The National Bank of Hungary issued a new recommendation relating the prevention of fraud through payment services.
Recommendation No.5/2023 (VI.23.) of the National Bank of Hungary on the prevention, detection, management of fraud through payment services (“Recommendation”) sets out the expectations of the National Bank of Hungary (“NBH”) in the area, supports the application of law by market participants and aims to establish uniform jurisprudence.
The reason for issuing the Recommendation is to identify new forms of frauds in electronic payment services, which are increasingly prevalent in the digital space, and to develop related transaction monitoring mechanisms and customer education measures for payment service providers.
In its Recommendation, the MNB sets out a number of expectations and good practices that service providers can apply to ensure effective fraud prevention and to develop effective mechanisms.
As a general principle, the Recommendation sets out the expectations relating to the content of the framework contract to be concluded with the client.
It is emphasised that the framework contracts of service providers may not contain a condition that would lead to the case that the approval of a payment transaction resulting from the unauthorised use of a cash substitute payment instrument, mobile banking or internet banking application, would in itself justify the grossly negligent behaviour of the contracting party, as this would override the consumer protection provisions of the Payment Services Act and the fundamental principle provisions of the Civil Code.
In connection with the provision of new cash substitute payment instruments to the customer, the NBH expects service providers to notify the customer of the reason for the application or registration, and to provide the customer with the opportunity to indicate the reason in a prominent manner, in case the customer did not initiate the application or registration.
The MNB expects payment service providers to establish mechanisms to withdraw suspected abuse orders as soon as possible after the customer has reported the abuse and to start recovering the amount of the payment transaction affected by the abuse.
Of course, as in the past, the NBH expects that the compliance with these expectations will be achieved in such a way that customer authentication and order processing obligations in payment services should only slightly decrease customer experience, proportionate to the risks involved.
Payment service providers will be required to apply the measures set out in the Recommendation from 1 January 2024 at the earliest, and the NBH will monitor these measures in its control and monitoring activities.