New Russian law allows banks to block cards and payments in case of suspected unauthorized transactions
The banks will be permitted to act immediately if they suspect a transaction is about to be carried out without the client’s knowledge.
A new law is coming into force today in Russia, permitting banks to block payments, means for electronic transactions (mobile apps, e-wallets, etc) and cards, in case the banks determine that suspicious operations are being conducted.
The aim of the new legislation is to help the banks protect client accounts and the funds in them from fraud. The period of blocking will be up to two days.
The banks are allowed to act immediately without asking for the client’s consent. However, once the bank detects symptoms of fraudulent activities, that is, activities that imply lack of authorization or knowledge of the client, it has to inform the client – via a phone call or an SMS.
There is no unified system in Russia on determining suspicious transactions. It is up to the particular bank to outline criteria that determine which transactions can be considered unauthorized or suspicious.
Russian banks have recently saw the introduction of new reporting requirements concerning cyber incidents. Under the new rules, which got into effect on July 1, 2018, banks and operators of payment infrastructure have to submit more detailed information regarding the economic consequences of these incidents for the operators and their clients.
In particular, the operators have to report to the central bank about the amounts of money that were targeted by hackers and the amounts of money that were actually stolen during a given period. The regulator will require the banks and operators to report the precise sum that they returned to their clients affected by a breach. The companies also must submit information about the quality of their money transfer services during such incidents.