90 FR 117 pgs. 26293-26298 - Request for Information on Potential Actions To Address Payments Fraud
Type: NOTICEVolume: 90Number: 117Pages: 26293 - 26298
Pages: 26293, 26294, 26295, 26296, 26297, 26298Docket number: [Docket No. OP-1866]
FR document: [FR Doc. 2025-11280 Filed 6-18-25; 8:45 am]
Agency: Federal Deposit Insurance Corporation
Sub Agency: Customs Service
Official PDF Version: PDF Version
[top]
DEPARTMENT OF THE TREASURY
Office of the Comptroller of the Currency
[Docket ID OCC-2025-0009]
FEDERAL RESERVE SYSTEM
[Docket No. OP-1866]
FEDERAL DEPOSIT INSURANCE CORPORATION
RIN 3064-ZA49
Request for Information on Potential Actions To Address Payments Fraud
AGENCY:
Office of the Comptroller of the Currency, Treasury; Board of Governors of the Federal Reserve System; and Federal Deposit Insurance Corporation.
ACTION:
Request for information and comment.
SUMMARY:
The Office of the Comptroller of the Currency (OCC), Treasury; the Board of Governors of the Federal Reserve System (Board); and the Federal Deposit Insurance Corporation (FDIC) seek public input on questions related to payments fraud. This request for information (RFI) offers the opportunity for interested stakeholders to identify ways that the OCC, the Federal Reserve System (FRS), and the FDIC could take actions collectively or independently in their varying respective roles to help consumers, businesses, and financial institutions mitigate check, automated clearing house (ACH), wire, and instant payments fraud.
DATES:
Comments must be received by September 18, 2025.
ADDRESSES:
Comments should be directed to:
OCC: Commenters are encouraged to submit comments through the Federal eRulemaking Portal, if possible. Please use the title "Request for Information on Potential Actions to Address Payments Fraud" to facilitate the organization and distribution of the comments. You may submit comments by any of the following methods:
• Federal eRulemaking Portal-Regulations.gov: Go to https://www.regulations.gov. Enter "Docket ID OCC-2025-0009" in the Search Box and click "Search." Public comments can be submitted via the "Comment" box below the displayed document information or by clicking on the document title and then clicking the "Comment" box on the top-left side of the screen. For help with submitting effective comments, please click on "Commenter's Checklist." For assistance with the Regulations.gov site, please call 1-866-498-2945 (toll free) Monday-Friday, 8:00 a.m. to 7:00 p.m. ET, or email regulationshelpdesk@gsa.gov.
• Mail: Chief Counsel's Office, Attention: Comment Processing, Office of the Comptroller of the Currency, 400 7th Street SW Suite 3E-218, Washington, DC 20219.
• Hand Delivery/Courier: 400 7th Street SW, Suite 3E-218, Washington, DC 20219.
Instructions: You must include "OCC" as the agency name and "Docket ID OCC-2025-0009" in your comment. In general, the OCC will enter all comments received into the docket and publish the comments on the Regulations.gov website without change, including any business or personal information provided such as name and address information, email addresses, or phone numbers. Comments received, including attachments and other supporting materials, are part of the public record and subject to public disclosure. Do not include any information in your comment or supporting materials that you consider confidential or inappropriate for public disclosure.
You may review comments and other related materials that pertain to this action by the following method:
• Viewing Comments Electronically-Regulations.gov: Go to https://regulations.gov/. Enter "Docket ID OCC-2025-0009" in the Search Box and click "Search." Click on the "Dockets" tab and then the document's title. After clicking the document's title, click the "Browse All Comments" tab. Comments can be viewed and filtered by clicking on the "Sort By" drop-down on the right side of the screen or the "Refine Comments Results" options on the left side of the screen. Supporting materials can be viewed by clicking on the "Browse Documents" tab. Click on the "Sort By" drop-down on the right side of the screen or the "Refine Results" options on the left side of the screen checking the "Supporting & Related Materials" checkbox. For assistance with the Regulations.gov site, please call 1-866-498-2945 (toll free) Monday-Friday, 8:00 a.m. to 7:00 p.m. eastern time (ET), or email regulationshelpdesk@gsa.gov.
The docket may be viewed after the close of the comment period in the same manner as during the comment period.
