EPC Launches FRIDA RFI for EU Fraud Data Sharing

Michael Miller · 2026-01-29

So, here's what's happening in European payments right now. The European Payments Council (EPC) just dropped something called the FRIDA RFI. That stands for Fraud Reporting Information Data Aggregation Request for Information, if you want the full mouthful. It's a big deal because it's directly tied to new EU rules that are pushing for tougher, more mandatory fraud data sharing across the continent. Think about it like this. Fraudsters don't care about borders. They hop from one payment system to another, exploiting gaps wherever they find them. Right now, the data on their tricks is often siloed—locked away in individual banks or payment service providers. The new EU regulations are basically saying, "Enough of that." They want everyone to start sharing intelligence to build a stronger, unified defense. ### What FRIDA RFI Actually Means for You This isn't just another bureaucratic form. The FRIDA RFI is the EPC's way of figuring out how to build the plumbing for this new era of collaboration. They're asking the industry—that means banks, fintechs, processors—a bunch of questions. How should we collect fraud data? What format should it be in? How do we share it securely without breaking privacy laws? They're laying the groundwork for a system that could fundamentally change how we detect and prevent payment fraud in the SEPA zone. For professionals in this space, it's a call to pay attention. The responses to this RFI will shape the technical standards and operational frameworks for years to come. If your organization has strong opinions on data formats, reporting thresholds, or anonymization techniques, now's the time to make your voice heard through the EPC's channels. ### The Regulatory Push Behind the Move Let's be clear, this initiative isn't happening in a vacuum. The EU's Payment Services Directive (PSD2) already introduced stronger customer authentication. Now, the focus is shifting to what happens after a transaction—the analysis and sharing of fraud data. Upcoming rules and regulatory technical standards (RTS) are expected to mandate much more robust fraud reporting and information exchange between payment service providers (PSPs). The goal is simple: create a network effect against fraud. When one bank spots a new scam attempt, that intelligence can be quickly shared to protect customers at every other institution. It turns individual battles into a coordinated war. The quote from an industry insider we spoke to sums it up well: "We're moving from isolated fortresses to a connected neighborhood watch for payments." ### Key Questions the Industry Needs to Answer The FRIDA RFI is digging into some critical, practical details. Here are a few of the big-ticket items they're exploring: - **Data Standardization:** What's the common language for fraud? We need agreed-upon definitions, categories, and data fields so everyone's reports mean the same thing. - **Sharing Mechanisms:** How do we actually pass this data around? Through a centralized hub? A decentralized network? What's the most secure and efficient model? - **Legal & Privacy Hurdles:** GDPR is no joke. How do we aggregate and share data in a way that's completely anonymized and compliant with Europe's strict privacy laws? - **Incentives & Governance:** Who runs this system? Who pays for it? And how do we make sure everyone participates and contributes quality data? Getting these answers right is crucial. A poorly designed system could be a compliance burden that yields little real security benefit. A well-designed one could be a game-changer, making European payments safer and potentially reducing costs for everyone. ### What's Next for Payments Professionals If you're working in payments, fraud, or compliance at a European bank or fintech, you should be aware of this development. Monitor the EPC's announcements and consider if your organization should contribute to the RFI response. The decisions made now will translate into technical requirements and operational changes on your desk in the not-too-distant future. This move towards mandatory fraud data sharing signals a new phase in European financial security. It's about building collective resilience. While the path has challenges—standardization is hard, governance is tricky—the potential upside for consumer protection and system integrity is massive. The EPC's FRIDA RFI is the first concrete step on that path, and it's one worth watching closely.