The Bank of Russia is introducing a new quarterly reporting requirement for credit and payment institutions to track fraudulent cash withdrawals from ATMs.
As explained by Fyodor Sidorov, a private investor and founder of the School of Practical Investment, the new reporting, planned for 2027, addresses a critical gap in the nation’s anti-fraud framework. Until now, the regulator has lacked comprehensive data on how much money citizens lose at ATMs due to criminal coercion. This does not involve card theft or account hacking, but rather cases where individuals are manipulated into withdrawing their own money – typically after a call from a fake “bank employee” or under other psychological pressure. In 2024, the volume of such non-consensual transactions surged by 74% across all channels, reaching RUR27.5 bln ($352.9 mln). ATMs serve as a key point in these schemes, where victims physically withdraw and hand over cash to fraudsters.
“The essence is straightforward,” the expert notes. Banks will now report quarterly to the Central Bank on all ATM cash withdrawals exhibiting signs of fraud. The reports will include both successful thefts later reported by clients and transactions the bank managed to block. A dedicated section will cover clients listed in the regulator’s FinCERT database – those previously victimized or deemed at-risk – who face a strict ATM withdrawal limit of 100,000 rubles per month. Banks will be required to log every attempt to bypass these restrictions and all instances where systems flagged suspicious activity.
The practical effect of the security mechanisms now in place is already visible. Starting September 1, 2025, banks began monitor nine fraud indicators for cash withdrawals – from unusual transaction times to atypical withdrawal requests. If red flags are raised, the system imposes a temporary daily limit of 50,000 rubles for 48 hours and immediately alerts the client. Even before that, in the first quarter of 2025, banks thwarted nearly 44 million attempted thefts totaling RUR4.6 tln ($59 bln) – 2.4 times more than the year before. The new reporting will provide the regulator with a tool to assess the effectiveness of these countermeasures in real time and promptly adjust requirements for banks, Sidorov emphasizes.
“For the market, this establishes a unified data standard and increases transparency in anti-fraud operations,” he adds. “The Central Bank will gain clear visibility into which banks are performing effectively, where vulnerabilities persist, and which schemes are most common during the cash-out phase. This marks a shift from fragmented, bank-specific efforts toward a unified, statistics-driven customer protection strategy. Given that theft volumes fell by 7.7% in the second quarter of 2025 compared to the first, the more systematic approach is already showing results. The new reporting will solidify this positive trend,” Sidorov concluded.