Board: You may submit comments, identified by Docket No. OP-1866, by any of the following methods:
• Agency Website: https://www.federalreserve.gov/apps/proposals/. Follow the instructions for submitting comments, including attachments. Preferred Method.
• Federal eRulemaking Portal: http://www.regulations.gov. Follow the instructions for submitting comments.
• Email: publiccomments@frb.gov. You must include docket number and RIN in the subject line of the message.
• FAX: (202) 452-3819 or (202) 452-3102.
• Mail, Courier and Hand Delivery: Ann Misback, Secretary, Board of Governors of the Federal Reserve System, 20th Street and Constitution Avenue NW, Washington, DC 20551.
[top] Instructions: All public comments are available from the Board's website at https://www.federalreserve.gov/apps/proposals/ as submitted, unless modified for technical reasons. Accordingly, comments will not be edited to remove any identifying or contact information. Public comments may also be viewed electronically or in paper form in Room M-4365A, 2001 C Street NW, Washington, DC 20551, between 9:00 a.m. and 5:00 p.m. on federal weekdays. For security reasons, the Board requires that visitors make an appointment to inspect comments. You may do so by calling (202) 452-3684. Upon arrival, visitors will be required to
FDIC: Interested parties are invited to submit written comments, identified by RIN 3064-ZA49, by any of the following methods:
• Agency Website: https://www.fdic.gov/resources/regulations/federal-register-publications/. Follow the instructions for submitting comments on the agency website.
• Email: comments@fdic.gov. Include RIN 3064-ZA49 in the subject line of the message.
• Mail: Jennifer M. Jones, Deputy Executive Secretary, Attention: Comments-RIN 3064-ZA49, Federal Deposit Insurance Corporation, 550 17th Street NW, Washington, DC 20429.
• Hand Delivery: Comments may be hand delivered to the guard station at the rear of the 550 17th Street NW building (located on F Street NW) on business days between 7 a.m. and 5 p.m.
• Public Inspection: Comments received, including any personal information provided, may be posted without change to https://www.fdic.gov/resources/regulations/federal-register-publications/. Commenters should submit only information that the commenter wishes to make available publicly. The FDIC may review, redact, or refrain from posting all or any portion of any comment that it may deem to be inappropriate for publication, such as irrelevant or obscene material. The FDIC may post only a single representative example of identical or substantially identical comments, and in such cases will generally identify the number of identical or substantially identical comments represented by the posted example. All comments that have been redacted, as well as those that have not been posted, that contain comments on the merits of this document will be retained in the public comment file and will be considered as required under all applicable laws. All comments may be accessible under the Freedom of Information Act.
FOR FURTHER INFORMATION CONTACT:
OCC: Tracy Chin, Director, Payments Systems Policy, Office of the Chief National Bank Examiner, (202) 649-6550; Eric Ellis, Director, BSA/AML Policy, Office of the Chief National Bank Examiner, (202) 649-5470; Candace Matzenauer, Director, Consumer Compliance Policy, Office of the Chief National Bank Examiner, (202) 649-5470; Andrew Davis, Counsel, Chief Counsel's Office, 202-649-5490, Office of the Comptroller of the Currency, 400 7th Street SW, Washington, DC 20219. If you are deaf, hard of hearing or have a speech disability, please dial 7-1-1 to access telecommunications relay services.
Board: Larkin Turman, Senior Financial Institution Policy Analyst, and Ian Spear, Deputy Associate Director, Division of Reserve Bank Operations and Payment Systems; Caterina Petrucco-Littleton, Deputy Associate Director, Division of Consumer and Community Affairs; Suzanne Williams, Deputy Associate Director, and Jinai Holmes, Manager, Division of Supervision and Regulation; Cody Gaffney, Counsel, and Andrew Ruben, Counsel, Legal Division, at (202) 452-3000. For users of text telephone systems (TTY) or any TTY-based Telecommunications Relay Services, please call 711 from any telephone, anywhere in the United States.
