcome the publication by the Euro Retail Payments Board (ERPB) of its Working Group Report on fraud related to retail payments. On top of the three Associations, other key stakeholders from the private and public sector have actively contributed to the Report. It identifies four “gamechanger” actions that are necessary to strengthen the fraud prevention and mitigation across Europe, as well as a set of best practices identified to combat fraud.
Sanne van der Neut, co-Chair of the working group on behalf of the EACB, representing the supply side, highlights: “This report comes at an important point in time. Fraudsters are getting increasingly inventive and the fraud chain is becoming more complex. Fighting this needs a multistakeholder approach and one that goes beyond the payment sector.”
The report is the outcome of a collaborative effort that brings together the perspectives and unique insights from a wide range of parties affected by fraud, including representatives from consumer and merchant organisations, bank and non-bank payment service providers, central banks, the European Banking Authority, the European Commission, the European Data Protection Board, and Europol.
The four “gamechangers” identified for a more effective prevention and mitigation of fraud are:
1) Effective cross-sectoral collaboration beyond the payment industry and shared responsibilities;
2) The sharing of fraud insights and data;
3) A supervisory enforcement and cooperation at EU level across sectors beyond the payment industry;
4) Ensuring that product design prioritises consumer protection.
For each gamechanger, several actions are recommended that EU, national authorities, and the private sector can implement. It is especially noted that these recommendations can be particularly relevant to the work of the European Parliament and the Council, in the context of the ongoing negotiations on the proposal for a Regulation on payment services in the internal market (PSR) and beyond. The conclusions of this cross sectoral collaboration highlight that digital fraud and scams relate to a far broader and more complex matrix than the point of payment alone and should be regulated in a sufficiently comprehensive way outside the auspices of payments regulation.
The paper also includes a list of best practices, intended to serve as a collection of measures that public and private actors can draw upon when combating fraud.
The ERPB Working Group, launched in May 2023, was prompted by the rise of fraudulent activities accelerated by digitalization and social engineering. This initiative underscores the need for all actors in the fraud chain to collaborate more efficiently in preventing and combating fraud.
Read more about the gamechangers in the fight against fraud here.
The post Joint press release on the Report of the ERPB WG on Fraud: European credit sector associations call for boosting fraud prevention efforts across the fraud chain appeared first on EBF.
]]>PRESS RELEASE
x
Paper trail ends in jail time for 1013 money mules
2822 Banks and financial institutions join forces with law enforcement agencies in global effort against money laundering
x
Law enforcement agencies from 26 countries, in collaboration with Europol, Eurojust, INTERPOL and several private industry partners, have once again joined forces to combat a key facilitator of money laundering: money mules and their recruiters. In June, October and November 2023, several operational phases identified 10759 money mules and 474 recruiters, leading to the arrest of 1013 individuals worldwide.
The ninth edition of the European Money Mule Action (EMMA 9), which was funded by EMPACT (https://www.europol.europa.eu/crime-areas-and-statistics/empact) and led by the Netherlands, was the continuation of an established international law enforcement effort. As in previous years, it involved operations around the globe, such as in Colombia, Singapore and Australia.
Results of the operation include:
- 10759 money mules identified
- 474 recruiters/herders identified
- 1013 individuals arrested
- 10736 fraudulent transactions reported
- 4659 investigations initiated
- 2822 banks and financial institutions supported the action
- EUR 100 million losses reported
- EUR 32 million in losses prevented
EMMA is the most extensive international operation of its kind, grounded in the principle that information sharing between the public and private sectors is essential in combating today’s sophisticated crimes. The European Banking Federation (EBF) has been the first industry partner to EMMA since its inception. In this year’s endeavour, with ongoing coordination of the EBF, approximately 2822 banks and financial institutions collaborated with law enforcement. This joint effort also involved online money transfer services, cryptocurrency exchanges, online travel providers and ‘Know Your Customer’ (KYC) companies, as well as multinational computer technology corporations.
