A new EU Action Plan 2004-2007 to prevent fraud on non-cash means of payment

The 2004 Communication proposed a set of measures for the prevention of fraud on non-cash means of payment, drawing upon the 2001-2003 Action Plan on the prevention of fraud. The Commission released in April 2008 a report on the implementation of this Action Plan.


Communication from the Commission to the Council, the European Parliament, the European Economic and Social Committee, the European Central Bank and Europol of 20 October 2004 - A new EU Action Plan 2004-2007 to prevent fraud on non-cash means of payment [COM(2004) 679 final – Official Journal C 49 of 28.6.2006].


The measures provided for in the Fraud Prevention Action Plan 2001-2003 (FPAP) were successfully carried out. Experience shows that the Commission acted as a catalyst, promoting better information exchange and stronger cross-border cooperation. The Commission considers that cooperation between stakeholders is essential in combating fraud effectively: better cooperation between the public authorities and the private sector in the Member States is desirable. In its view, clarification of Community and national data protection legislation with respect to fraud prevention is necessary to allow an effective exchange of information at European level. The integration of the 10 new Member States (the countries that joined the Union on 1 May 2004) into the Community fraud prevention framework will continue to be a priority. The same applies to the strengthening of relations with public authorities in third countries.

In this Communication, the Commission laid down the priorities for maintaining and reinforcing cooperation between the stakeholders. It planned to:

Organise specific measures, such as pan-European training and conferences

The training of law-enforcement authorities was to be strengthened. The Commission planned to organise pan-European training sessions for specialised law-enforcement officers, as well as high-level conferences for senior police officers, magistrates and prosecutors. These measures were designed to make those concerned more aware of payment fraud and its impact on the financial system. Lastly, the Commission was to organise a seminar on fraud prevention for representatives of the private sector and the public authorities of the new Member States.

Review the system for transmitting data at European level

The Commission regarded the impossibility of exchanging data at EU level on high-risk and fraudulent merchants as a problem, and it wanted data protection rules in the EU to be clarified and harmonised. In its view, stakeholders should be able to exchange information with a view to early detection and notification of fraud attempts, whilst respecting the rights and freedoms of individuals, and the competition rules. The Commission proposed clarifying, in cooperation with national data protection authorities, the limits and conditions for exchanging information related to fraud prevention.

Reorganise the Fraud Prevention Expert Group (FPEG)

The EU Fraud Prevention Expert Group (FPEG) brought together the major stakeholders in fraud prevention, and intensified the exchange of information and cooperation. Its working procedures and participation methods needed to be reorganised in view of the enlargement to 25 Members States. The Commission suggested that there should be a fraud prevention expert in each country and/or sector, who would act as a contact point and disseminate at national level information on progress made by the Group. It also proposed that a steering group be set up to prepare the FPEG’s activities and supervise those of the sub-groups, in order to ensure that the measures envisaged are carried out effectively and that meetings are held regularly. It also proposed that two sub-groups be set up to deal with security and user issues. Lastly, the FPEG was to improve communication with the public and professionals in the sector in order to highlight progress made and the effectiveness of the measures of the new Action Plan.

Improve the security of payment systems and involve the public

Using chip cards improves security and reduces the risk of fraud. The Commission is closely monitoring new, more secure solutions and supports these developments. Individuals should be better informed about the level of security in order to build up their confidence. To that end, they should be provided with clearer information on payment security, while merchants should be given improved educational material and adequate tools to protect themselves from data hacking. A Commission study shows that smaller retailers do not always use the most appropriate technologies owing to the cost of new equipment. The Commission nonetheless regretted that security evaluation criteria were not harmonised, which would reduce costs and the time taken. However, harmonisation should not entail a reduction in the existing level of security. These aspects of security were to be examined by the sub-group referred to above. The Commission was also to launch a study on cardholder verification methods (for card payments) and user verification methods (for e-payments and mobile payments).

Take account of technological developments

The notification of lost and stolen cards in the EU was to be improved. It is technically feasible and desirable to have a single phone number in the EU for notifying lost or stolen payment cards. The Commission was also planning specific initiatives aimed at preventing identity theft in the EU, often linked to organised crime. It is assessing the merits of setting up a single EU contact point for citizens and businesses faced with identity theft. Efforts were needed to protect commercial websites from unauthorised access. Security breaches of the databases of e-commerce merchants are causing incalculable damage to their reputation and influencing the perception of Internet security, thereby undermining consumer confidence.

At the end of 2007, the Commission was to present a report on progress achieved with the implementation of the action programme.


Commission Staff Working Document of 22 April 2008 – Report on fraud regarding non cash means of payments in the EU: the implementation of the 2004-2007 EU Action Plan [SEC(2008) 511 final – Not published in the Official Journal]. This report presents the implementation of the Action Plan during 2004-2007, as well as an overview of the prevention/fight against payment fraud context. This period is characterised by the implementation of both legislative and non-legislative initiatives. With regard to the first, the most notable are Directive 2005/60/EC on the prevention of money laundering and Directive 2007/64/EC on payment services in the internal market (PSD). As to the latter, the initiatives have been, in most cases, undertaken directly by the payments industry. Of the priorities laid down in the Action Plan (above), the following have been achieved:

Organise specific measures such as pan-European training and conferences Europol, in collaboration with the payments industry and in some cases funded by the Commission, has organised some specialised training sessions for law-enforcement authorities on the operational aspects of payment card fraud. The Commission organised the high-level conference on identity theft and payment fraud for senior police officers, magistrates and prosecutors in November 2006, and the seminar on the prevention of payment fraud for candidate countries in March 2006.

Review the system for transmitting data at European level A data management group was created within the FPEG. It produced a report in December 2006 on the barriers to the processing of personal data for the purpose of preventing fraud. In addition, the PSD provides for the processing of personal data by payment systems and service providers whenever necessary for fraud prevention.

Reorganise the FPEG

Membership of the FPEG was streamlined by inviting experts, in particular those representing consumers, to the Group’s meetings. The proposed steering group for the FPEG was also created. Furthermore, additional sub-groups were established within the FPEG on: ATM security, communication, commerce, identity theft, law enforcement issues and security evaluation. A sub-group on users’ issues was not created; however, the topic was discussed in relevant sub-groups. With regard to improving communication on fraud prevention, the Commission presented the Communication COM(2007)808 on consumer financial education in December 2007, which provides suggestions and practical assistance for those delivering financial education.

Improve the security of payment systems and involve the public

The study on user identification methods in card, e-, and mobile payments was completed in November 2007.

Take account of technological developments

In February 2007, the Commission adopted Decision 2007/116/EC, stating that numbers beginning with 116 are reserved as free-phone numbers for services of social value. The issue of establishing a single contact point on identity theft was taken up in a FPEG report and at the high level conference.

The achievements for this period demonstrate that security aspects are extremely important, but that consumer confidence and trust are equally important. The new legal framework, developments by the industry and the Commission (including measures not defined in the Action Plan) are considered to promote both.

Last updated: 01.09.2008