FDIC: Michael Benardo, Associate Director, Division of Risk Management Supervision, (703) 835-0149, MBenardo@FDIC.gov; Fu-Jan Huang, Senior Examination Specialist, Division of Risk Management Supervision, (917) 320-2867, fuhuang@fdic.gov; Luke Brown, Associate Director, Division of Depositor and Consumer Protection, (202) 898-3842; Dawnelle Guyette, Senior Policy Analyst, Division of Depositor and Consumer Protection, (816) 234-8130, dguyette@fdic.gov; Ardie Hollifield, Senior Policy Analyst, Division of Depositor and Consumer Protection, (202) 898-6638, ahollifield@fdic.gov; Deborah Tobolowsky, Counsel, Legal Division, (571) 858-8136, dtobolowsky@fdic.gov.
SUPPLEMENTARY INFORMATION:
I. Introduction
Payments fraud inflicts significant harm on consumers, businesses, and financial institutions. Payments fraud also has the potential to erode public trust in-and undermine the safety, accessibility, and efficiency of-the nation's payments system, upon which the U.S. financial system depends. As part of their objectives to promote the safety of the U.S. financial system, the FRS, FDIC, and OCC have overlapping but also discrete roles and authorities related to the issue of payments fraud. For example, the Board, FDIC, and OCC all engage in supervision of financial institutions. In addition to supervising financial institutions, the FDIC has the distinct mission to maintain stability and public confidence in the nation's financial system as the insurer of bank deposits. The FRS, which includes the Board and the Federal Reserve Banks (Reserve Banks), also focuses on payment system safety as a payment system operator and catalyst for payment system improvements. Therefore, the FRS, FDIC, and OCC are each interested in exploring ways to help mitigate risk of payments fraud. Given that the FRS, FDIC, and OCC have specific differing roles and authorities, this mitigation could take the form of collective action where roles align, such as joint supervisory guidance, or independent action where roles differ, such as changes to the payment systems operated by the Reserve Banks.
II. Background
While there is no consensus on the definition of "payments fraud," for purposes of this RFI, "payments fraud" generally refers to the use of illegal means, including intentional deception, misrepresentation, or manipulation, to make or receive payments for personal gain. 1 The term "payments fraud" also includes scams, a subset of fraud. 2
Footnotes:
1 ? See U.S. Government Accountability Office, Improper Payments and Fraud: How They Are Related but Different (Dec. 7, 2023), https://www.gao.gov/assets/d24106608.pdf and U.S. Department of Justice, Bureau of Justice Statistics, Financial Fraud, https://bjs.ojp.gov/taxonomy/term/financial-fraud.
2 ? See Federal Reserve, FedPayments Improvement, Defined Scams to Fight Scams, https://fedpaymentsimprovement.org/news/blog/defined-scams-to-fight-scams.
Many sources indicate that payments fraud is growing. For example, according to data from the Federal Trade Commission (FTC), losses reported for noncard payments fraud increased 271 percent between 2020 and 2024. 3 Data from the U.S. Department of the Treasury's Financial Crimes Enforcement Network (FinCEN) show that the number of Suspicious Activity Reports (SARs) filed related to check, ACH, and wire fraud have increased 489 percent between 2014 and 2024. 4
Footnotes:
3 ? See FTC Consumer Sentinel Network Fraud Reports, All Fraud Reports by Payment Method, https://public.tableau.com/app/profile/federal.trade.commission/viz/FraudReports/FraudFacts ("Payment & Contact Methods" tab). Specifically, these figures indicate that fraud reports for payments apps or services, bank transfers or payments, wire transfers, and checks have increased from 145,358 in 2020, resulting in a loss of $806 million, to more than 188,000 in 2024, resulting in a loss of $2.99 billion.
4 ? Compare FinCEN, SAR Filings by Industry-Depository Institution, https://www.fincen.gov/reports/sar-stats/sar-filings-industry (Exhibit 5: Number of Filings by Type of Suspicious Activity from Depository Institution Industry, 2024 data) with FinCEN, Suspicious Activity Report Statistics (SAR Stats), https://www.fincen.gov/reports/sar-stats (Industry Type: Depository Institution, Year & Month: 2024 (all months), Suspicious Activity Category/Type: Fraud > ACH, Check, Wire).
