Outside PSD3, Inside the Fraud Storm: Why Swiss Banks Should Rethink Scam Prevention
Switzerland occupies a curious space in Europe’s financial map.
It isn’t part of the EU and therefore sits outside the regulatory reach of PSD3 and the new Payment Services Regulation. Yet Swiss banks are anything but isolated. They process massive volumes of cross-border payments every day, serve international clients, and remain deeply entwined with European markets.
That creates a paradox. On paper, Swiss institutions don’t have to comply with PSD3’s tougher rules on fraud liability and customer protection. In practice, those same rules will shape the expectations of their EU counterparties—and their own clients who compare experiences across borders.
The question for Swiss banks, then, is this: How to navigate a regulatory grey zone where the law may shield banks from liability, but fraud threats and customer expectations keep rising?
Fraud in Switzerland: Rising Numbers, Shifting Tactics
According to the Federal Office for Cybersecurity, more than 42,000 cyber-fraud offenses were reported in Switzerland in 2024, a staggering 40% increase compared to the previous year. The overwhelming majority of cases don’t stem from technical breaches. Instead, they arise from social engineering where fraudsters manipulate real customers into making payments that look perfectly legitimate on the surface.
This is where Switzerland faces the same threats sweeping Europe:
- Authorized Push Payment (APP) scams are on the rise, where customers are tricked into sending money themselves.
- Phishing, smishing, and vishing attacks continue to evolve, exploiting new channels from SMS to WhatsApp.
- CEO fraud cases nearly doubled between 2023 and 2024.
- Remote access tools and malware are being used to hijack sessions and bypass traditional security checks.
- Mule networks are becoming more sophisticated, moving stolen funds across borders at high speed.
- And with the rollout of instant payments (SIC5) across Swiss banks, fraudsters gain an even faster channel to move money, raising the stakes for real-time detection and prevention.
The Ripple Effect of PSD3
Switzerland’s fraud landscape may look much like the rest of Europe, but the picture changes when it comes to regulation. This is where Switzerland stands apart.
Across the EU, the upcoming PSD3 and its companion Payment Services Regulation (PSR) are reshaping how banks deal with fraud. Their goals are clear:
- Stronger liability rules that shift more responsibility onto banks in cases of certain impersonation scams.
- Refined Strong Customer Authentication (SCA) requirements.
- Tighter intelligence sharing of fraud-related information between financial institutions to spot and stop mule activity earlier.
Swiss banks are not legally obliged to follow PSD3 but the ripple effects are impossible to ignore. Their EU counterparties will be bound by these standards, and cross-border transactions inevitably bring Swiss institutions into the fold. Customers, too, will compare protections they receive abroad with what their Swiss bank offers at home.
Swiss Case Law: Liability Shield or Reputational Risk?
While PSD3 is pushing EU banks toward greater accountability for fraud, Switzerland operates under a different framework. Here, the rules are shaped by Federal Supreme Court rulings, and outcomes often diverge from EU practice.
Take the 4A_610/2023 case: a bank was found grossly negligent for failing to double-check unusual transfer instructions. Yet, because the client hadn’t raised a written objection within the contractual 30-day deadline, the loss ultimately fell on the customer. In 4A_539/2021, the Court clarified that even if a client makes mistakes, their fault only cancels the bank’s liability if it completely breaks the chain of causation—a high bar, but one that still leaves room for banks to rely on contract clauses to limit exposure.
In effect, Swiss law provides banks with stronger contractual defenses than what we see in the UK or what is unfolding in the EU with PSD3. There, the trend is to shift liability toward banks in cases of APP scams and impersonation fraud. In the UK, for instance, reimbursement rules mean customers are typically compensated, with banks covering the losses.
For Swiss institutions, this creates a balancing act. Legal protections are robust, but customer expectations are changing. Clients who see EU peers benefiting from broader reimbursement may question why Swiss rules appear stricter. And while courts may side with the bank, reputational risk can cut the other way: explaining to a defrauded customer that a missed deadline voids reimbursement is rarely an easy conversation.
Compliance Winds Are Shifting in Switzerland
Even if the liability shift hasn’t materialized in regulation yet, Switzerland is not standing still in advancing fraud prevention.
