logo
IT Natives
Fraud challenges
Regulations
Risk Control Conceptarrow
Career
email iconlinkedin icon
logo
hamburger icon
IT Natives
Fraud challenges
Regulations
Risk Control Concept

End-user protection

Device fingerprintCustomer identification

Fraud prevention

Financial fraud prevention and monitoringCredit risk monitoringAnti-money laundering (AML)Sanctions screening

IT security

GeneralSIEMDevices

Observability

GeneralElasticCisco
Career
Homearrow

Hungarian and EU regulation

Hungarian and
EU regulations

Background

The digitalisation process increased

As the digitalisation process has increased and the world around us has changed, the financial sector has also been transformed.

With the dynamic spread of smart devices, we are also using them to manage our finances. Social media has opened up the possibility to reach users easily and online. This also creates new opportunities for fraud.

Criminals in the digital space are turning their focus towards online payments. The dynamics of these frauds are a cause for concern.

Accordingly, supervisory authorities seek to improve the systemic protection of the financial sector by setting requirements for the banking sector through regulation. The following are the laws and recommendations that we believe are relevant.

regulation
  • Transaction value limit introduction, and option to set value limit by customer (01.09.2024)
  • Use of the operation monitoring mechanisms described in the Recommendation. (01.03.2025)
  • Customer behaviour analysis (01.09.2024)
  • In support of rules-based montiring, AI/MI, customer profiles (01.03.2025)
  • Calculation and use of risk value for transactions (01.03.2025)
  • System success rate measurement (prevention rate) (01.03.2025)
  • Customernotifications via electronic channel (renewal, activation, etc.), alerts via another electronic channel (SCA)
  • Verification of the integrity of multifunctional devices and identification of signs of their vulnerability, according to the risk and frequency (e.g.in more detail when a new mobile application is used for the first time)
  • Use of an integrity checking solution provided by the vendor of the deviceoperating system, if a vendor solution is available.
  • Restriction, proportionate to the risks involved, of other transactions related to paymenttransactions that can be executed with multifunction devices with damaged integrity (e.g. hacked, rooted orjailbreak).

Payment services fraud

On 23 June 2023, the Hungarian National Bank issued Recommendation 5/2023 on payment services fraud. In this recommendation, the Supervisory Authority sets out the expectations it expects the Bank to have for effective fraud prevention, including prevention, detection, deterrence and treatment.

Payment services fraud

On 28th June 2023, the European Commission introduced a draft proposal encompassing a comprehensive Payment Services package. This package includes the third Payment Services Directive(PSD3) and a fresh Payment Services Regulation (PSR), intended to replace the current PSD2 and Electronic Money Directive.

PSD3, the upcoming legislation, is designed to regulate electronic payments and the banking ecosystem in the European Union's single market. PSD3 introducesrevised rules to enhance consumer protection and foster competition in electronic payments.

  • PSD3 proposal: fraud and liability
    Scope:The existing PSD2 framework is not prepared to deal with emerging types of fraud such as spoofing or impersonation fraud.
  • PSD3 proposal: improving strong customer authentication
    Scope: under which circumstances certain types of transactions may be exempted from the obligation to apply strong customer authentication (SCA). In the case of remote payments, the specific amount and payee should be explicitly linked to the transaction, which must be authenticated by the payer.
  • PSD3/PS proposal: improving open banking
    Data access interfaces. Banks are no longer required to maintain two permanent dataaccess interfaces unless an exemption applies. However, open banking providersmay have access to emergency data access facilities in special and temporarysituations. Protect the business continuity of open banking providers.
logoIT NativesFraud challengesRegulationsRisk Control ConceptCareer
emaillinkedin

Copyright IT Natives Zrt.

2024.