[top] The rise in check fraud is particularly notable. Numerous sources report increasing levels of check fraud in
Footnotes:
5 ?For example, the U.S. Department of the Treasury reports that check fraud in the United States has risen 385 percent since the COVID-19 pandemic. See Department of the Treasury, Treasury Announces Enhanced Fraud Detection Process Using AI Recovers $375M in Fiscal Year 2023 (Feb. 28, 2024), https://home.treasury.gov/news/press-releases/jy2134. FinCEN reports that check fraud accounted for approximately 30 percent of fraud-related SARs filed in 2023. See SAR Stats, https://www.fincen.gov/reports/sar-stats.
A payments fraud scheme may involve multiple institutions and payment methods, each of which may fall within the remit of different Federal and State agencies. As a result, and given the scope and complexity of payments fraud schemes, no agency or private-sector entity can address payments fraud on its own. The Board, FDIC, and OCC nonetheless may be able to take certain discrete steps, collectively or independently, to mitigate payments fraud through their various roles discussed further below, such as regulator and supervisor. In addition, Reserve Banks may be able to further support the industry in addressing fraud as payments system operator and payments improvement catalyst.
Therefore, the FRS, FDIC, and OCC are considering whether additional actions may be warranted, collectively or independently in their different roles. Given the complexity and scope of payments fraud, input and engagement from a variety of stakeholders will be helpful to identify and evaluate the range of potential actions to consider.
III. Request for Information
As explained below, comment is requested on five potential areas for improvement and collaboration that could help mitigate payments fraud:
• External collaboration (questions 1-4)
• Consumer, business, and industry education (questions 5-8)
• Regulation and supervision (questions 9-15)
• Payments fraud data collection and information sharing (questions 16-20)
• Reserve Banks' operator tools and services (questions 21-22)
Commenters are also invited to provide perspectives related to payments fraud more generally (questions 23-26).
Where comments apply to only a subset of the FRS, FDIC, and OCC, please identify the relevant entity or entities.
External Collaboration
The FRS, FDIC, and OCC collaborate with stakeholders in various ways to support the safety and efficiency of the U.S. financial system. For example, the Board, FDIC, and OCC, together with other Federal and State agencies, issued guidance on elder financial exploitation. 6 More recently, the Reserve Banks collaborated with various industry stakeholders to launch the FraudClassifier SM model in 2020 and ScamClassifier SM model in 2024 to help address the industry-wide challenge of inconsistent classifications for payments fraud. 7 Additionally, the FRS in its role as payment system improvement catalyst worked with the payments and banking industry and other stakeholders to develop strategies for improving the U.S. payments system, which resulted in the introduction of instant payments in the United States. 8 There may be opportunities to facilitate further collaboration among industry stakeholders to better address payments fraud. Commenters are invited to respond to the following questions:
Footnotes:
6 ? See Interagency Statement on Elder Financial Exploitation (Dec. 4, 2024), https://www.federalreserve.gov/newsevents/pressreleases/bcreg20241204a.htm; https://www.fdic.gov/system/files/2024-12/interagency-statement-on-elder-financial-exploitation.pdf; and https://www.occ.gov/news-issuances/bulletins/2024/bulletin-2024-34.html.
7 ? See https://fedpaymentsimprovement.org/strategic-initiatives/payments-security/fraudclassifier-model/ and https://fedpaymentsimprovement.org/strategic-initiatives/payments-security/scams/scamclassifier-model/.
8 ? See Federal Reserve System, Strategies for Improving the U.S. Payment System (Jan. 26, 2015), https://fedpaymentsimprovement.org/wp-content/uploads/strategies-improving-us-payment-system.pdf.
1. What actions could increase collaboration among stakeholders to address payments fraud?
2. What types of collaboration, including standard setting, could be most effective in addressing payments fraud? What are some of the biggest obstacles to these types of collaboration?
3. Which organizations outside of the payments or banking industry might provide additional insights related to payments fraud and be effective collaborators in detecting, preventing, and mitigating payments fraud?
4. Could increased collaboration among Federal and State agencies help detect, prevent, and mitigate payments fraud? If so, how?
Consumer, Business, and Industry Education
Consumers, businesses, financial institutions, and other industry stakeholders currently have access to education on a range of financial topics, including payments fraud. 9 However, there may be a need for further education specific to payments fraud. Effective payments fraud education could, for example, help industry stakeholders identify suspected payments fraud and better inform affected parties about what steps to take following an incident of payments fraud. The effectiveness of any payments fraud education, however, may be undermined by the ever-evolving nature of payments fraud, the highly specific and sensitive nature of these crimes, and the range of potentially inconsistent guidance from multiple sources.