X
Crime fuelled by crime
As a coordinated action conducted across Europe and the globe, EMMA aims to fight money mule networks benefitting from different types of criminality, such as cyber-enabled fraud against financial institutions and their customers. Building on investigations conducted with the support of private industry partners, law enforcement authorities can then take action, such as arrests, seizures, house searches and interviews. Operation EMMA’s primary goal is to enhance and exchange cross-border information between the countries involved, thus making a significant contribution to the fight against money mule networks. By doing so, it aims to prevent financial losses and raise awareness about this widespread problem.
The EMMA initiative has successfully strengthened bolstering cross-border collaboration to combat and dismantle money mule networks engaged in international money laundering. These networks operate by transferring (digital or cash) funds received from third parties to other recipients, while earning a commission in the process. The majority of investigations involve cross-border cases: either money is transferred from one country to another, or organised money mules travel globally to open bank accounts, often using fake documentation to deceive KYC procedures.
Recent trends in a globalised criminal landscape
Investigators have reported a number of recent developments in the criminal landscape of international money laundering. One EU Member State has discovered that migrants from Ukraine, seeking refuge from war, are being increasingly targeted as unwitting accomplices in crime. Exploiting their vulnerability and economic distress, criminals coerce them into inadvertently laundering money by forcing them to open bank accounts.
Bank impersonation crimes are also on the rise, with criminals posing as bank officials predominantly targeting elderly people and persuading them to open new accounts. Perpetrators often visit victims in person to obtain copies of identity documents and signatures.
Another alarming trend involves the fraudulent use of artificial intelligence to create fake identities, thus making it possible to bypass KYC security features during online account creation.
In yet another emerging modus operandi, criminals target younger persons and provide them with online means of payment, such as gift cards. These are activated in a tokenisation process for purchasing goods or electronic devices. The mules then hand over the purchased goods to the criminals, who then offer them for sale on the most popular e-commerce marketplaces, receiving a percentage of the illegal proceeds either in cash or in goods.
Investigations have revealed that a series of intricate online fraud schemes are funnelling money into accounts operated by money mules. These schemes include investment scams, compromised business emails, bogus holiday rental listings, middleman scams, phishing, messenger app fraud, help desk fraud, counterfeit bank cards and the use of crypto values transferred from virtual currencies exchanges to e-wallets. This global crackdown aims to make it more difficult for criminals to operate and to disguise the flow of their illicit earnings.
Europol’s role
Europol supported the planning and preparation of all the operation’s phases. The Joint Cybercrime Action Taskforce (J-CAT) (https://www.europol.europa.eu/operations-services-and-innovation/services-support/joint-cybercrime-action-taskforce) supported the actions by facilitating information exchange between law enforcement authorities. During the operational phase, Europol’s analytical support helped to identify the connections between cross-border cases and the money mule networks. Additionally, Europol coordinated and aligned the EMMA 9 awareness campaign (https://www.europol.europa.eu/operations-services-and-innovation/public-awareness-and-prevention-guides/money-muling) with the participating countries and private industry partners.
Participating countries:
Australia, Austria, Bulgaria, Cyprus, Colombia, Czech Republic, Denmark, Estonia, Greece, Hong Kong (China), Hungary, Ireland, Italy, Latvia, Moldova, Netherlands, Poland, Portugal, Romania, Singapore Slovenia, Sweden, Spain, Ukraine, United Kingdom, United States
Participating agencies:
Europol, Eurojust, INTERPOL
Private industry partners:
European Banking Federation, Coinbase, Fourthline, Santander, Tripadvisor, Western Union
k
The post Paper trail ends in jail time for 1013 money mules: 2822 Banks and financial institutions join forces with law enforcement agencies in global effort against money laundering appeared first on EBF.
]]>EBF Response
x
EBF response to European Commission ‘Have Your Say’ Consultation on Financial Data Access Framework proposal
x
BRUSSELS, 6 November 2023 – The European Banking Federation responded to the European Commission’s ‘Have Your Say’ consultation on the proposal for a Financial Data Access Framework (FIDA). The EBF emphasizes the need for a measured approach, striking a balance between the mandatory data sharing elements, and the potential risks on the one hand, and the market driven elements on the other. The framework needs to set the right incentives for innovation while maintaining customer trust, especially in light of the broad scope and number of actors in the ecosystem.
