Fresh EU Directive strengthens powers against financial cyber fraud

Stolen payment credentials profits criminals over a billion every year, meaning new powers are long overdue

European Union

Specifically focussing on fraud and counterfeiting of non-cash means of payment, the language of a new European Directive has been agreed upon to strengthen rules surrounding cyber crime.

The new Directive, supplementing the EU's scaled up response to cyber crime, will enhance member states' capacity to prosecute cyber criminals.

The rules which govern payments made with bank cards, mobile payments and payments via cryptocurrencies, aim to offer the penalties for fraud of this type more uniformity to deter cyber criminals from targeting those in states with more lenient punishments for cyber crime.

The Directive is also committed to offering victims of non-cash fraud better access to advice and support to limit the consequential damage against them following a cyber attack. Provisions for the exchanging of information between states will also be improved in an effort to close cross-border cases more quickly.

Advertisement - Article continues below

"We are building a safer Europe for our citizens - offline as well as online, and today we deliver on this commitment," said Dimitris Avramopoulos, Commissioner for Home Affairs, Migration and Citizenship. "These new rules will help us crack down on those who steal from our citizens through online fraud, and ensure that our citizens are better protected."

Advertisement - Article continues below

Current EU law governing non-cash payment fraud was drafted back in 2001 so the new law is required to adequately serve today's challenges and technological developments. Since 2001, mobile payments and virtual currencies have become commonplace and such, the law must reflect the criminal demands of today's society. It's also estimated that cyber criminals may be profiting as much as 1.8 billion every year, so the need for new laws has never been greater.

"Strengthening deterrence is crucial to tackling cybercrime -- malicious cyber actors need to know that they face serious consequences," said Julian King, Commissioner for the Security Union. "Today's agreement gives member states a stronger tool to effectively fight online fraud, and provides a forceful disincentive to would-be cyber-criminals."

Advertisement - Article continues below

The Directive will have to be formally approved and adopted by the European Parliament and the Council, and once it is, member states will have up to two years to draft domestic laws which enforce the Directive's rules.

The initial proposal for the updated Directive was featured in President Jean-Claude Juncker's 2017 State of the Union Address and the news follows Monday's agreement on the language of the new EU Cybersecurity Act.

The new Act aims to better support member states with tackling cyber threats and to establish an EU framework for cyber security certification. The framework will deliver technical guidelines for procedures and standards to ensure a high level of cyber security in IoT devices, smart cards and ICT infrastructure. Once approved by the European Parliament an Council, the Act will be drafted into the EU Official Journal and take effect immediately.

Featured Resources

Navigating the new normal: A fast guide to remote working

A smooth transition will support operations for years to come

Download now

Putting a spotlight on cyber security

An examination of the current cyber security landscape

Download now

The economics of infrastructure scalability

Find the most cost-effective and least risky way to scale

Download now

IT operations overload hinders digital transformation

Clearing the path towards a modernised system of agreement

Download now


General Data Protection Regulation (GDPR)

ICO to relax GDPR enforcement during coronavirus economic downturn

16 Apr 2020

The NHS teams up with Apple and Google on coronavirus tracking app

14 Apr 2020
data protection

Health sites are 'unlawfully' sharing medical data with Facebook and Google

7 Apr 2020
data protection

Supreme Court rules Morrisons was not liable for 2014 data breach

1 Apr 2020

Most Popular


How to find RAM speed, size and type

24 Jun 2020
data protection

EU institutions told to avoid Microsoft software after licence spat

3 Jul 2020

Microsoft releases urgent patch for high-risk Windows 10 flaws

1 Jul 2020