23/06/2026 14:26:00

Central Bank of Malta publishes a Notice on the Supervisory Expectations on Fraud Risk Mitigation in the Instant Payments Environment

The Central Bank of Malta has today published a  Notice on the Supervisory Expectations on Fraud Risk Mitigation in the Instant Payments Environment addressed to payment service providers operating in Malta.

The publication follows the entry into force of Regulation (EU) 2024/886 on instant credit transfers in euro (the Instant Payments Regulation or IPR), which introduces several measures aimed at strengthening security and consumer protection in the context of instant payments. As payment services continue to evolve towards a real-time environment, payment service providers are expected to further strengthen their fraud prevention frameworks and operational arrangements.

The document sets out the Bank's supervisory expectations in relation to the prevention, detection and management of payment fraud, with a particular focus on authorised push payment fraud, impersonation scams and other emerging fraud typologies. It aims to promote the adoption of effective risk management practices and strengthen the protection of payment service users.

The supervisory expectations cover a range of areas, including transaction monitoring, customer authentication, payment verification processes, spending limit management, device registration controls, customer awareness initiatives, information sharing arrangements, staff training, and governance and oversight arrangements.

This document provides guidance on the measures that the Bank expects payment service providers to consider and implement, considering the nature, scale and complexity of their activities. The Bank considers these supervisory expectations to be an important step towards the future fraud prevention framework envisaged under the forthcoming Payment Services Regulation (PSR), which is expected to further strengthen fraud monitoring, intervention and consumer protection measures across the European Union.

Payment service providers are expected to review their existing controls and align their fraud prevention frameworks with the supervisory expectations by 1 July 2027.

The publication forms part of the Central Bank of Malta's ongoing efforts to support a secure, efficient and resilient payments ecosystem and to enhance consumer confidence in electronic payments.

 

Back to Archive