The Russian anti-fraud law and its anticipated impact on online theft
On July 25, new anti-fraud measures are set to take effect in Russia, with early forecasts suggesting a brief dip in total funds stolen from Russian accounts by about 5 to 7 percent. This outlook was shared with socialbites.ca by Andrey Sirotkin, a senior lecturer in the Department of Banking at Synergy University. He emphasized that the law will slow criminal activity at first, but fraudsters are expected to pivot quickly, crafting fresh schemes to skirt the restrictions. The economist remarked that a clearer picture should emerge by the end of summer as criminal behavior adapts to the new regime.
There is a possibility that criminals will rely more on so-called drippers, individuals used as fronts to mask illicit transactions. According to Sirotkin, many scammers do not recognize their own role in the fraud, often recruiting other offenders online, through marketplaces or social networks. He noted that most often the individuals drawn into these schemes are young, aged 18 to 20, with no credit history and little concern for reputational damage.
Those who fall victim to these schemes are typically customers who are able to apply for a bank payment card, usually a debit card. The scammers may reveal the cardholder details to access funds from the victim, while the central bank database may fail to flag suspicious activity from these young participants, according to Sirotkin.
From July 25, 2024, a new framework for preventing fraudulent transactions will come into force in Russia, as stated by Vadim Uvarov, director of the Information Security Department at the Bank of Russia, in a conversation with a major Russian daily. The law outlines scenarios where a bank bears financial responsibility for losses tied to fraudulent operations. The bank must pause any transfers identified as suspicious in the central bank system for a two-day window and promptly inform the customer. During this pause, the customer retains the option to halt transfers to suspected scammers. If a bank’s anti-fraud system fails to stop a fraud that results in funds leaving a legitimate account and landing in a fake one listed in the Central Bank database, the bank is obligated to reimburse the stolen funds within 30 days.
Background information indicates there were notable sums stolen by cybercriminals from Russians’ bank accounts in the previous year. This history frames the current regulatory push as a response to ongoing fraud trends and the evolving tactics used by attackers in digital finance environments. Market observers in North America often compare these developments to similar efforts elsewhere, underscoring a universal focus on safeguarding consumer funds while balancing legitimate access to financial services. The overall aim is to create a more transparent, accountable process for detecting and stopping fraud without unduly hindering everyday banking for ordinary users. While enforcement and operational details continue to unfold, the new measures mark a decisive step toward reinforcing trust in electronic payments and strengthening the resilience of financial institutions against evolving scams.