Navigation path

Left navigation

Additional tools

European Commission - Press release

A Europe that Protects: Commission welcomes the adoption of stronger rules to stop cyber-criminals

Strasbourg, 11 December 2018

Today, the European Parliament and the Council reached political agreement on the Commission's proposal to strengthen rules to combat fraud and counterfeiting of non-cash means of payment – such as bank cards, cheques, mobile payments and virtual currencies.

An important element of the EU's scaled up response to cybercrime, the new rules will help Member States to crack down on cyber-criminals while better assisting victims of online payment fraud. 

Welcoming the agreement, Commissioner for Home Affairs, Migration and Citizenship Dimitris Avramopoulos said: "We are building a safer Europe for our citizens – offline as well as online, and today we deliver on this commitment. These new rules will help us crack down on those who steal from our citizens through online fraud, and ensure that our citizens are better protected."

Commissioner for the Security Union Julian King said: "Strengthening deterrence is crucial to tackling cybercrime – malicious cyber actors need to know that they face serious consequences. Today's agreement gives Member States a stronger tool to effectively fight online fraud, and provides a forceful disincentive to would-be cyber-criminals."

Fraud and counterfeiting of non-cash means of payment is an important source of income for organised crime, often enabling other criminal activities such as terrorism, drug trafficking and trafficking in human beings. The new rules will boost Member States' capacity to deter, prosecute and sanction cyber-criminals:

  • Expanded scope of offences: non-cash transactions carried out with any kind of payment instrument, whether physical such as bank cards, or virtual such as mobile payments, are now included in the scope of offences. Stealing and misappropriation of payment credentials, as well as the further sale and distribution of those credentials will also be criminalised;
  • Harmonised rules on penalties: the new rules set minimum penalties ranging from 1 to 5 years. This will stop "forum shopping", such as when criminals choose a jurisdiction with more lenient penalties, and will also facilitate cooperation between national authorities by clarifying which activities are considered as crimes;
  • Stronger protection of victims: victims of non-cash fraud will now have better access to information, advice and support to limit consequences of identity theft;
  • Greater cross-border cooperation: dedicated national contact points and the involvement of Europol will improve exchange of information and cross-border cooperation;
  • Better reporting: financial institutions and other private entities will report on relevant crimes to law enforcement authorities.

Next steps

The Directive will now have to be formally adopted by the European Parliament and the Council. Once it enters into force Member States will have 2 years to transpose the rules into national legislation.

Background

Technological developments, such as the increasing use of mobile payments or virtual currencies, have brought about substantial changes in the area of non-cash payments and the increase in online fraud. It is estimated that the criminal market for payment card fraud may be profiting from at least €1.8 billion per year.

The current rules on criminalisation of non-cash payment fraud are set out in the Council Framework Decision (2001/413/JHA) dating back to 2001. It has become clear that those rules no longer reflect today's realities and do not sufficiently address new challenges and technological developments such as virtual currencies and online payments. In order to ensure that crimes committed with new methods of payment can be effectively deterred and prosecuted, President Juncker proposed to update the existing rules in his 2017 State of the Union Address. Today's agreement on combating fraud and counterfeiting of non-cash means of payment follows the agreement reached yesterday by the EU negotiators on the Cybersecurity Act, reinforcing the mandate of the EU Agency for Cybersecurity and establishing an EU framework for cybersecurity certification – the key elements of the EU's scaled up response to cybercrime presented by the Commission in September 2017.

For More Information

Factsheet: Combating fraud and counterfeiting of non-cash means of payment

Press Release: State of the Union 2017 - Cybersecurity: Commission scales up EU's response to cyber-attacks

Questions and Answers: State of the Union 2017: The Commission scales up its response to cyber-attacks

 

 

 

IP/18/6758

Press contacts:

General public inquiries: Europe Direct by phone 00 800 67 89 10 11 or by email


Side Bar