Regulators’ Call Spurs Wide-Ranging Comments on Payments Fraud

Fraud continues to plague the payments system — and regulators are asking for answers. Banks, credit unions and payment networks responded to a joint Request for Information (RFI) from the Office of Comptroller of the Currency (OCC), the Federal Reserve, and the Federal Deposit Insurance Corp. (FDIC) on how to confront the threat, with dozens of letters rolling in by the Sept. 18 deadline. Their public letters outline several paths forward: stronger data-sharing, modernized regulation, merchant accountability, and technology-enabled defenses.

First-Line Defenses

Visa’s submission emphasized the scale of its fraud prevention investments and its reliance on technology to combat evolving threats, with more than $12 billion invested over the past five years in intelligence and technology infrastructure. These efforts have helped block $40 billion-plus in attempted fraud, the company wrote.

The company argued regulators should support “outcomes-based regulation” that allows innovation in artificial intelligence (AI). “We encourage regulators to adopt regulations that focus on the outcomes of AI models rather than taking a prescriptive, process-based approach,” Visa said.

Visa highlighted tools like Visa Advanced Authorization, which it said prevents “an estimated $30 billion in fraud annually,” and Visa Payment Passkey, which “can reduce fraud rates by up to 50% compared to SMS OTPs.”

First Service Credit Union also supported technology enhancements — in its case urging the Federal Reserve to integrate fraud detection services into FedNow and FedACH, with “a ‘payment delay’ feature for flagged transactions, allowing manual review before final settlement.”

Community Bank Perspectives

Smaller banks emphasized the need for faster, more reliable collaboration tools. Chambers Bank proposed “a centralized online portal designed for secure, direct digital communication between institutions,” which it argued would eliminate phone calls and “streamline inter-institutional engagement.”

The bank also called for “a single, integrated reporting database for fraudulent activity” and a national registry of fraud contacts at financial institutions. At the same time, it urged regulators to place more responsibility on merchants whose databases are breached: “The merchant should take more accountability for their customers who get compromised, it is their database.”

Dayspring Bank added another operational challenge: fraudulent remote deposits. “We continue to see losses tied to fraudulent mobile deposits, often with altered or duplicate checks, which create significant challenges for community banks,” the institution wrote.

It asked regulators for clearer authority to extend holds on suspicious items and for practical fraud-reporting systems “accessible and practical for community banks with limited compliance staff.”

Education and Awareness

First Service Credit Union stressed that fraud prevention starts with informed consumers. “Education is one of the most effective tools in preventing fraud — particularly when tailored to the community level,” per the letter. The credit union proposed templated campaigns that could be localized by smaller institutions, along with targeted efforts to reach vulnerable populations such as older adults.

Visa’s own missive said fraud education is “essential but not sufficient by itself,” arguing that consumers must be engaged through cultural moments and real-world interactions.

Chambers Bank echoed the call for outreach, noting that social media “seems to reach the widest audience” and recommending consumer campaigns that encourage people to “Stop > Think > before using payment methods.”

Regulatory Flexibility

Several institutions urged regulators to balance fraud reduction with operational realities. First Service Credit Union pressed for updates to Regulation CC and Regulation E to better reflect fraud trends in mobile deposits and social engineering scams. It warned that current rules “often expose credit unions to high levels of liability in cases where members have been manipulated through increasingly sophisticated scams.”

Dayspring Bank similarly asked for flexibility, especially on deposit hold times, to give smaller banks more authority to pause suspicious items before settlement. Visa called for regulators to consider “safe harbor provisions or pilot programs” that would allow controlled AI testing “without undue enforcement risk.”

Together, the comments underscored that one-size-fits-all regulations could unintentionally raise costs for community institutions while leaving larger firms freer to innovate.

 

The post Regulators’ Call Spurs Wide-Ranging Comments on Payments Fraud appeared first on PYMNTS.com.