Fintech 2025

LITHUANIA Law and Practice Contributed by: Donatas Šliora and Marius Matiukas, ADON legal

behalf of the PSU that could have financial con - sequences for them but that were done without their knowledge or consent. Such transactions may occur due to the theft of payment instru - ments, for example. Authorised Payment Transactions This includes situations where payment trans - actions are carried out with the PSU’s consent, but the PSU was misled about the purpose, consequences or other important details of the transaction. Even though the PSU agreed to the transaction, their decision was based on false or misleading information. This type of fraud is conducted on the basis of activities such as phishing and vishing. 12.2 Areas of Regulatory Focus The Bank of Lithuania has raised concern in recent years about the ever-growing number of telephone call and message-based scams, where (for example) fraudsters try to gain a PSU’s credentials or other information used for authorisation by: • leading them to a fake website of a real finan - cial institution; • getting them to provide their credentials on said website; and • pressuring them by lying to them about a debt or the traffic accident of a relative, with the latter needing “urgent financial assis - tance” . Traditional fraud as well as new means of fraud are always present and evolving. The Bank of Lithuania is trying to outpace this growth by organising various publications and consulta - tions to increase the financial literacy of PSUs.

As with all member states of the EU, legisla - tion also stipulates certain fraud risk prevention standards and requirements, further transposed by national legislation and various positions, res - olutions and guidelines of the Bank of Lithuania. One of the most notable documents addressing fraud prevention nationally is the Fraud Preven - tion Guidelines of the Bank of Lithuania. These guidelines aim to help financial institutions and provide examples of good practice relating to fraud prevention. 12.3 Responsibility for Losses The main regulatory focus on fraud prevention – including responsibility for losses – may be seen in the payment sector. There are consider - able expectations for fintechs to take proactive measures to prevent fraud – this includes: • provision of information on fraud typologies to clients; and • a requirement to provide details of a trans - action in an SMS, or a push-up notification during two-factor authentication. Generally, if the client states that they have not authorised a payment transaction, the payment service provider must prove either fraud or gross negligence by the client, or otherwise must com - pensate the client for all losses.

499 CHAMBERS.COM

Powered by