COMMISSION OF THE EUROPEAN COMMUNITIES
COMMISSION STAFF WORKING DOCUMENT
Report on the implementation of the EU Fraud Prevention
Action Plan on non-cash means of payment
COMMISSION STAFF WORKING DOCUMENT
Report on the implementation of the EU Fraud Prevention
Action Plan on non-cash means of payment
In the EU Fraud Prevention Action Plan 2001-2003 (hereafter "FPAP")1 the Commission
undertook to submit after 2003 a report to the European Parliament and the Council on
progress achieved in the implementation of the Plan and to propose, if necessary, additional or
alternative measures. The present report provides such an assessment. The structure of the
report follows the five main areas of action of the FPAP. Future actions in this area are
proposed in the EU Fraud Prevention Action Plan 2004-20072.
2. TECHNOLOGICAL IMPROVEMENTS/SECURITY OF PAYMENTS
2.1. FPAP objectives
"The payment industry should provide the highest economically viable level of
security for remote electronic payments by mid 2002 at the latest.
All interested parties, especially national authorities, should contribute to implement
a co-ordinated and structured security approach."
2.2. FPAP action points
"The Commission will organise awareness-raising initiatives, including a Forum on
security of payment product and systems with regard to fraud prevention.
The Commission will launch a study on specific aspects of security of payment
products and systems and their impact on fraud levels and in light of the outcome
envisage specific initiatives."
2.3. Actions undertaken
The Commission organised on 16 September 2003 the Conference "Payments and
Confidence", with a view to improve the information of EU citizens on security
issues and discuss how to improve public confidence. The Conference offered the
views of all stakeholders on this subject.3
Commission Communication “Preventing fraud and counterfeiting of non-cash means of payment”,
COM(2001) 11 final of 9.2.2001.
Commission Communication “A new EU Action Plan 2004-2007 to prevent fraud fraud on non-cash
means of payment”, COM(2004) …
All presentations and proceedings of the conference are available at:
EN 2 EN
The Commission published in September 2003 a study on the security of e-payments
and m-payments in the Internal Market. The study aimed at analysing users'
perception on the security of e-payments in each EU Member State; providing an
assessment on the security of the main classes of e-payments and an analysis whether
the best security is used in practice through an examination of over 600 websites; and
verifying what information is provided to users on security issues.
The security of payments is principally the responsibility of the payment systems
industry. As security is a pre-condition for consumer confidence in payments, the
action of the Commission contributed to raise the awareness on the existing level of
3. EXCHANGE OF INFORMATION
3.1. FPAP objective
"The payment industry and the retail sector, while respecting the rights and freedoms
of individuals and the competition rules, should expand exchanges of information to
promote an earlier detection and notification of fraud attempts."
3.2. FPAP action points
"The Commission will in co-operation with national data protection authorities,
provide guidelines on limits and conditions for exchange of information related to
The Commission will launch a “fraud prevention web-page” with information on
initiatives related to fraud prevention and links to other relevant organisations."
3.3. Actions undertaken
In preparation of the guidelines, the Commission services had meetings with
representatives of the private sector in order to identify concrete problems. The main
issue identified was the impossibility to exchange data on high-risk and fraudulent
merchants. The EU Article 29 Working Party4 agreed to establish an informal sub-
group of representatives of national data protection authorities and of the payment
industry to discuss specific issues. At the first meeting of the Sub-Group it was
clarified that agreed guidelines cannot derogate from the provisions of national
legislation. Therefore this issue was also included in the consultation document on a
New Legal Framework for Payments in the Internal Market5. Strong support was
expressed in favour of a full harmonisation of the EU data protection legislation. The
works of the Article 29 Working Party Sub-group are still under way.
This Group, established under Article 29 of Directive 95/46/EC, includes representatives of the EU
national data protection authorities. Its secretariat is held by the Commission (see
Commission Communication on a New Legal Framework for Payments in the Internal Market
(COM(2003) 718 final)
EN 3 EN
A Fraud Prevention webpage was created on the Commission website6. It covers the
initiatives undertaken under the FPAP, other EU initiatives and links to the relevant
organisations. The webpage could be further developed into a pan-European
reference point for EU citizens and businesses on the prevention of payment fraud.
The exchange of information is essential in any effective fraud prevention strategy.
Both the investigation and prosecution of fraud cases and fraud prevention activities
presuppose such exchange within each Member State and between Member States.
4. TRAINING PROGRAMMES, EDUCATIONAL MATERIAL AND
4.1. FPAP objectives
"The payment systems industry should implement in all EU Member States a
comprehensive law enforcement training programme on preventing fraud and
counterfeiting of non-cash means of payment.
Relevant players (including Europol and Interpol) should have access to information
on training programmes and educational material for law enforcement."
4.2. FPAP action points
"The Commission will organise a high-level conference for senior police officers,
magistrates and prosecutors, to raise awareness on payment fraud and its impact on
the financial systems.
The Commission will convene a meeting to encourage representatives of the payment
industry and law enforcement, to identify key items of evidence needed to effectively
investigate and prosecute payment fraud cases and to provide the information in an
agreed format for cross-border information exchange purposes.
