The Federal Reserve and the European Banking Authority have both warned that instant payments carry a higher risk of fraud. Loris Certo explains how NetGuardians cuts this risk without adding friction
Cash is dying. Where it is still used, the expectation is that the growth of instant payments will accelerate its decline.
In Europe, McKinsey predicts that the number of instant payments (also known as real-time payments) will rise from around 3 billion this year (2024) to some 30 billion by 2028. Take-up is being driven by ease-of-use – instant transfers, 24/7 that are secure and low-cost or free – as well as their increasing availability. By October 2025, banks across Europe, including Switzerland, must be able to receive and send instant payments.
While customers – both the public and businesses – are clearly keen, what does this mean for banks and what are the challenges?
No time for checks
The big clue is in the name: instant. Banks must make settlement within seconds, irrevocably. This is different from credit transfers, where the time lapse between payment and settlement – anything between a few minutes to a few days – gives banks enough time to run checks. For fraudsters, the lack of checks is proving a lucrative attribute. So much so that both the Federal Reserve and the European Banking Authority point out that fraud rates in terms of value and volume are significantly higher for instant payments than for credit transfers, as the criminals use them to get their gains swiftly and cleanly away.
While the Fed warns that “instant payments pose unique challenges in combating fraud because they are immediate and irrevocable”, the EBA has highlighted that they carry fraud rates 10 times higher than credit transfers.
Scams lie at the heart of instant payment frauds. They rely on persuading the account owner to initiate and complete a transaction - authorized push payments (APP) - making it all the harder for banks to spot the fraud.
The scam nightmare
Scams are rife. And there are plenty of different types: love and CEO scams, as well as fraudsters impersonating banks and even law enforcement to name a few.
But scams can also involve account takeover, when a Trojan program is maliciously installed onto a computer or device, lying dormant. The fraudster, impersonating perhaps the bank, contacts the account owner with a scenario that needs them to log into their bank account – the scam. At this point, the Trojan is activated, allowing the scammer to take over and initiate instant payments that appear to be made by the account owner, but are not.
This presents a mighty headache for banks trying to prevent fraud. On the one hand, customers love their speed and lack of friction. On the other, there’s no time for banks to assess the risk. And with regulators putting more pressure on them than ever to spot fraud and repay customers should they get it wrong the banks need effective solutions.
Customer awareness must play a part and to that end, banks have instigated educational campaigns. But that alone is not enough to protect instant payments from fraud. Banks need to do more.
Here the big challenge is the lack of time to run checks to spot suspicious activity in real time.
This is where NetGuardians’ instant payment solution comes in. It helps banks set parameters to establish risk thresholds drawing on the bank’s risk appetite, customers’ appetite for friction within the transaction process, and the amount of money the bank is losing to fraud. Hit rates and analytics are displayed in a configurable dashboard - when fraud levels are too high, the solution can be calibrated to stop more payments; should too much friction be introduced, and fraud levels are low, it can be recalibrated again. It can also be adjusted should risk rates rise – at a time of high geopolitical tension, for example, when fraud attacks also increase.
NetGuardians’ instant payment solution also takes the form of a module which is fully compatible with our other financial crime prevention software. Essentially, it allows fraud teams to constantly and accurately monitor business KPIs such as fraud losses, and the volume of instant payments against the number of payments stopped, adjusting thresholds accordingly. In addition, the data streams for instant payments and transfers are kept totally separate. This gives the bank full visibility and control of the hit rate for each payment type as well as allowing dedicated models for instant payments.
But what is really clever is that the models use shared data from other payment types, overcoming any concerns about lack of instant payment volume data. They can also be trained to spot instances when an account has been taken over by a Trojan and stop payments.
Building profiles through secure data exchange
For banks that have yet to see large volumes of instant payments, our module’s ability to collect data from all payments means they can build far clearer customer and risk profiles across the bank – not just in instant payments. And they also benefit from being part of a global program, the NetGuardians Community Scoring & Intelligence Service. This facilitates secure and compliant data exchange and collaboration about fraud, further enhancing fraud-prevention efforts.
With customers increasingly turning to instant payments, regulations requiring banks to provide them, and the Fed and EBA warning on the associated fraud risks, banks need to make sure they have adequate instant payment cover. Adopting NetGuardians’ module provides this fast with easy integration. Join our community and benefit from lower risk, less friction, and fewer losses.
Learn more about managing fraud risks in instant payments.
Visit our Instant Payments Solution page to explore insights and access useful resources.