The Swiss Bankers Association (SBA) recently published recommendations to strengthen collective defenses in account-to-account payments. These include joint awareness campaigns under a unified brand, a network-level, real-time risk scoring service to flag suspicious payments as they happen, and stronger cross-industry collaboration with telecoms and digital platforms. Such measures will be especially critical as instant payments scale up through SIC5, where the speed of transactions leaves almost no time to intervene once funds are gone.
Driven by international pressure to meet FATF standards, and reinforced by the sharp rise in cyber-fraud and financial crime, the country is also strengthening its AML framework. New rules will require greater transparency of beneficial ownership, extend due diligence obligations to high-risk advisory professions, and push banks to modernize monitoring and reporting systems.
For fraud fighters, these reforms matter. The SBA’s proposals aim to make scams more visible across the network, while AML reforms tighten the flow of illicit funds. Together, they mean less room for mule accounts, faster identification of suspicious transactions, and closer scrutiny of cross-border payments. In other words, AML and fraud prevention are converging. Relying solely on contractual liability shields will not be enough for Swiss banks in the long run.
From Strategy to Action: How Swiss Banks Can Respond
The direction of travel is clear. With collaboration becoming central to the SBA’s agenda and AML reforms raising the bar on transparency, the foundations of fraud prevention in Switzerland are shifting. What matters now is how banks turn these frameworks into day-to-day protection for their customers.
One way forward is to focus on real-time detection of manipulation; catching scams as they unfold, not after the money has moved. This is where behavioral intelligence becomes crucial. By analyzing subtle patterns in how a customer interacts with their device or banking app, it’s possible to spot when someone is under pressure, being coached, or acting in ways inconsistent with their usual behavior.
Alongside that, customer-facing tools—such as timely in-app warnings or features that let users check suspicious messages—can make clients part of the defense without adding friction. And because fraud is rarely contained within a single institution, cross-bank intelligence sharing and network-level insights will be vital to closing the gaps exploited by mule networks.
This challenge is not unique to Switzerland. The Nordics are grappling with the same pressures as instant payments accelerate: how to balance speed, liability frameworks, and customer expectations in a landscape where social engineering scams are growing fast. The parallels highlight that fraud doesn’t respect borders. Solutions must be both local and collaborative across regions.
Taken together, these approaches reflect the logic behind ThreatMark’s family of solutions: from behavioral intelligence at the individual level, to scam-intervention tools for customers, to intelligence-sharing frameworks across institutions. It’s a model designed not just to comply with regulation, but to disrupt fraud as it happens—a direction that aligns closely with where Swiss fraud prevention is already heading.
Learn more about behavioral intelligence
From Legal Defense to Active Fraud Prevention
For Swiss banks, liability may not yet be the main driver. But fraud itself is. The sharp rise in scams shows that relying on legal protections alone is not sustainable. Customers don’t just judge banks by what a court might decide; they judge them by how effectively they are protected when it matters most.
This is where reputation comes into play. A bank that reimburses victims reluctantly because of a missed deadline or a customer’s mistake may win the legal case but lose the client—and their trust. Conversely, a bank that steps in early, prevents losses, or supports customers through scam attempts builds both resilience and loyalty.
In short: even without a regulatory liability shift, the business case for stronger fraud prevention is clear. Protecting customers also protects reputation, operational efficiency, and cross-border credibility. Given Switzerland’s role as a global banking hub, expectations will be even higher: Swiss banks may sit outside the EU’s regulatory perimeter, but it cannot sit outside the fraud reality.
Talk to a fraud fighter
Related Articles
-
September 2, 2025
Authority Bias Scams: Why Customers Fall for Them and How Banks Can Fight Back
Authority bias fuels modern scams. Behavioral signals can help banks stop them.
Scams driven by social manipulation are surging....
-
August 20, 2025
From Bonus Abuse to Bot Attacks: Inside the New Wave of Gaming Fraud
Gaming fraud is on the rise, with nearly 83% of operators reporting an increase in the past year....
-
August 13, 2025
Beyond Compliance: How Credit Unions Can Avoid the Courtroom in Fraud Cases
As more scam victims take their cases to court, US banks and credit unions are facing a stark...