We recommend to:
- Set out a precise scope.
- Include a clear, gradual approach for the negotiation and development of data sharing schemes, supported by a realistic timeline that reflects the complexity of the process.
- Clearly define “Financial Information Services” and strengthen FISP authorization requirements.
- Clarify roles and responsibilities in the operationalisation of permissions dashboards and ensure strong security and protection from fraud.
- Take lessons learned from PSD2, specify the interplay with relevant regulation, and work towards real cross-sectoral data sharing.
.
For more information:
Alexandra Maniati, Senior Director – Innovation & Cybersecurity, a.maniati@ebf.eu
Liga Semane, Policy Adviser – Data & Innovation, l.semane@ebf.eu
About the EBF:
The European Banking Federation is the voice of the European banking sector, bringing together national banking associations from across Europe. The EBF is committed to a thriving European economy that is underpinned by a stable, secure, and inclusive financial ecosystem, and to a flourishing society where financing is available to fund the dreams of citizens, businesses, and innovators everywhere.
The post EBF response to European Commission ‘Have Your Say’ Consultation on Financial Data Access Framework proposal appeared first on EBF.
]]>EBF KEY CONSIDERATIONS
x
EBF key considerations following the publication of the Cyber Resilience Act (CRA) proposal
x
BRUSSELS, 6th March 2023 – Following the publication by the European Commission of the proposal for a Regulation on horizontal cybersecurity requirements for products with digital elements, i.e. the Cyber Resilience Act (CRA), the European Banking Federation (EBF) presents some key considerations of the European banking sector on the published text.
The EBF acknowledges that rules on digital products would contribute to achieving higher cybersecurity levels throughout the entire supply chain. Users of such products, both consumers and business -including banks- would benefit from minimum requirements that would apply to vendors of those products.
However, the EBF is of the view that the financial sector should be excluded from the scope of the CRA proposal, as the recently adopted DORA Regulation provides an extensive cybersecurity and digital operational resilience framework for banks which is equivalent -if not more detailed and comprehensive- to the one introduced by the CRA. It is therefore crucial that DORA should function as lex specialis to the CRA and this should be explicitly mentioned in the proposal’s text, in order to avoid confusion, duplications and overlaps in the rules and requirements on the EU level.
x
For more information please contact:
Alexandra Maniati
Senior Director, Innovation & Cybersecurity, a.maniati@ebf.eu
Dimos Karalis
Policy Adviser – Cybersecurity & Innovation, d.karalis@ebf.eu
x
About the EBF:
The European Banking Federation is the voice of the European banking sector, bringing together 32 national banking associations in Europe that together represent a significant majority of all banking assets in Europe, with 3,500 banks – large and small, wholesale and retail, local and international – while employing approximately two million people. EBF members represent banks that make available loans to the European economy in excess of €20 trillion and that reliably handle more than 400 million payment transactions per day. Launched in 1960, the EBF is committed to a single market for financial services in the European Union and to supporting policies that foster economic growth.
The post EBF key considerations following the publication of the Cyber Resilience Act (CRA) proposal appeared first on EBF.
]]>FROM THE EUROPEAN BANKING FEDERATION:
x
2 469 money mules arrested in worldwide crackdown against money laundering
Law enforcement prevented €17.5 million from being laundered by money mules in three-month action
x
Law enforcement from 25 countries, supported by Europol, Eurojust, INTERPOL and the European Banking Federation (EBF) have joined forces to crack down one of the most important enablers of money laundering: money mules and their recruiters.
During an operational phase carried out between mid-September to end of November 2022, 8 755 money mules were identified, alongside 222 money mule recruiters, and 2 469 individuals were arrested worldwide.
Now in its eighth edition, the European Money Mule Action (EMMA8) has gone international, with actions carried out in as far as Colombia, Singapore and Australia.
