Brussels, BELGIUM – A new study by Copenhagen Economics reveals critical flaws in the European Parliament’s amendments to the Payment Services Regulation (PSR). The shared liability regime for authorised push payment (APP) fraud, as proposed by Parliament, is unsubstantiated and risks undermining effective fraud prevention and consumer protection.
While the European Commission’s original PSR proposal sought to make payment service providers (PSPs) liable when users are tricked into authorising payments to fraudsters, the European Parliament has proposed an unprecedented extension of liability. Online platforms and electronic communication service providers, such as telecom operators, would suddenly also have to refund victims of impersonation fraud.
Yet, none of the EU institutions has conducted an impact assessment of the novel regime proposed by Members of the European Parliament (MEPs), which would be a global first.
Copenhagen Economics concludes that there is no evidence to underpin MEPs’ radical shared liability proposal. The study – commissioned by the Computer & Communications Industry Association (CCIA Europe) – finds that platforms, telecom providers, and PSPs already invest heavily in fraud prevention to maintain trust and comply with regulations.
Instead, a shared liability regime would come with unintended negative consequences, including high societal costs, increased barriers for smaller digital players, slower payments, and denial of online services to vulnerable groups more susceptible to fraud.
The study also warns that shared fraud liability would be unworkable in practice, as no single player has sufficient visibility into the complex fraud chain. It would introduce a culture of ‘blame shifting’ – with payment service providers being “incentivised to shift reimbursement liability to a counterparty, rather than collaborating with them to reduce fraud.”
CCIA Europe urges EU Member States, currently finalising their common position on the PSR, to reject this ill-conceived proposal. To support the economy, the EU should adopt rules supporting evidence-based solutions that enhance collaboration, ensure legal clarity, and undergo thorough impact assessments before introducing any new liability frameworks.
The following can be attributed to CCIA Europe’s Senior Policy Manager, Boniface de Champris:
“Europe’s approach to payment fraud must be practical and evidence-driven. By contrast, the European Parliament’s ambiguous proposal jeopardises consumer trust and innovation without delivering any proven benefits. This new study clearly demonstrates the harms of Parliament’s approach.”
“The chain of players fighting payment fraud is extremely intricate and constantly evolving. That’s why CCIA Europe calls on EU Member States to champion smarter, collaborative solutions in the ongoing legislative discussions about the Payment Services Regulation.”
Notes for editors
The full Copenhagen Economics study on the implications of a shared liability regime for payment fraud (authored by Dr. Bruno Basalisco, Dr. Federico De Michiel, Tuomas Haanperä, and Jonathan Ramshaw) is available here.
Article 59 of the Payment Services Regulation (PSR), as proposed by the European Commission, seeks to make payment service providers (PSPs) liable for APP fraud.
The shared liability regime proposed by the European Parliament can be found here.
A recent study by the European Centre for International Political Economy (ECIPE) warns that shared liability would reduce incentives for PSPs and consumers to actively prevent fraud, as well as finding that limitations imposed by the General Data Protection Regulation and the Digital Services Act hinder fraud prevention efforts.
Similarly, Zach Meyers cautions that Parliament’s proposed changes to the PSR could weaken fraud prevention and encourage blame-shifting instead.