The Commission will organise expert meetings, representing all parties, to discuss
issues related to fraud prevention, review the action points of the Communication
and identify possible further preventive measures."
4.3. Actions undertaken
In March 2003 an EU Card Fraud Forum was organised as the result of the
cooperation between VISA, Mastercard, American Express, the Italian Anti-
counterfeiting Office (UCAMP), the Swedish Bureau for Economic Crime and the
Commission. Around 150 delegates from the EU Member States and Accession
Countries (representing law enforcement, public prosecution, the Judiciary and the
payment industry) actively participated in the discussions based on concrete case
studies. The Forum called for increased efforts in training and awareness raising, for
taking better advantage of the training options already available and for a
clarification of the data protection legislation in the EU. Participants considered the
EN 4 EN
interaction between the judiciary, law enforcement and the private sector as very
productive. It was felt that such event should be organised on a regular basis.
Discussions between law enforcement, the payment industry and other stakeholders
on how to strengthen law enforcement training in the EU took place in workshops
conducted under the EU Forum for the Prevention of Organised Crime7. The training
needs of law enforcement were identified and possible ways forward were proposed.
The main suggestions included deploying more efforts to raise awareness among law
enforcement, public prosecutors and the judiciary on the issue of payment fraud;
providing pan-European training for specialised officers; providing extensive
training to specialised officers that will in turn train other officers (as already done in
some Police Academies) to achieve “multiplier effects”; preparing comprehensive
training packages for specialised officers and update them continuously. Inventories
of training events and tools available to law enforcement were also prepared.
The EU introduced pan-European penal legislation against fraud and counterfeiting
of non-cash means of payment8. This legislation should be applied effectively and
consistently in the EU Member States and serve as a deterrent to commit payment
fraud. It was therefore important to educate the judiciary on payment fraud and to
take steps to strengthen law enforcement training initiatives, in view of a more
effective investigation and prosecution of these crimes.
The meeting to discuss the possible introduction of an agreed template for the cross-
border exchange of evidence related to payment fraud was not organised due to the
launch of other horizontal EU initiatives, such as the Commission proposal for a
European Evidence Warrant.
To fulfil the need for improved co-operation, the EU Fraud Prevention Expert Group,
was established. The Group includes all major stakeholders in payment fraud
prevention in the EU9 and offers a pan-European platform for experts to exchange
information and best practices. Its mandate consisted mainly in following the
implementation of the actions of the EU Fraud Prevention Action Plan and other
relevant initiatives on fraud prevention. In these meetings information was
exchanged, new fraud prevention issues were discussed and in some cases further
preventative measures were identified. The Group met twice per year and had six
meetings between 2001 and 2003.
All these initiatives fostered a stronger cooperation between stakeholders to prevent
fraud, especially at cross-border level.
The EU Forum for the prevention of organised crime was established by the Commission
Communication COM(2000) 786 of 29.11.2000 and is part of the general EU strategy on crime
prevention. The Forum is based on partnership between all stakeholders involved in the prevention of
organised crime. It involves national law enforcement authorities, businesses and professional circles,
academic researchers, non-governmental organisations and civil society as a whole.
EU Framework Decision on fraud and counterfeiting of non-cash means of payment 2001/413/JAI, OJ
L 149 of 2.6.2001, p. 1.
The Group includes representatives of national and EU payment schemes, banks, national Ministries
and Central Banks, law enforcement agencies (including Europol and Interpol), the European Central
Bank, retailers, consumer groups and network operators.
EN 5 EN
5. OTHER FRAUD PREVENTION MEASURES
5.1. FPAP objective
"Parties involved should play their role in preventing fraud and counterfeiting of
non-cash means of payment, and cooperate with each other"
5.2. FPAP action points
"The payment systems industry should review its practices and procedures on an
ongoing basis and discontinue or change those that may favour fraudulent
The payment industry should establish best practice in educational material for
retailers and consumers and produce new material as needed.
Retailers’ organisations and consumers’ associations should exchange information
on educational material and identify the need for further, or improved, material.
Consumers’ associations should prepare guidelines on new risk areas (e.g. on-line
payments) and fraudulent behaviour, and encourage consumers to take all
reasonable steps to prevent fraud.
The retail sector should implement the most advanced technology which is
economically viable. Retailers should be better informed on the status of the payment
instruments presented for acceptance and advised on how to deal with suspicious
Consumers should benefit from a single phone line at EU level to facilitate their
notification of the loss or theft of a payment instrument, or at least a single phone
number for all issuers based in each Member State.
The Commission will organise a meeting with consumers’ organisations and other
interested parties to examine ways to develop and promote consumer education on
the risks associated with different payment mechanisms and how best to avoid them.
