A new EU Action Plan 2004-2007 to prevent fraud on non-cash means of payment
The 2004 Communication proposed a set of measures for the prevention of fraud on non-cash means of payment, drawing upon the 2001-2003 Action Plan on the prevention of fraud. The Commission released in April 2008 a report on the implementation of this Action Plan.
Communication from the Commission to the Council, the European Parliament, the European Economic and Social Committee, the European Central Bank and Europol of 20 October 2004 - A new EU Action Plan 2004-2007 to prevent fraud on non-cash means of payment [COM(2004) 679 final – Official Journal C 49 of 28.6.2006].
The measures provided for in the Fraud Prevention Action Plan 2001-2003 (FPAP) were successfully carried out. Experience shows that the Commission acted as a catalyst, promoting better information exchange and stronger cross-border cooperation. The Commission considers that cooperation between stakeholders is essential in combating fraud effectively: better cooperation between the public authorities and the private sector in the Member States is desirable. In its view, clarification of Community and national data protection legislation with respect to fraud prevention is necessary to allow an effective exchange of information at European level. The integration of the 10 new Member States (the countries that joined the Union on 1 May 2004) into the Community fraud prevention framework will continue to be a priority. The same applies to the strengthening of relations with public authorities in third countries.
In this Communication, the Commission laid down the priorities for maintaining and reinforcing cooperation between the stakeholders. It planned to:
Organise specific measures, such as pan-European training and conferences
The training of law-enforcement authorities was to be strengthened. The Commission planned to organise pan-European training sessions for specialised law-enforcement officers, as well as high-level conferences for senior police officers, magistrates and prosecutors. These measures were designed to make those concerned more aware of payment fraud and its impact on the financial system. Lastly, the Commission was to organise a seminar on fraud prevention for representatives of the private sector and the public authorities of the new Member States.
Review the system for transmitting data at European level
The Commission regarded the impossibility of exchanging data at EU level on high-risk and fraudulent merchants as a problem, and it wanted data protection rules in the EU to be clarified and harmonised. In its view, stakeholders should be able to exchange information with a view to early detection and notification of fraud attempts, whilst respecting the rights and freedoms of individuals, and the competition rules. The Commission proposed clarifying, in cooperation with national data protection authorities, the limits and conditions for exchanging information related to fraud prevention.
Reorganise the Fraud Prevention Expert Group (FPEG)
The EU Fraud Prevention Expert Group (FPEG) brought together the major stakeholders in fraud prevention, and intensified the exchange of information and cooperation. Its working procedures and participation methods needed to be reorganised in view of the enlargement to 25 Members States. The Commission suggested that there should be a fraud prevention expert in each country and/or sector, who would act as a contact point and disseminate at national level information on progress made by the Group. It also proposed that a steering group be set up to prepare the FPEG’s activities and supervise those of the sub-groups, in order to ensure that the measures envisaged are carried out effectively and that meetings are held regularly. It also proposed that two sub-groups be set up to deal with security and user issues. Lastly, the FPEG was to improve communication with the public and professionals in the sector in order to highlight progress made and the effectiveness of the measures of the new Action Plan.
Improve the security of payment systems and involve the public
Using chip cards improves security and reduces the risk of fraud. The Commission is closely monitoring new, more secure solutions and supports these developments. Individuals should be better informed about the level of security in order to build up their confidence. To that end, they should be provided with clearer information on payment security, while merchants should be given improved educational material and adequate tools to protect themselves from data hacking. A Commission study shows that smaller retailers do not always use the most appropriate technologies owing to the cost of new equipment. The Commission nonetheless regretted that security evaluation criteria were not harmonised, which would reduce costs and the time taken. However, harmonisation should not entail a reduction in the existing level of security. These aspects of security were to be examined by the sub-group referred to above. The Commission was also to launch a study on cardholder verification methods (for card payments) and user verification methods (for e-payments and mobile payments).
Take account of technological developments
The notification of lost and stolen cards in the EU was to be improved. It is technically feasible and desirable to have a single phone number in the EU for notifying lost or stolen payment cards. The Commission was also planning specific initiatives aimed at preventing identity theft in the EU, often linked to organised crime. It is assessing the merits of setting up a single EU contact point for citizens and businesses faced with identity theft. Efforts were needed to protect commercial websites from unauthorised access. Security breaches of the databases of e-commerce merchants are causing incalculable damage to their reputation and influencing the perception of Internet security, thereby undermining consumer confidence.
At the end of 2007, the Commission was to present a report on progress achieved with the implementation of the action programme.