US instant payments fraud and scam losses reached $16 billion in 2025, according to the Federal Trade Commission. The FBI's 2025 Internet Crime Report, published in April 2026, recorded $20.9 billion in total cybercrime losses., with wire transfer and ACH transactions accounting for most business email compromise losses by value. A growing share of that runs across FedNow and RTP rails. Both settle in seconds and are irrevocable by design. That combination creates a specific problem: the window for recovery after a fraudulent payment settle is narrow, and RTP fraud dispute resolution in this environment is expensive in ways it is not on reversible rails.
On 15 May 2026, the U.S. Faster Payments Council (FPC) published the report “Instant Payments Fraud Dispute Resolution on Guiding Principles for the U.S.”. This document outlines 11 guiding principles for handling fraud disputes on instant rails. They are useful and necessary. They are also, by design, downstream of the payment. Principle 5 is the exception. It names pre-transaction fraud mitigation features, including payee verification, as controls that reduce fraud before it reaches the rail. The FPC is pointing institutions toward the answer. The question is whether they act on it.
What the 11 Principles Address
The work group, chaired by Lee Kyriacou of PayGility Advisors and vice-chaired by Shelley Rojano, Executive Director of Payments Risk Management at JPMorgan Chase, built the framework around a real operational gap: no common standard exists for how US financial institutions should classify, route, or resolve FedNow fraud disputes on instant rails. The 11 principles address that gap with tiered dispute workflows, defined responsibilities for sending and receiving institutions, ISO 20022-aligned data exchange, and structured approaches for instant payments APP scams, unauthorised fraud, first-party fraud, and request-for-payment fraud.
Rojano framed dispute clarity as a trust issue for instant payments adoption — accurate, because institutions are more willing to enable high-value instant payment send capability when the remediation path for fraud is defined. The principles provide that. What they cannot do is change the fraud rate. Ten of the 11 principles operate after a payment has cleared. Principle 5 operates before it.
Principle 5 and Payee Verification
Principle 5 "Provide Instant Fraud Mitigation and User Awareness" opens with a direct statement: pre-transaction fraud detection and mitigation features reduce the volume of fraud or scams before they reach the payment rail. It then lists the controls that achieve this: first-time payee warnings, confirmation of payee (CoP), behavioral risk prompts, alerts for high-risk or unusual patterns, and trusted-contact or elder-protection mechanisms.
CoP is the most consequential item on that list. It is the pre-payment check that verifies whether the account name a sender has entered matches the actual holder of the receiving account — before the transaction is authorised. Payer authentication through multi-factor authentication and device biometrics confirms who is sending. It does not confirm where the money is going. Know Your Payee (KYP) closes that gap. The FPC has named it. The decision for US financial institutions is whether to treat it as a recommendation or a priority. US financial institutions can also see how this applies to their Nacha obligations.
What Happens When Institutions Act on It
The UK mandated CoP for faster payments in 2020. APP fraud fell 16% in the initial deployment period. The Payment Systems Regulator's mandatory reimbursement framework, introduced in 2024, created direct cost pressure on institutions to invest upstream because every fraudulent payment that does not occur is a reimbursement they do not make. The two mechanisms are not alternatives. But the fraud reduction came from the pre-payment layer, not the dispute layer.
That data point matters for US institutions evaluating their instant payments fraud strategy now. The FPC's dispute principles make the aftermath of fraud more manageable. Pre-payment payee verification reduces how often that aftermath occurs. Every institution that builds out the dispute framework without acting on Principle 5 is investing in managing losses that a verification layer could substantially reduce.
Acting on What the FPC Is Already Saying
The FPC's 11 principles are a workable foundation for dispute handling on instant rails. Principle 5 points beyond that foundation to the layer above it. US financial institutions do not need to wait for a mandate to implement pre-payment payee verification — the FPC has already made the case. The institutions that act on it now will handle fewer disputes, absorb lower fraud costs, and build a fraud strategy that addresses the problem at the point where it can still be stopped.
Citi's collaboration with iPiD to expand Citi Verify, powered by iPiD's Know Your Payee (KYP) infrastructure, is an example of a global bank treating pre-payment payee verification as a strategic priority rather than a compliance checkbox. For US financial institutions building their instant payments fraud strategy, that is the direction the FPC's Principle 5 is pointing.
- U.S. Faster Payments Council - Instant Payments Fraud Dispute Resolution: Guiding Principles for the U.S. (2026)
- Federal Trade Commission - New FTC data show a big jump in reported losses to fraud to $16 billion in 2025 (2026)
- Payment Systems Regulator - APP scams reimbursement: consolidated policy statement (2025)
- Nacha - Risk Management Topics: Fraud Monitoring Phase 2 (2026)
- Federal Bureau of Investigation Internet Crime Complaint Center - 2025 Internet Crime Report (2026)
