- Key insight: Both parties agree that while banks bear the brunt of mitigation efforts, scams usually originate elsewhere, such as on social media or telecommunications networks.
- Forward look: The committee reviewed the STOP Fraud Act, which would allow financial institutions to lengthen hold times on suspected fraudulent transactions.
- Expert quote: "The U.K. has shown that shared liability works," and every actor in the ecosystem must have "skin in the game," according to Adam Rust of the Consumer Federation of America.
Overview bullets generated by AI with editorial review
Financial institutions and lawmakers agree on a bipartisan basis that the $16.6 billion fraud and scam epidemic requires a whole-of-government response and better information sharing, but they remain deeply divided over who bears the liability.
Still, a House hearing on Thursday yielded strong signs that ample bipartisan agreement exists for new legislation to empower banks to fight fraud and scams.
The scale and complexity of fraud and scams are increasing rapidly, driven by artificial intelligence, deepfakes and transnational criminal networks, according to representatives of community banks, credit unions, large retail banks and consumer advocates who appeared Thursday before the House Financial Services Subcommittee on Financial Institutions.
"Fraud and scam losses are not abstract statistics," but rather represent "retirement savings wiped out, college funds drained, and small business savings accounts emptied overnight," according to Rep. Andy Barr (R-Ky.), the subcommittee's chairman.
Americans reported $16.6 billion in cybercrime losses in 2024, a 33% increase over the prior year, according to a recent FBI report. Meanwhile, consumers reported losing more than $12.5 billion to fraud in 2024, according to Federal Trade Commission data.
However, lawmakers and consumer advocates say that these staggering fraud loss figures likely understate the problem because victims frequently fail to report their losses out of shame or confusion.
For the banking industry, the stakes are high. Banks and credit unions often serve as the last line of defense against scams that frequently originate outside the financial system on social media platforms or telecommunications networks.
As criminals increasingly manipulate consumers into authorizing fraudulent transfers, policymakers are actively debating whether to give banks legal safe harbors to collaborate and share threat data, or to saddle them with shared liability for the lost funds.
Committee previews drafts on data sharing, AI and transaction holds
During the hearing, lawmakers previewed two unsponsored draft bills that represent new ideas from the industry getting a first look in Congress.
The first discussion draft, the Scrutinizing Transactions for Overt Payment Fraud, or STOP Fraud, Act, adds flexibility to the Expedited Funds Availability Act. This allows financial institutions to slow down the availability of funds when they suspect fraud so that fraudsters can't exploit the floated funds banks must issue during fraud investigations.
Longer hold times are appropriate in certain cases and would allow community banks to stop more fraudulent transactions, according to Gay Dempsey, CEO of the Bank of Lincoln County and member of the Fraud and Scams Task Force at the Independent Community Bankers of America. Dempsey testified on ICBA's behalf on Thursday.
In addition, the committee reviewed the Bank Fraud Technology Advancement Act, which directs federal banking agencies to conduct an interagency study on how advanced technologies, including artificial intelligence and machine learning, are used to detect and prevent financial fraud.
Crucially for smaller institutions, the study focuses on the specific challenges faced by community banks and credit unions with under $10 billion in assets. This comprehensive study on the use of AI in fraud prevention would be valuable for the industry, Dempsey said.
Lawmakers did not directly indicate support for or opposition to these unsponsored drafts during the hearing, but Barr indicated sympathy for the underlying concepts.
For example, he said funds availability rules under Regulation CC "were written for a very different era." The primary risk used to be banks holding checks for too long, Barr said, but now the risk is "criminals exploiting mandatory next day availability to drain accounts before investigations can detect fraud."
Barr also said that financial regulators "often lack robust understanding of artificial intelligence and machine learning," and this lack of understanding prevents regulators from establishing clear guardrails, leaving financial institutions hesitant to confidently adopt these technologies to prevent fraud.
Bipartisan consensus: Scams are soaring, and banks can't fight them alone
Both Republicans and Democrats expressed alarm Thursday at the sheer volume of money draining from the U.S. financial system.