Footnotes:
9 ?For example, the OCC recently launched "Safe Money," a series of informational facts sheets to help consumers recognize and avoid common financial frauds and scams at https://www.occ.gov/publications-and-resources/publications/safe-money/index-safe-money.html. The Federal Reserve offers consumer advice and educational resources on its website at https://www.federalreserve.gov/consumerscommunities/fraud-scams.htm and through each Reserve Bank's website. The Federal Reserve also provides consumer alerts, an avenue for consumer complaints, and other relevant resources on payments fraud at https://www.federalreserveconsumerhelp.gov. The FDIC provides periodic newsletters to consumers, providing practical guidance on how to become a smarter, safer user of financial services, including helpful hints, quick tips, and common-sense strategies to protect and stretch your hard-earned dollars. This includes topics such as scammers, fake banks, or fraud against the elderly. See https://www.fdic.gov/consumer-resource-center/fdic-consumer-news for more information.
To assist in developing potential new payments fraud education, commenters are invited to respond to the following questions:
5. In general, what types of payments fraud education are most effective, and why? Would different audiences (for example, industry and consumers) benefit from different types of payments fraud education?
6. Would additional education informing consumers and businesses about safe payment practices be helpful to reduce payments fraud and promote access to safe, secure payment options?
[top] 7. Which approaches could make existing payments fraud education more effective? For example, would targeting outreach to particular audiences or
8. Are current online resources effective in providing education on payments fraud? If not, how could they be improved?? 10
Footnotes:
10 ?Examples of online resources include https://www.federalreserveconsumerhelp.gov; https://fedpaymentsimprovement.org; https://www.federalreserve.gov/consumerscommunities/fraud-scams.htm; https://explore.fednow.org/explore-the-city?id=11&building=fraud-control-tower; https://www.fdic.gov/consumer-resource-center/consumer-assistance-topics; https://www.fdic.gov/consumer-resource-center/fdic-consumer-news; https://www.occ.gov/publications-and-resources/publications/safe-money/index-safe-money.html; and https://www.occ.gov/topics/consumers-and-communities/consumer-protection/fraud-resources/index-fraud-resources.html.
Regulation and Supervision
While no agency has plenary regulatory or supervisory authority over the U.S. payments system, the Board, FDIC, and OCC have certain limited, and in some cases unique, statutory authorities that may apply to payments fraud. 11 For example, the Board, FDIC, and OCC supervise their respective financial institutions for compliance with their obligations under the Bank Secrecy Act/Anti-Money Laundering regime to identify, prevent, and report illicit financial activity including fraud. Additionally, the Gramm-Leach-Bliley Act requires the protection of nonpublic personal information as implemented by the Interagency Guidelines Establishing Information Security Standards. 12 The Board, FDIC, and OCC also supervise their respective financial institutions for compliance with consumer protection laws and regulations, such as the Expedited Funds Availability Act (implemented in Regulation CC), the Electronic Fund Transfer Act (implemented in Regulation E), the Truth in Lending Act (implemented in Regulation Z), and prohibitions on unfair, deceptive, or abusive acts or practices. 13 Although the Board, FDIC, and OCC believe that they are exercising their authorities appropriately, there may be opportunities to take additional regulatory or supervisory actions to address payments fraud within their authorities and, where appropriate, in coordination with other agencies.
Footnotes:
11 ?While no single Federal agency has regulatory authority to address all aspects of payments fraud, there are a variety of Federal and State laws and regulations applicable to payments fraud detection, mitigation, and resolution, often specific to the type of transaction and parties involved.
12 ?The Interagency Guidelines Establishing Information Security Standards (Guidelines) set forth standards pursuant to section 39 of the Federal Deposit Insurance Act, 12 U.S.C. 1831p-1, and sections 501 and 505(b), 15 U.S.C. 6801 and 6805(b), of the Gramm-Leach-Bliley Act. These Guidelines address standards for developing and implementing administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of customer information. These Guidelines also address standards with respect to the proper disposal of consumer information pursuant to sections 621 and 628 of the Fair Credit Reporting Act (15 U.S.C. 1681s and 1681w).
