BioCatch blog channel

Browse topics

Is regulation doing more harm than good for German fraud practitioners?

Written by:

Thomas Peacock

Is regulation doing more harm than good for German fraud practitioners? featured image

Um diesen Blog auf Deutsch zu lesen, klicken Sie hier.

“The majority of fraud leaders in Germany believe fraud attempts at their organization are increasing.” – A survey of banking leaders on fraud risk: 2026 German edition

The statement above likely surprises exactly no one working in a German bank’s fraud department — or in any European bank’s fraud department for that matter. No country is immune to global trends, especially one as pervasive and explosive as the growth in fraud.

Advancements in European-wide regulation, such as the implementation of real-time Single Euro Payments Area (SEPA) payments, have increased the risk of fraud. A recent survey of German banking leaders we commissioned found 54% of those on fraud teams at German banks reported increased incidents since SEPA’s introduction, compared to just 21% who reported a decline in fraud attempts at their institution.

This has offset the progress made following the introduction of Strong Customer Authentication (SCA), which led to an overall decrease in third-party fraud, according to 56% of those surveyed. By comparison, only 3% of survey respondents claimed to have seen an increase in fraud following the introduction of SCA.

The uncertainty about which way things can go when new rules are enforced means financial institutions must prepare for any scenario. With that in mind, it’s no surprise that almost three-quarters of those surveyed reported their institution was trying to get ahead of the next big piece of regulation: the Third Payment Services Directive (PSD3) and Payment Services Regulation (PSR). In fact, despite uncertainty about the final details, more than a quarter of German fraud leaders surveyed said their organization was already updating its reimbursement policies.

One of the main pillars of PSD3 will be customer reimbursement in the event of customer-authorized fraud, such as falling victim to social engineering scams. With these changes and refinements as a backdrop, let’s explore the current state of reimbursement in Germany.

Scam reimbursement today

German banks appear to have fallen behind their European counterparts in this area, with only 36% of representatives surveyed affirming that their institutions reimburse the majority of customers who fall victim to scams. This falls well short of the continental average: 53% of the 600 combined leaders surveyed at banks in Belgium, the Netherlands, Luxembourg, France, Germany, Italy, Denmark, Finland, Norway, Sweden, and Switzerland reported reimbursing at least half of the scam victims who bank with their institution. This suggests German banks must adopt a new status quo to prioritize customer satisfaction and protection.

There are signs for optimism, however, as 59% of those surveyed expressed concern about the reputational impact inflicted on their institution by fraud and scams. As more fraud leaders recognize this inevitable shift in priorities, we anticipate much-needed industry-wide change, but it won’t be easy. Only one in four German C-level executives surveyed expressed concern about the reputational impact on their firms when customers are scammed, with 58% having greater concern about financial losses to their business.

This brings us back to our original question: Is regulation causing more harm than good?

With the introduction of SCA, the focus was to protect customers and the financial system. This security-focused initiative was successful, with banks able to reduce fraud. Meanwhile, the regulation that led to real-time payments, which was primarily based on improving the customer experience and speeding up the banking system, has led to an increase in fraud. While the aim was to make payments faster, it also made fraud faster. These contrasting experiences would suggest that the original intent behind regulation can be a decisive factor when determining whether it is causing more harm than good.

Looking over the horizon, the main regulatory change we see is PSD3/PSR. Similar to its predecessor, we anticipate the main objective will be to secure the banking system for the current digital environment. With this in mind, those who see the glass as half-full may perceive such changes as an opportunity to finally obtain buy-in from internal leadership to invest in technologies that help a variety of different bank teams protect customers while also improving user experience, both of which would burnish the bank’s image and reputation.

Recent Posts

Fighting investment fraud without punishing every customer Fraud
February 18, 2026 Fighting investment fraud without punishing every customer
Read article
A journey through Brazil’s regulatory maze Fraud
February 17, 2026 A journey through Brazil’s regulatory maze
Read article
Romance scams in the age of AI: How love, loneliness, and algorithms are fueling a global crisis
February 09, 2026 Romance scams in the age of AI: How love, loneliness, and algorithms are fueling a global crisis
Read article