The Commission will organise a meeting with a fraud prevention experts group
representing all interested parties to examine the legal and economic guarantees and
obligations of the different parties linked to fraud and counterfeiting of non-cash
Governments and the national authorities should make efforts to improve trust and
confidence in payment products. They should consider implementing expediently the
proposed Framework Decision on fraud and counterfeiting of non-cash means of
In 2003 the Commission will issue a report, which will review progress in
implementing the Fraud Prevention Action Plan and propose additional or
EN 6 EN
5.3. Actions undertaken
The payment card schemes and banks increased their efforts to prevent fraud by
deploying a wide range of initiatives and tools. The commitment of the banking
sector to fight fraud as a priority has been reaffirmed by the establishment of the
Fraud Task Force within the European Payment Council10.
In a workshop held in May 2001 on educational material for the retail sector under
the EU Forum for the Prevention of Organised Crime, the needs of the merchants
were identified, examples of best practice were exchanged and ideas to improve the
quality and diffusion of educational material were developed.
In order to improve the notification of lost/stolen payment cards and analyse the
feasibility of a single phone number in the EU (Card Stop Europe), the Commission
met informally with a group of national and international card stop service providers
and telecommunication companies. It is envisaged that the possible new EU phone
number should be easy to remember and that the calls made to it should be routed to
existing schemes/banks for the blocking. The European Numbering Forum assisted
the Commission in identifying the possible technical options available, based on the
envisaged requirements11. Two surveys were launched to ask EU citizens their views
on the establishment of a single number12. A cost-benefit analysis is under
preparation. Work on establishing a possible single number is still in progress.
The envisaged meetings with consumer organisations and other fraud prevention
experts on consumer education and on the parties' legal and economic guarantees and
obligations in payment fraud were superseded by broader initiatives of the
Commission13. The awareness-raising initiatives on fraud prevention, initially
foreseen on an ad-hoc basis, have been integrated into the general Commission
policy on consumer education. To foster consumer confidence, it is essential to
provide consumers with appropriate information on the security of payments.
The new EU legislation in this area (Framework Decision) was adopted by the
Council in 2001. However, a recent Commission report14 shows that has not been
implemented in all Member States.
The European Payment Council was established in 2002 with the objective to establish a Single
European Payment Area. Since December 2003 it has become the decision-making organisation for the
European banks on payment issues.
At present these options include ETNS (European Telephony Numbering Space) and UIFN (Universal
International Freephone Numbers) numbers. Other numbers may become available in the near future.
Both surveys showed that a very large majority of EU citizens consider a single EU number as an
effective and desirable solution. For more information on the surveys and on Card Stop Europe, see
For example, the DOLCETA project, which aims at providing audio-visual educational tools to PC
users. The DOLCETA module on financial services covers inter alia the prevention of fraud on non-
COM(2004) 346 final, not yet published.
EN 7 EN
6. RELATIONS WITH THIRD COUNTRIES
6.1. FPAP objective
"Third countries should introduce and enforce effectively preventive measures to
combat fraud and counterfeiting of non-cash means of payment."
6.2. FPAP action points
"The European Commission will organise, together with the payment systems
industry, a seminar for the authorities of the candidate countries for EU accession,
in order to raise awareness on payment fraud in these countries.
The Commission will cooperate with other countries, both bilaterally and through
multilateral fora such as the OECD, in order to help combat and prevent fraud."
6.3. Actions undertaken
In December 2001 the Commission organised in cooperation with VISA, Mastercard
and American Express, a seminar on fraud prevention for all government authorities
of the new Member States and Accession Countries involved in payment fraud (law
enforcement, magistrates and public prosecutors, Ministries and Central Banks).
The Commission regularly attends the meetings of the G8 dealing with payment
fraud, notably the Lyon/Roma Law Enforcement Projects Subgroup.
7. NEXT STEPS
The FPAP was strongly supported by all stakeholders. Most actions foreseen were
successfully completed with positive feedback from interested parties. Overall, the
involvement of the Commission was considered useful and important. The FPAP brought
increased attention to the issue of payment fraud.
In the period covered by the FPAP, the combined initiatives of the payment industry, national
authorities and other parties led to a reduction of the annual growth of fraud in the EU15.
The FPAP was based on a close co-operation between public authorities and private parties.
As a result, today the co-operation to prevent fraud has intensified, notably at cross-border
level. However, new threats are emerging, as for example data hacking or identity theft.
For these reasons the Commission intends to continue its action against payment fraud by
adopting a new EU Fraud Prevention Action Plan covering the period 2004-200716. The new
FPAP has been drafted in consultation with the EU Fraud Prevention Expert Group and other
relevant groups17. It will complement the forthcoming Directive on payment services in the
Internal Market, which the Commission intends to propose in 2005, in underpinning the
In 2000 fraud was growing much faster (approximately 50% a year) than it is today (15-20% a year)
Such as the Card Fraud Prevention Task Force of the European Payment Council. Input was provided
also by individual Members of the Payment Systems Market Group and the Payment Systems
Government Expert Group. Europol and law enforcement experts were also consulted.
EN 8 EN
creation of a Single Payment Area in the EU. It should notably continue and further
strengthen the existing initiatives to prevent fraud and contribute to increasing confidence in
non-cash means of payments.
EN 9 EN