They also agreed that while banks are bearing the brunt of the mitigation efforts, the origin of these scams usually lies elsewhere.
Fraud often starts through spoofed phone calls, email promises or fake social media advertisements before a transaction ever reaches the banking system, according to Rep. Roger Williams (R-Texas).
"Technological solutions, improved information sharing arrangements and stronger federal coordination provide a start to addressing these issues," according to Rep. Bill Foster (D-Ill.), the subcommittee's ranking member.
Foster said the committee must look at actions other industry sectors can take to eliminate these common threat vectors.
Lawmakers and industry witnesses also found common ground on the need to modernize the legal framework for information sharing.
Current privacy constraints sometimes prevent institutions from warning each other about fraudulent accounts or suspicious behavioral patterns, and "fraud today is networked, cross institutional, and real time," according to Barr.
Representatives from community banks and credit unions echoed this sentiment, pleading for the ability to exchange data without fear of regulatory blowback.
"More information sharing is critical between banks," according to Dempsey.
Republicans have signaled a willingness to meet Democrats in the middle on this issue, specifically through the Transaction Risk Analytics and Collaborative Exchange, or TRACE, Act. The act would establish a legal framework for banks, payment networks and tech companies to securely share fraud data.
Rep. Mike Quigley (D-Ill.) has sponsored the bill, and Republicans placed it on the Thursday subcommittee hearing agenda as a discussion draft.
During the hearing, Barr signaled strong support for the bill's core objective of creating safe harbors for interbank information sharing.
The current "legal framework for information sharing is outdated," Barr said in his opening remarks at the hearing. Current privacy statutes and consumer reporting laws "limit the ability of financial institutions to share data in ways that could identify mule networks and coordinated fraud patterns," he said.
The Democratic approach: Shared liability and expanded protections
Democrats generally prefer to tackle the fraud epidemic by ensuring victims receive restitution and by holding all participants in the payment journey financially accountable.
Since 2024, Democratic lawmakers have largely rallied around one primary legislative proposal to achieve this: the Protecting Consumers from Payment Scams Act, introduced by Rep. Maxine Waters (D-Calif.) and Sens. Elizabeth Warren (D-Mass.) and Richard Blumenthal (D-Conn.).
The legislation would update the Electronic Fund Transfer Act to treat "fraudulently induced electronic fund transfers in the same manner as unauthorized electronic fund transfers," according to the text of the bill.
Crucially, the bill dictates that liability for the stolen money "shall be evenly shared between the financial institution holding the consumer's account and the financial institution that received the transfer," according to the legislation.
Consumer advocates strongly back this shared-liability model. The Electronic Fund Transfer Act was written in 1978, but today's criminals frequently coerce victims into authorizing transfers where the law provides little recourse, according to Adam Rust, director of financial services for the Consumer Federation of America.
"The U.K. has shown that shared liability works," and every actor in the ecosystem must have "skin in the game," Rust said during the hearing Thursday.
The Republican approach: Cross-sector accountability and targeted task forces
Republicans generally oppose shifting liability onto financial institutions when customers mistakenly authorize fraudulent payments. Making banks bear the cost "does not address the underlying root causes of scams" and could actually fuel more first-party criminal activity while financially straining smaller institutions, according to Barr.
Instead of focusing solely on the banking system, Republican lawmakers want to crack down on the technology and social media platforms where scams frequently originate.
Rep. Dan Meuser (R-Pa.) introduced the Safeguarding Consumers from Advertising Misconduct, or SCAM, Act, which would prohibit online platforms from displaying deceptive commercial advertisements and require them to actively verify the identity of advertisers.
"We can't sit by while social media companies have business models that knowingly enable scams," according to a February press release from Sen. Bernie Moreno (R-Ohio), who introduced the Senate version of the legislation.
Republicans are also pushing to equip local police with better tools to track down stolen funds. Rep. Zach Nunn (R-Iowa) introduced the Guarding Unprotected Aging Retirees from Deception, or GUARD, Act, which would permit state and local law enforcement agencies to use federal grant money to investigate elder financial fraud and pig butchering cryptocurrency schemes.