13 ?The Expedited Funds Availability Act (EFA Act), among other things, prescribes the maximum permissible hold periods for checks and other deposits. The Board implements certain provisions of the EFA Act with the Consumer Financial Protection Bureau (CFPB).
In considering potential additional regulatory or supervisory actions to mitigate payments fraud, the Board, FDIC, and OCC seek comment on the following questions. Additionally, there may be opportunities specific to check fraud that the Board could consider with respect to Regulation CC given its rule-writing authority, which is discussed separately below.
9. What potential changes to regulations (apart from the Board's Regulation CC, discussed separately below) could address payments fraud and mitigate the harms from payments fraud to consumers, businesses, and supervised institutions?
10. The Board, FDIC, and OCC have issued supervisory guidance on numerous topics that relate to payments fraud detection, prevention, and mitigation. 14 Is existing supervisory guidance related to payments fraud sufficient and clear? If not, what new or revised supervisory guidance should the Board, FDIC, and OCC consider issuing on this topic within the respective authorities?
Footnotes:
14 ?The Board, FDIC, and OCC have issued supervisory guidance on operational risk management, compliance risk management, third-party risk management, and model risk management. For example, the Federal Financial Institutions Examination Council, of which the Board, FDIC, and OCC are members, issued guidance that provides financial institutions with examples of effective authentication and access risk management principles, and practices for customers, employees, and third parties accessing digital banking services and information systems. See Federal Financial Institutions Examination Council, Authentication and Access to Financial Institution Services and Systems (Aug. 11, 2021), https://www.ffiec.gov/guidance/Authentication-and-Access-to-Financial-Institution-Services-and-Systems.pdf. The Board, FDIC, and OCC, together with other Federal and State agencies, issued guidance on elder financial exploitation. See Interagency Statement on Elder Financial Exploitation (Dec. 4, 2024), https://www.federalreserve.gov/newsevents/pressreleases/bcreg20241204a.htm; https://www.fdic.gov/system/files/2024-12/interagency-statement-on-elder-financial-exploitation.pdf; and https://www.occ.gov/topics/consumers-and-communities/consumer-protection/fraud-resources/index-fraud-resources.html. As required by the Gramm-Leach-Bliley Act, the Federal banking agencies have issued interagency guidelines establishing information security standards. See, e.g., 12 CFR part 208, app. D-2, and part 225, app. F. Finally, OCC Bulletin 2019-37 outlines sound fraud risk management principles at https://www.occ.treas.gov/news-issuances/bulletins/2019/bulletin-2019-37.html.
11. How might new or revised supervisory guidance assist small community banks in detecting, preventing, and mitigating payments fraud?
12. What is the experience of consumers and businesses when supervised institutions place holds on depositors' funds because of suspected payments fraud? (Regulation CC's "reasonable cause to doubt collectability" exception is discussed separately below.)
(a) For instance, how frequently are consumers and businesses affected by holds, delays, or account freezes, and how responsive are supervised institutions to inquiries from consumers and businesses regarding these issues?
(b) Do current disclosure requirements effectively address consumer and business concerns when supervised institutions hold customer funds due to suspected payments fraud? For example, should changes be considered with respect to permissible customer communications under SAR confidentiality rules?
13. The Board, FDIC, and OCC have received complaints from supervised institutions regarding challenges in resolving disputes about liability for allegedly fraudulent checks. 15 What is the experience of supervised institutions when trying to resolve these types of interbank disputes regarding allegedly fraudulent checks? Do these types of interbank disputes arise more frequently in connection with certain types of checks or parties? What actions could the Board, FDIC, and OCC consider, including potential amendments by the Board to Regulation CC, that could improve supervised institutions' ability to resolve interbank disputes over liability for allegedly fraudulent checks?
Footnotes:
15 ?The Board, OCC, and FDIC have each established mailboxes to receive interbank complaints about this issue concerning their supervised financial institutions.
Although the Board is not proposing any changes to Regulation CC at this time, the Board seeks comment on the following questions:
[top] 14. Regulation CC seeks to balance prompt funds availability with the risk of checks being returned unpaid for reasons that include fraud. What potential amendments to Regulation CC would support timely access to funds from check deposits while providing depository institutions with sufficient time to identify suspected payments fraud?
