EU proposal on APP fraud could reduce banks’ incentive to invest in safeguards, says MBA Sec Gen

A new European Parliament proposal that would make banks, telecoms and online platforms liable for authorised push payment (APP) fraud might create a “moral hazard” among banks and consumers alike.  

This was the key message delivered by Karol Gabaretta, Secretary General of the Malta Bankers’ Association, during the 2025 edition of ‘The Fraud Landscape: Malta and Beyond’.

APP fraud is a scheme in which victims are tricked into voluntarily making payments or transferring funds to accounts that appear to belong to legitimate recipients. These scams are labelled as ‘authorised’ because the payment is initiated by the victim, albeit under false pretences.

Speaking to BusinessNow.mt, Mr Gabaretta highlighted a previous European Commission proposal under which, in cases of APP fraud, the payment service provider – such as PayPal – would be held liable for issuing a refund if the fraudster had impersonated the victim’s bank or the provider itself.

He went on to explain how this proposal didn’t only receive a lot of support from the European Parliament and the European Council but they also suggested “extending liability to other forms of deception, including impersonation via social media or messaging services,” kicking off a discussion about the boundaries of liability.

Mr Gabaretta highlighted that the European Parliament’s version of the proposal goes even further, introducing strict rules to distribute liability across banks, telecom providers, and online platforms.

He cautioned that such measures may inadvertently reduce consumer vigilance, as individuals become more likely to take risks online, knowing that they will be reimbursed regardless of the scam’s origin, be it a bank, telecom provider, or tech platform.

Moreover, he warned that this structure could diminish banks’ incentives to invest in robust fraud prevention, encouraging them instead to shift blame and liability to third parties rather than actively working to reduce fraud.

In this context, Mr Gabaretta used the term “payer of first resort” to describe how banks are increasingly seen as the default source of reimbursement in fraud cases.

This perception, he explained, risks creating a self-perpetuating cycle – where consumers become less cautious, fraud increases, and institutions focus on limiting their liability rather than solving the problem.

Mr Gabaretta’s views on the matter are also shared in a policy brief by the European Centre for International Political Economy (ECIPE), a non-profit think tank focused on trade and international economic policy issues relevant to Europe.

While protecting consumers is vital, policies that remove incentives for caution, both among individuals and institutions, risk undermining long-term fraud prevention efforts, he said.