Fintech 2025

FRANCE Law and Practice Contributed by: Hubert de Vauplane and Hugo Bordet, Morgan Lewis & Bockius LLP

38% of fraud cases involved card payments and 26% of fraud cases involved bank transfers. The ACPR noted that the most common types of fraud were manipulation fraud and fraud related to online payments. This trend also extends to investment services. In January 2025, the AMF and the ACPR updat - ed their blacklist of unauthorised actors offering investments, particularly in forex and crypto- asset derivatives, in France. In 2024, more than 100 new actors were added to this list. In 2024, the ACPR added 1,290 actors to its blacklist, mainly for fraudulent offers of loans or savings books. Over 64% of these cases involved identity theft of financial institutions authorised to market these products in France French regulators’ priorities are driven by the fraud trends observed. Between 2021 and 2023, the ACPR conducted a series of inspections on the handling of payment transactions (including card payments, wire transfers and direct debits) that customers disputed as unauthorised. The aim was to ensure that payment service provid - ers comply with the reimbursement framework established under PSD2 for unauthorised trans - actions. Additionally, in 2022 and 2023, the ACPR observed an increase in the use of French IBAN accounts, opened by French or European enti - ties, often using stolen identities, to receive pro - ceeds from wire transfer frauds where the payer is manipulated by the fraudster. In 2023, the ACPR focused its inspections par - ticularly on the money transfer and crypto-asset or in the European Economic Area. 12.2 Areas of Regulatory Focus

sectors, in response to risks highlighted in the ACPR’s sectoral analysis of money laundering and terrorist financing risks in France published in June 2023. In parallel, the AMF worked on several initiatives addressing the role of influencers in financial matters ( “finfluencers” ) on social media, improv - ing systems to alert investors to financial fraud and raising awareness among internet service providers about online fraud. In 2024, the Observatory for the Security of Pay - ment Means ( Observatoire de la sécurité des moyens de paiement , OSMP), with regard to remote card payments, adopted an action plan aimed at strengthening the security of unauthen - ticated payments made without the 3-D Secure technical protocol. These payments are still two to three times more likely to be subject to fraud compared to those using the 3-D Secure proto - col. Initial measures have been implemented as of 10 June 2024, including the introduction of a cap on the acceptance of such transactions. 12.3 Responsibility for Losses The transposition of PSD2 into French law speci - fies that payment service providers must ensure the security of payments and protect users from unauthorised or incorrectly executed transac - tions. Articles L. 133-18 and L. 133-22 of the French Monetary and Financial Code impose an obliga - tion for immediate reimbursement of unauthor- ised or incorrectly executed payments, provided the user reports the incident within 13 months. In cases of suspected fraud, the payment service provider may deviate from this reimbursement obligation, provided that it informs the BdF of its justification.

277 CHAMBERS.COM

Powered by