(a) Have technological advancements in check processing reduced the time it takes for depository institutions to learn of nonpayment or fraud such that funds availability requirements for local checks and nonproprietary ATMs should be shortened?? 16
Footnotes:
16 ?The funds availability requirements for cash deposits, wire transfers, and government and certain other types of checks are established by the EFA Act. See 12 U.S.C. 4002(a). The EFA Act requires the Board and CFPB to reduce the time periods for certain other check and ATM deposits to as short a time as possible and equal to the period of time achievable for a receiving depository institution to reasonably expect to learn of the nonpayment of most items for each category. 12 U.S.C. 4002(d)(1). In October 2024, an interested person submitted a rulemaking petition to the Board and CFPB requesting that both agencies engage in a rulemaking process to shorten maximum permissible hold times for checks and funds deposited by customers. The Board views this rulemaking petition as an additional consideration related to the issuance of this RFI. In response to the growth in electronic processing, the Reserve Banks reduced the number of their paper check-processing offices from 45 in 2003 to a single office in 2010. The consolidation resulted in all checks being considered "local checks" under Regulation CC.
(b) What effects would shortening funds availability requirements have on payments fraud, consumers who rely on timely access to funds, and depository institutions?
(c) Are there any changes the Board should consider to the expeditious return requirement to better balance providing expeditious notice to the receiving depository institution with ensuring adequate time for the paying depository institution to investigate potentially fraudulent checks?? 17
Footnotes:
17 ?Regulation CC requires a depository institution that determines not to pay a check to return the check expeditiously so that receiving depository institutions are more likely to learn of a return before making funds available. See 12 CFR 229.31(b).
15. Regulation CC provides six exceptions that allow depository institutions to extend deposit hold periods for certain types of deposits, including deposits for which the depository institution has reasonable cause to doubt the collectability of a check. 18 Is this exception effective in allowing depository institutions to mitigate check fraud while also allowing timely access to funds? Would depository institutions benefit from further clarification on when it may be appropriate to invoke this exception? What are the experiences of businesses and consumers when depository institutions invoke this exception in order to delay the availability of depositors' funds?
Footnotes:
18 ? See 12 CFR 229.13(e).
Payments Fraud Data Collection and Information Sharing
Payments fraud data, such as value and volume of fraudulent payments and industry negative lists, is currently collected in an incomplete, non-standardized, ad hoc, and fragmented way. 19 For example, not all entities in the payments and banking industry collect payments fraud data, especially authorized payments that are a part of a scam or fraud. Further, existing data sources may focus on particular payment methods, types of payments fraud, or segments of the industry, and may use different definitions of payments fraud. Further promoting, standardizing, and centralizing payments fraud data collection and information sharing could provide a more comprehensive understanding of the prevalence and impact of payments fraud. These improvements also could aid in identifying payments fraud schemes that are being repeated across payment methods and institutions, allowing for the development of more-informed, holistic strategies to address payments fraud.
Footnotes:
19 ?For example, the FTC maintains a website where consumers can report payments fraud. See https://reportfraud.ftc.gov. The FBI's Internet Crime Complaint Center is the main federal law enforcement hub for reporting cyber-enabled crime, which includes payments fraud. See https://www.ic3.gov/AnnualReport/Reports/2024_IC3Report.pdf. In addition, depository institutions are required to file SARs with FinCEN following suspected incidents of payments fraud. FRS has previously collected payments fraud data in connection with its Federal Reserve Payments Study, which it published in 2014 and 2018. See Board of Governors of the Federal Reserve System, The 2013 Federal Reserve Payments Study: Recent and Long-Term Payment Trends in the United States: 2000-2012 (July 2014), https://www.frbservices.org/binaries/content/assets/crsocms/news/research/2013-fed-res-paymt-study-detailed-rpt.pdf. See Board of Governors of the Federal Reserve System, Changes in U.S. Payments Fraud from 2012 to 2016: Evidence from the Federal Reserve Payments Study (Oct. 2018), https://www.federalreserve.gov/publications/files/changes-in-us-payments-fraud-from-2012-to-2016-20181016.pdf.
However, there may be barriers to improving payments fraud data collection and information sharing. Payments fraud may be underreported because of the reluctance of victims to report fraud due to embarrassment or shame, confusion regarding the proper reporting channel, and a perception that reporting does not lead to remediation. Further, potential risks associated with sharing payments fraud-related information may prevent sharing across stakeholders.