EMMA is the largest international operation of its kind, built around the idea that public-private information sharing is key to fighting complex modern crimes. This year, and with the continuing coordination of the EBF, around 1 800 banks and financial institutions supported law enforcement in this action, alongside online money transfer services, cryptocurrency exchanges, Fintech and KYC companies, and multinational computer technology corporations.
Overview of the results
• 2 469 money mules arrested
• 1 648 criminal investigations initiated
• 4 089 fraudulent transactions identified
• € 17.5 million intercepted
Participating countries
Australia, Austria, Bulgaria, Colombia, Cyprus, Czech Republic, Estonia, Greece, Hungary, Singapore and Hong Kong (China), Ireland, Italy, Moldova, Netherlands, Poland, Portugal, Romania, Slovak Republic, Slovenia, Sweden, Switzerland, Spain, United Kingdom, United States.
A link in the money laundering chain
Have you ever been asked to help transfer money by:
• An online friend or love interest?
• Someone offering a way to make easy money?
• Someone claiming to need help as they can’t use their own bank account?
If yes, you may have been talking to a money mule recruiter – and if you did what they asked, you may have committed a crime.
The issue may seem trivial, yet the amount of criminal money being laundered through this method is not. Money mules are a significant part of the money laundering landscape, enabling criminals to swiftly move funds across a network of accounts, often in different countries.
The use of money mules is especially widespread in cybercrime, with the mules transferring the proceeds from their jurisdiction to the criminal’s home country.
#DontBeaMule
This week Europol, together with international partners, the European Banking Federation and financial institutions, will be raising awareness about this crime and its criminal implications through the #DontBeaMule campaign.
The campaign is available for download in 26 languages and will inform the public about how these criminals operate, how they can recognise the signs and what to do if they become a target.
Do you think you might be used as a mule? Act now before it is too late: stop transferring money and notify your bank and your national police immediately.
EMMA8 was carried out in the framework of the European Multidisciplinary Platform Against Criminal Threats (EMPACT) Cybercrime OFS Operational Action Plan led by the Netherlands.
k
The post 2469 money mules arrested in worldwide crackdown against money laundering appeared first on EBF.
]]>The post EBF response to the European Commission’s targeted questionnaire on Open Finance appeared first on EBF.
]]>The post EBF response to European Commission’s Targeted Consultation on the review of the revised Payment Services Directive (PSD2) appeared first on EBF.
]]>Cloud auditing:
Assurance resources
& pooled audits
x
Brussels, 7 July 2022
As consumer expectations and new technologies have emerged, so too have the opportunities cloud computing presents for all businesses, notably Financial Institutions (FIs). For the latter, adopting cloud computing is paramount but must be done in full compliance with the regulatory frameworks in force to safeguard data security and mitigate risk in this virtual environment.
The digital transformation underway continues to re-shape and advance cloud technology and – in turn – the auditing thereof. Indeed, while this technologically-driven advancement is happening, EU regulators are creating a more elaborate regulatory ecosystem for cloud adoption in Europe, addressing, among other aspects, cloud auditing. This paper focuses on the auditing of Cloud Service Providers (CSPs), where the FI directly outsources to the CSP.
x
For more information:
Alexandra Maniati, Senior Director of Innovation & Cybersecurity, a.maniati@ebf.eu
Julian Schmücker, Senior Policy Adviser – Digital Innovation, j.schmucker@ebf.eu
Drs. Patrick Maes
Chair of the Cloud Expert Group and Cloud Banking Forum @ European Banking Federation
Managing Director – Global Head of Bank User Solutions @ Credit Suisse
patrick.maes@credit-suisse.com |drspatrick.maes@gmail.com
x
About the EBF:
The European Banking Federation is the voice of the European banking sector, bringing together national banking associations from across Europe. The EBF is committed to a thriving European economy that is underpinned by a stable, secure and inclusive financial ecosystem, and to a flourishing society where financing is available to fund the dreams of citizens, businesses and innovators everywhere.
