Consumer protection in EU financial services is entering a more interventionist phase, driven by the finalisation of PSD3/PSR and a clear regulatory shift toward stronger consumer reimbursement rights, mandatory fraud-prevention infrastructure, and tighter accountability for payment service providers in cases of impersonation and APP fraud. At the same time, EU law enforcement is scaling its response to increasingly industrialised, AI-enabled fraud through coordinated operational platforms and cross-border typology sharing.
This edition focuses on the evolving liability framework for PSPs and the expanding regulatory and enforcement ecosystem shaping consumer fraud prevention across the EU.
PSD3/PSR introduces expanded fraud liability and mandatory verification-of-payee obligations for PSPs
Following the ECON vote on 5 May 2026, the agreed text of the Payment Services Regulation (PSR) confirms that payment service providers (PSPs) will be liable to reimburse consumers not only for unauthorised transactions but also for losses from impersonation fraud and APP scams where the PSP failed to implement adequate fraud prevention measures.
The PSR introduces a “verification of payee” requirement for all credit transfers, meaning PSPs must check that the payee name matches the account details before processing. PSPs that fail to provide the verification service are liable for losses arising from misdirected payments. Platform operators may also face liability where they facilitate fraud against payment users.
Consumers retain rights to bring claims to the Financial Ombudsman in addition to the statutory reimbursement scheme. The PSR framework is expected to apply approximately 21 months after Official Journal publication (H2 2027–early 2028).
Key takeaways:
Conduct a gap analysis of current fraud prevention systems against the new PSR impersonation fraud/APP liability requirements; identify weaknesses in transaction monitoring, scam warning workflows, and payee verification infrastructure.
Implement or upgrade verification-of-payee (VoP) systems for credit transfers; note that the Bank of Lithuania and Latvijas Banka are monitoring VoP implementation readiness.
Review and update consumer-facing fraud prevention communications; the PSR places explicit liability on PSPs whose scam warning systems are inadequate.
The source: EU Parliament / EU Council | Date: 2026-05-05
Europol launches EU Anti-Scam Platform to combat industrialised AI-driven fraud
In May 2026, Europol launched the EU Anti-Scam Platform, an operational hub drawing on the European Cybercrime Centre and the European Financial and Economic Crime Centre. The platform addresses the industrialisation of online fraud—including investment scams, impersonation fraud, romance scams, and APP fraud—which collectively cause billions in annual consumer losses across the EU.
Europol’s EAFCS 2026 presentation confirmed that AI-enabled social engineering has significantly lowered the cost and increased the scale of fraud targeting EU consumers. The platform will provide law enforcement agencies with specialised operational briefings and facilitate information sharing on scam typologies.
Key takeaways:
Ensure that consumer scam warning messages are updated to reflect the AI-enabled typologies identified by Europol, particularly AI-generated deepfake communications and impersonation of financial institutions.
Review fraud refund policies in light of the PSR impersonation fraud liability provisions and the EU Anti-Scam Platform’s intelligence; ensure consumer-facing remediation procedures are aligned.
The source: AML Intelligence / Europol | Date: 2026-05-01
As your legal advisors we will be happy to assist you regarding all the questions related to proposed changes in regulation, including legal advice as well as revision and preparation of your internal documents.
Inga Karulaitytė is an attorney-at-law, Partner, and Head of Banking, Finance & FinTech. She is a top-tier expert in FinTech and digital finance regulation in Lithuania and the Baltics. With more than 20 years of experience, she is ranked in FinTechLegal by Chambers and Partners FinTech (2020–2026) and ranked as a Highly Regarded lawyer in Banking and Finance by IFLR1000, Chambers and Partners, and The Legal 500 (2019–2026).
Inga is a Certified Anti-Money Laundering Specialist (CAMS), a Certified Global Sanctions Risk Management Specialist, a certified board member (Corporate Governance Certificate by BICG), and a Certified Internal Auditor.
Newsletter Subscription
Get in touch