Additionally, Nunn introduced the Taskforce for Recognizing and Averting Payment Scams, or TRAPS, Act alongside a Senate companion bill led by Sen. Mike Crapo (R-Idaho).
The legislation would establish a Treasury Department-led task force — bringing together law enforcement, regulators, and industry representatives — to coordinate a national strategy and examine effective methods for preventing payment scams.
The partisan clash over CFPB funding
The main point on which Republicans and Democrats disagree is the role and funding of the Consumer Financial Protection Bureau, which defenders say could be contributing to the fight against fraud and scams.
Democrats said the Trump administration has intentionally gutted the agency and enabled corruption, condemning the administration's recent moves to halt the CFPB's work, terminate staff and drop enforcement actions against big banks and crypto scammers.
President Trump is "ushering in the golden age of fraud" through a systematic dismantling of the agency, according to Rep. Stephen Lynch (D-Mass.). Because of these actions, "consumer protection is dead," he said.
Echoing this sentiment, Rep. Al Green (D-Texas) accused the administration of directly benefiting from the very financial crimes the government should be preventing.
Green pointed to cryptocurrency "pump and dump schemes" tied to the president's family, arguing that the administration's corruption and pocketing of big money from these schemes "is unbelievable," according to his remarks during the hearing.
Republicans countered that the bureau's past oversight failed to stop the surge in scams and that its broad authorities actually hinder banks from fighting fraud. They rejected the idea that a fully empowered CFPB is the solution, pointing to the agency's track record during the Biden administration.
Scams and fraud increased 110% under the CFPB's oversight between 2021 and 2024, so restoring the agency's funding would be "doubling down on failure," according to Meuser, the Pennsylvania Republican.
Furthermore, Republicans argued that the CFPB's broad authority to penalize unfair, deceptive or abusive acts or practices, or UDAAP, actively deters banks from stopping scams. Financial institutions often hesitate to deploy necessary transaction "friction" to stop fraudulent payments out of fear they will face UDAAP allegations from the CFPB, according to Barr.
To address this regulatory fear, Barr touted his proposed Rectifying UDAP Act, which would force the CFPB to provide clear standards for what constitutes a violation, giving financial institutions the clarity they need to intervene and protect customers.
How financial firms want to fight back
While lawmakers debated liability and the CFPB, the industry witnesses and consumer advocates presented their own specific priorities for combating the crisis.
Retail banks want the White House to issue an executive order establishing a "formal, government-wide framework" for combating fraud and scams to provide immediate structural alignment across agencies, according to Patrick McDade, senior vice president for fraud and technology risk management at EverBank, testifying on behalf of the Consumer Bankers Association.
McDade also urged regulators to modernize the Bank Secrecy Act's suspicious activity report, or SAR, process. Instead of a lagging, narrative-based report, banks need a real-time "fraud signal report" to concisely share metadata with law enforcement and other institutions to immediately identify fraud patterns, he said.
Representatives for community institutions favored giving banks more flexibility to pause suspicious transactions and shielding them from liability when they share threat intelligence.
Modernizing the funds availability rules under Regulation CC would help combat check fraud by creating flexibility in how long funds can be held if a bank or credit union suspects an issue, according to Kate McKune, general counsel of Park Community Credit Union, testifying on behalf of America's Credit Unions.
Both McKune and Dempsey also argued for safe harbors to allow interbank information sharing and strongly opposed any new mandates that would shift scam liability onto smaller institutions.
A central issue is the "legal and supervisory uncertainty" that institutions face when trying to prevent fraud, according to Joseph Schuster, a partner at the law firm Ballard Spahr.
Institutions hesitate to share fraud indicators such as device fingerprints or behavioral risk scores because they fear regulators might classify that sharing as furnishing a "consumer report" under the Fair Credit Reporting Act, according to Schuster.
To fix this, Congress should establish explicit safe harbors under the FCRA and the USA PATRIOT Act's Section 314(b) so banks can share data without facing regulatory blowback, he said.
