Fresh EU Directive strengthens powers against financial cyber fraud

Stolen payment credentials profits criminals over a billion every year, meaning new powers are long overdue

European Union

Specifically focussing on fraud and counterfeiting of non-cash means of payment, the language of a new European Directive has been agreed upon to strengthen rules surrounding cyber crime.

The new Directive, supplementing the EU's scaled up response to cyber crime, will enhance member states' capacity to prosecute cyber criminals.

The rules which govern payments made with bank cards, mobile payments and payments via cryptocurrencies, aim to offer the penalties for fraud of this type more uniformity to deter cyber criminals from targeting those in states with more lenient punishments for cyber crime.

The Directive is also committed to offering victims of non-cash fraud better access to advice and support to limit the consequential damage against them following a cyber attack. Provisions for the exchanging of information between states will also be improved in an effort to close cross-border cases more quickly.

Advertisement - Article continues below

"We are building a safer Europe for our citizens - offline as well as online, and today we deliver on this commitment," said Dimitris Avramopoulos, Commissioner for Home Affairs, Migration and Citizenship. "These new rules will help us crack down on those who steal from our citizens through online fraud, and ensure that our citizens are better protected."

Advertisement - Article continues below

Current EU law governing non-cash payment fraud was drafted back in 2001 so the new law is required to adequately serve today's challenges and technological developments. Since 2001, mobile payments and virtual currencies have become commonplace and such, the law must reflect the criminal demands of today's society. It's also estimated that cyber criminals may be profiting as much as 1.8 billion every year, so the need for new laws has never been greater.

"Strengthening deterrence is crucial to tackling cybercrime -- malicious cyber actors need to know that they face serious consequences," said Julian King, Commissioner for the Security Union. "Today's agreement gives member states a stronger tool to effectively fight online fraud, and provides a forceful disincentive to would-be cyber-criminals."

Advertisement - Article continues below

The Directive will have to be formally approved and adopted by the European Parliament and the Council, and once it is, member states will have up to two years to draft domestic laws which enforce the Directive's rules.

The initial proposal for the updated Directive was featured in President Jean-Claude Juncker's 2017 State of the Union Address and the news follows Monday's agreement on the language of the new EU Cybersecurity Act.

The new Act aims to better support member states with tackling cyber threats and to establish an EU framework for cyber security certification. The framework will deliver technical guidelines for procedures and standards to ensure a high level of cyber security in IoT devices, smart cards and ICT infrastructure. Once approved by the European Parliament an Council, the Act will be drafted into the EU Official Journal and take effect immediately.



data protection

Supreme Court rules Morrisons was not liable for 2014 data breach

1 Apr 2020

UK government may trace COVID-19 patients using mobile phone data

20 Mar 2020
General Data Protection Regulation (GDPR)

Irish data regulator racks up GDPR cases against Big Tech

24 Feb 2020
data management

EU-US data transfer tools used by Facebook ruled legal

19 Dec 2019

Most Popular

application programming interface (API)

Apple buys Dark Sky weather app and leaves Android users in the cold

1 Apr 2020
data management

Oracle cloud courses are free during coronavirus lockdown

31 Mar 2020
flexible working

Why we’re lucky COVID-19 has come now

3 Apr 2020