Subscribe to the EBF Weekly + FinReg Agenda
Every Friday at noon you can receive the EBF Weekly + Financial Regulation Agenda. This agenda presents an overview of upcoming European and international meetings and conferences in financial regulation, as well as important general financial and economic events and key EBF meetings for the week ahead. CLICK HERE TO SUBSCRIBE
Subscribe to the EBF Morning Brief
The EBF Morning Brief is published Monday through Friday morning and brings you the top banking headlines, relevant announcements from the EU institutions and the latest from the EBF and its members, national banking associations in 32 countries in Europe. CLICK HERE TO SUBSCRIBE
The post Cloud auditing Assurance resources & pooled audits appeared first on EBF.
]]>The post EBF response to European Commission’s Targeted Consultation on a digital euro appeared first on EBF.
]]>THIS PAGE WAS LAST UPDATED ON 8 JUNE 2020
The European Banking Federation updated its position paper on cyber incident reporting by including a new annex describing the Danish Joint Solution for reports on IT Security Events (FLIIS), a successful example of centralised reporting scheme.
The establishment of a centralised hub, aimed at collecting from financial institutions all reports covering incidents and submitting them to the competent authorities, should be considered as the preferred model for reporting of cyber incidents. By fulfilling the above functions, the centralised hub would not only channel and coordinate the submission of reports more quickly and efficiently but also indirectly facilitate the monitoring of cyber risks and trends at the national level.
KEY MESSAGES
This document aims to address the fragmentation of the EU cyber incident reporting framework, resulting from the existence of several different Incident Reporting Requirements across Europe, and to make proposals for regulators and policymakers for fostering information sharing and cooperation between Financial Institutions and Supervisory Authorities.
Depending on the type of incident, the reporting entity and the different legislations that apply, the current regulatory framework for incident reporting is characterised by:
• Different taxonomies;
• Different timelines, thresholds, information requirements and multiple templates for reporting;
• Various actors involved, from both the sender and receiver sides;
• Insufficient clarity in existing communication channels between public bodies and authorities (e.g. Europol, national law enforcement, national financial regulatory bodies, national CERTs).
These elements create additional regulatory and operational burdens that financial institutions have to abide by during or immediately after having suffered a cyber incident1. They also prevent the creation of more centralised and uniform mechanisms that can speed up the reporting process and enable a smoother exchange of information and good practices. Due to the complex rules and reporting channels, existing different requirements result in coordination and compliance challenges.
In order to ensure that financial institutions are able to quickly and effectively report cyber incidents without at the same time sacrificing proper incident management and recovery process, and very much in line with the ESAs Joint Advice on legislative improvements, the European Banking Federation (EBF) makes the following proposals for supervisors and regulators:
• Establish a central reporting and coordination hub in each Member State;
• Harmonise reporting thresholds and create a common taxonomy for cybersecurity incidents;
• Foster public-private real-time collaboration between regulators, supervisors, law enforcement, financial institutions and other cross-sectoral infrastructure actors;
• Further involve national CERTs in information sharing;
• Introduce a regular bi-directional information flow between regulators/ supervisors and the industry.
For more information:
Alexandra Maniati
Head of Cybersecurity & Innovation
a.maniati@ebf.eu
+32 25083736
Sergio Tringali
Policy Adviser
s.tringali@ebf.eu
+32 25083724
Subscribe to the EBF Weekly + FinReg Agenda
Every Friday at noon you can receive the EBF Weekly + Financial Regulation Agenda. This agenda presents an overview of upcoming European and international meetings and conferences in financial regulation, as well as important general financial and economic events and key EBF meetings for the week ahead. CLICK HERE TO SUBSCRIBE
Subscribe to the EBF Morning Brief
The EBF Morning Brief is published Monday through Friday morning and brings you the top banking headlines, relevant announcements from the EU institutions and the latest from the EBF and its members, national banking associations in 32 countries in Europe. CLICK HERE TO SUBSCRIBE
The post Cyber incident reporting – EBF position (Updated version) appeared first on EBF.
]]>