News

Tackling fraud through regulation, cooperation, and shared responsibility

5min Read · 8 Jul 2026
fraud cooperation

Last week, we shared the first part of our conversation with Arnaud Schwartz, Co-Founder of Marble. In this second instalment, he once again offers his perspective on some of the key developments shaping the fraud landscape, with a particular focus on France’s FNC-RF, the evolving European regulatory framework, and the allocation of liability in fraud cases.

 

Fraud data sharing is increasingly emerging as a key enabler across Europe, as illustrated by the launch of France’s FNC-RF in early May. To what extent does collective intelligence actually outperform what a single institution can achieve on its own?

This is an important step forward. In my view, it is less about collective intelligence and more about creating a direct communication channel between banks – one that brings genuine fluidity to interactions across the ecosystem.

Until now, institutions had to rely on a traditional process/system: identify a fraud event, initiate a payment recall, and wait for the receiving institution to process that request. We can now communicate suspicions of fraud much more clearly through a centralized platform.

In practical terms, institutions can directly share fraud reports via a common platform, the FNC-RF. Other participants gain access to that information almost immediately, allowing them to review relevant transactions and make informed decisions.

The FNC-RF facilitates data sharing and encourages institutions to work together more effectively.

 

What tangible impact could this have on fraud levels?

Fraudsters’ accounts are expensive to acquire and operate. Opening them typically requires passing KYC (Know Your Customer) controls, and in many cases these accounts must also be “seasoned” before they can be used effectively for fraudulent activity. As a result, the FNC-RF increases the overall cost of committing fraud.

We are currently discussing the FNC-RF with a number of institutions. A few weeks after its implementation, many processes still appear to be largely manual. We expect a much higher degree of automation during the second half of the year. It is worth noting that the implementation timeline was relatively short: institutions had only six months, from November 2025 to May 2026, to achieve compliance and connect to the platform.

We are also keen to understand what the database will ultimately contain in terms of volume, quality and typology of fraud reports. This will directly influence the compliance effort required from financial institutions. Some market participants, for example, expected to receive several thousand fraud notifications immediately after connecting to the platform.

French PSPs are also considering the most sustainable long-term approach, particularly given the likelihood that similar requirements could eventually be introduced at the European level. The objective is to avoid having to start over when that happens.

 

Is regulation moving in the right direction?

Overall, yes. The European approach is moving in a positive direction and is gradually driving greater harmonization. More broadly, the continuing strengthening of the European regulatory framework is contributing to the development of more effective and resilient payment services while supporting efforts to combat both fraud and money laundering.

From a French perspective, we welcome the launch of the FNC-RF. The introduction of this national database brings genuine value to the domestic market. That said, one could argue that initiatives of this nature would be even more effective if implemented directly at the European level, as this would help eliminate remaining gaps. This is likely to evolve in the coming months, particularly with the introduction of the Payment Services Regulation (PSR).

I would also emphasize the importance of clarification and continuous improvement over regulatory expansion for its own sake. Regulatory developments in Europe are typically introduced in a coherent and progressive manner, avoiding sudden disruption for industry participants. This is one of Europe’s strengths, especially when compared with the United States, where the regulatory landscape is considerably more fragmented.

Nevertheless, we must remain mindful of the operational burden. Increasing reporting requirements and data-sharing obligations come with significant costs, diverting resources that could otherwise be allocated to other initiatives. Ultimately, regulation and data sharing only deliver value if the information provided is actively leveraged by regulators.

 

Is liability allocated fairly today?

Different countries, both within Europe and beyond, apply different rules when it comes to fraud and liability.

In the United Kingdom, responsibility is generally shared among stakeholders. In France, the issuing institution still bears most of the liability, although case law continues to evolve. In some jurisdictions, customers may not be entitled to any reimbursement at all.

Other approaches are also emerging. Some countries are considering placing greater responsibility on digital platforms. If fraudsters use these platforms to target victims and leverage advertising mechanisms to promote scams, platforms could be held accountable if they fail to implement adequate safeguards.

This raises a fundamental question: what level of protection should customers receive? Should they be protected in every circumstance, even when basic security guidelines are ignored? And what degree of responsibility should they bear when they personally authorize a transaction?

In my view, completely removing responsibility from customers serves neither users nor the industry. If financial institutions have implemented appropriate preventive mechanisms, liability should be shared more evenly. PSPs that have significantly strengthened their fraud prevention capabilities should no longer bear full responsibility for fraud losses.

 

How should the cross-border nature of fraud be addressed?

Fraud does not recognize borders. However, two broad dynamics can generally be observed: there are originating markets, where fraud is initiated, and receiving markets, where the proceeds ultimately end up.

The nature of fraud often differs according to local investment habits, usage patterns and market characteristics. However, the underlying detection mechanisms remain largely the same, as do the algorithms that support them. There is therefore no reason why detection effectiveness should vary significantly from one country to another.

That said, the cross-border dimension must be properly reflected in risk assessment frameworks, as international transactions often carry elevated levels of risk. These payments should not be treated as routine or standard transactions.

With the FNC-RF in France, Verification of Payee (VOP) across the Eurozone, and the prospect of similar initiatives on a broader scale, financial institutions should first focus on fully leveraging the tools already available to them before moving on to the next stage.

What is particularly interesting about this evolution is that we have already moved beyond the traditional debate of “traditional money versus cryptocurrency.” Fraud must now be addressed holistically across all financial ecosystems, as they form part of a single interconnected environment that institutions are required to monitor and protect.