To assist in potentially promoting improved payments fraud data collection and information sharing, commenters are invited to respond to the following questions:
16. Broadly, how could payments fraud data collection and information sharing be improved?
17. What barriers limit the collection and sharing of payments fraud data between industry stakeholders, and how could these barriers be alleviated? For example, have specific barriers limited development of solutions or participation in bilaterial or multilateral payments fraud data collection and information sharing? What changes would address these barriers?
18. What role should the FRS, FDIC, or OCC take in supporting further standardization of payments fraud data? For instance, can the FRS better leverage or improve the FraudClassifier SM and ScamClassifier SM models?
19. What types of payments fraud data, if available, would have the largest impact on addressing payments fraud? If these data are not currently being collected or shared, what entities are best positioned to collect and share such data?
20. Is there a need for centralized databases or repositories for the sharing of payments fraud data across entities? What legal, privacy, or practical risks and challenges could such a centralized database or repository pose? Which entities are best positioned to develop and participate in a centralized database or repository?
Reserve Banks' Operator Tools and Services
The Reserve Banks offer check processing, ACH transfers, instant payments, and wire services, among other services. In this operational role, the Reserve Banks have taken important steps to prevent and mitigate payments fraud. For example, the Reserve Banks provide risk management tools and services that participating financial institutions may use as part of their payments fraud detection, prevention, and mitigation programs. 20 The FRS believes that there may be further opportunities for the Reserve Banks, as a payments system operator, to provide additional tools and services designed to reduce payments fraud.
Footnotes:
20 ? See https://www.frbservices.org for more information on Reserve Bank financial services, including risk management and fraud tools and services. Examples of these tools and services include FedDetect® Anomaly Notification for FedACH® Services, FedACH® Exception Resolution Service, FedDetect® Duplicate Notification for Check Services, FedACH® Risk Origination Monitoring Service, FedACH® RDFI File Alert Service, FedPayments® Reporter for Check Services Corporate Payor Report, FedNow® Service network- and participant-level transaction limits, and FedNow® Service participant defined negative lists.
[top] In considering potential additional actions the Reserve Banks can take in
21. How can the Reserve Banks enhance their existing risk management tools and services, operations, rules, or procedures to better meet the needs of participating financial institutions in addressing payments fraud? For example, should the Reserve Banks consider requiring fraud reporting for payment rails (as they already do for the FedNow® Service) or adopting any particular payments fraud standards?
22. Are there risk management tools or services that the Reserve Banks should consider offering or expanding, such as (a) developing a payments fraud contact directory for financial institutions, (b) offering tools that can provide notification of atypical payment activity, or (c) introducing confirmation of payee services to help mitigate fraudulent payment origination?? 21
Footnotes:
21 ?Some payments systems have implemented services known as confirmation of payee, which are designed to reduce payments fraud by enabling senders to review key payment information, such as the name associated with the intended account.
General Questions
In addition to the more specific questions above, commenters are invited to respond to the following general questions related to payments fraud:
23. What types of payments fraud have most impacted your organization and its stakeholders? What tactics have criminals employed when perpetrating these types of payments fraud?
24. What measures, including technological solutions or services, have been most effective in identifying, preventing, and mitigating payments fraud at your institution? Are there actions that consumers can take that help institutions? For example, do financial institutions find it helpful when consumers alert the institution in advance when making large purchases, transferring large amounts of money, and traveling abroad?
25. To the extent not already addressed here, are there other actions that would support stakeholders in identifying, preventing, and mitigating payments fraud?
26. Are there specific actions that commenters believe could encourage the use of payment methods with strong security features?
Rodney E. Hood,
Acting Comptroller of the Currency, Office of the Comptroller of the Currency.
By order of the Board of Governors of the Federal Reserve System.
Benjamin W. McDonough,
Deputy Secretary of the Board.
Federal Deposit Insurance Corporation.
Dated at Washington, DC, on June 13, 2025.
Jennifer M. Jones,
Deputy Executive Secretary.
[FR Doc. 2025-11280 Filed 6-18-25; 8:45 am]
BILLING CODE 6210-01-P; 4810-33-P; 6714-01-P