DNB finds banks combat fraud, urges targeted approach

The DNB's examination reveals that banks and payment institutions demonstrate high commitment to combating payment fraud, with dedicated staff and teams.

However, fraud risk management often remains operationally focused on alert processing and triage, lacking strategic prioritisation and adherence to a defined risk appetite.

Institutions could significantly strengthen their approach by using cost-benefit analyses to concretely define their fraud risk appetite, allowing for risk-based implementation of mitigation measures.

The landscape is rapidly changing, driven by factors like artificial intelligence and the rise of synthetic identities, necessitating a wider range of data sources and features for fraud detection.

Furthermore, institutions grapple with the dilemma of processing legally obligatory transactions versus exercising a duty of care, with some successfully refusing potentially fraudulent payments despite initial customer insistence.

This evolving environment underscores the need for more adaptive detection methods and structured cooperation across the payment chain.

Payment fraud significantly impacts society, with 10 percent of the Dutch population aged 15 or over falling victim to online scams in 2025, often resulting in emotional or financial distress.

This type of fraud is frequently linked to organised crime, money laundering, and international criminal networks.

The DNB's examination focused on 'non-banking fraud,' where victims unintentionally or under false pretences initiate fraudulent payments, such as romance, CEO, or investment scams.

This contrasts with 'banking fraud,' involving unauthorised payments like phishing.

Banks currently employ measures like daily limits, waiting periods for changes, and large-scale warning campaigns to protect customers.