Dutch Central Bank study finds banks respond inconsistently to online fraud signals amid legal and technical constraints

The Dutch Central Bank published findings from a review of how banks and payment institutions seek to prevent online theft and fraud, concluding that banks play a key role but do not yet react uniformly when fraud risks are detected. The main constraint is a legal tension between the obligation to execute a customer's payment order and the bank's duty of care to try to prevent customers from harming themselves or being defrauded. The review describes wide differences in practice. Some banks warn customers, while others pause or block transactions. Artificial intelligence and algorithms can help by identifying suspicious transactions and account profiles faster and more accurately, but use remains uneven for technical reasons. At the same time, AI is also making fraud easier by helping criminals create convincing fake bank websites and deepfake voices or faces. Banks also run awareness campaigns, but the central bank notes that many scams start on social media, including fake investment offers, bogus online sales and dating fraud, where banks often have limited scope to intervene once the victim has been drawn in. The central bank notes that customers usually do not recover losses from online fraud, except in many cases where a criminal impersonates the victim's bank helpdesk and the sector's goodwill scheme applies. It also places the issue beyond the banking sector alone and points to the Integrated Approach to Online Fraud, set up in 2020, as a framework for banks, ministries, municipalities, DNB and other participants to exchange knowledge and improvements.