Europe may have answers to US wire fraud questions

movement by citygroup The New York attorney general’s dismissal of what was called a “misguided” and “unimaginative” wire fraud case has been controversial among bankers, many of whom sympathize. city’s Despite the pushback, some argue that banks can do more to protect their customers.

The move also highlights the ongoing debate in the United States and abroad about who should be held responsible when consumers lose money to bank impersonation fraud. While Europe is moving toward making banks more accountable, we haven’t seen any such proposals in the United States.

State Attorney General Letitia James said: sued citibank In January, a case of “clear red flags for identity theft and account takeover” was poorly handled and $40,000 was stolen in a wire transfer after clicking on a fraudulent link received in a text message. He was indicted for allowing a customer to commit fraud. message. city denied her accusations, according to lawsuit.

James’ office said the customer “did not provide any information” after clicking on the fraudulent link he received. However, after clicking on the link, an unauthorized user changed her online banking password, registered her account with an online wire transfer service, and attempted an unsuccessful wire transfer of $39,999. After that, we successfully transferred $40,000. This accounted for most of her later savings. Recent retirement.

this month, citygroup filed a motion to dismiss the lawsuit. Online wire fraud on the rise these days However, banks claim they are not responsible for repaying customers defrauded by wire fraud.

“There is no denying that the problem is real,” the bank wrote, but the New York AG’s lawsuit “ignores long-established understandings” of banks’ liability in fraud cases.

In response to the motion to dismiss the lawsuit, bankers on LinkedIn primarily responded in defense of their financial institutions.

“In this case, the victim appears to have clicked on the following link: city,” Said Ana Campaneria Villarini, director of corporate fraud at BankUnited, said: “Well, the victim was deceived. It’s sad, but it’s not the bank’s fault. Why should the bank be held responsible?”

Many respondents expressed sympathy to varying degrees. One commenter, fraud and cybersecurity consultant Elena Michaeli, said that while banks have little recourse if victims provide their banking credentials to fraudsters, banks have much more protection than consumers. He pointed out that he had a lot of data and tools at his disposal.

In Europe, parliamentarians suggested This is a change that could potentially entitle consumers to a refund in the case of bank impersonation, where fraudsters impersonate the consumer’s bank and trick the consumer into parting with their money. According to the proposed regulations, payment service providers would only be exempted from refund liability in cases of “gross negligence”, such as when victims fall into the same system multiple times or when the impersonation is unconvincing.

The proposal would also create a legal basis for payment service providers to voluntarily exchange users’ personal data pursuant to information-sharing arrangements with the aim of reducing fraud. The law requires that such information sharing be done in accordance with the European General Data Protection Regulation.

The proposal is being considered by the European Parliament and the European Council, and although the exact timeline is still unclear, the changes to fraud liability and data-sharing arrangements will take place once European member states agree before they come into force. It may take 18-24 months. Union.

“The bill is currently expected to take effect in 2026,” wrote global law firm DLA Piper. blog post About the proposal.

In the United States, the Treasury Department recently hinted that: lack of legal basis For the voluntary sharing of fraudulent data among banks in a recent report on artificial intelligence. According to the report, “most financial institutions” interviewed expressed the need for stronger collaboration in the area of ​​fraud prevention.

“The sharing of fraud data will support the development of advanced fraud detection tools and better identification of emerging trends and risks,” the report said, adding that such data sharing will help identify cybersecurity threats and risks. It likens it to similar arrangements banks have in place to share anti-money laundering data.

When it comes to who is responsible when a consumer falls victim to a scam and shares their bank account information with someone masquerading as their bank account, both U.S. lawmakers and regulators have generally focused on wire fraud schemes. has not submitted a proposal to change the current standard that the customer is responsible for They get hooked.

In similar cases, consumers can be held liable if they fall for a scam and mistakenly send a payment through a person-to-person payment network like Zelle. The closest regulators have come to changing his fraud liability standards for P2P payments was with guidance from the Consumer Financial Protection Bureau: expected to be issued In response to an increase in fraud on Zelle in 2022.However, no such guidance has reached the authorities Agenda for rulemakingRather, the agency is proposing to examine payment marketplaces operated by Apple, Google, PayPal, and others to ensure they comply with existing consumer protection laws.