DNB’s new fraud figures turn payment speed into a daily governance question for small firms.
At 16:45, a small installer receives a supplier email that looks familiar. The tone is normal. The invoice number fits. The message says the bank account has changed after an internal reorganisation. The team wants to close the day. One click would clear the invoice and keep the project moving.
The signal has to become readable
On 30 June 2026, De Nederlandsche Bank gave that small scene a national frame. DNB reported that fraudulent transactions in transfers, card payments, and cash withdrawals rose by 30 percent in 2025, to about 658,000 cases. The reported fraud amount rose by 22 percent, to EUR 198 million.
The ratio still looks small. DNB puts it at 7 fraudulent payments in every 100,000. That is about 1,800 fraudulent transactions a day out of 27 million payments. The daily reported fraud amount comes to about EUR 540,000, against about EUR 13 billion in total daily payment value.
A small company does not live inside an average. One false transfer can be the VAT reserve, the rent month, the wage buffer, or the stock order.
The payment may look clean
The sharp detail in DNB’s figures is the definition. DNB includes payments made without the payer’s consent and payments where the victim was manipulated into approving the payment. That second group matters for owners, bookkeepers, advisers, and staff who handle money.
A bank record can show an authorised user. The accounting software can show a paid invoice. The ledger can match the bank movement. Still, the decision behind the payment may have been corrupted by a false instruction, a fake bank call, a changed IBAN, or a payment link that looked trustworthy.
European bank transfers had the largest increase in DNB’s figures, up 55 percent to 129,000 fraud cases, with about EUR 148 million involved. DNB links this fraud to people and companies being misled into paying themselves, including false payment instructions, investment fraud, and bankhelpdesk fraud.
What the signal changes
Speed is part of the pressure. DNB points to instant payments, where money reaches the recipient within ten seconds, and to payments abroad, where recovery can be harder. Instant payment is useful, normal, and expected. The weak point is approving before checking.
Where routine becomes exposure
Fraud often enters through routine, not through a dramatic breach. The same person opens the mail, answers a supplier, prepares invoices, checks the bank, and deals with a customer who wants a refund. A rushed request near closing time can pass because everyone wants to be helpful.
CBS gives the social background. In the Safety Monitor 2025, 17 percent of people aged 15 or older reported being victims of one or more online offences or incidents. Online scams and fraud affected 10 percent. Those people are also employees, customers, owners, and suppliers.
This is a human control problem before it is a technology problem. Fraud uses trust, fatigue, hierarchy, and politeness. A staff member who fears delaying the boss or upsetting a supplier is easier to pressure than a weak password system.
For a small firm, the cash effect can be double. If EUR 12,000 goes to a false supplier account, the real supplier may still be unpaid. The bank balance falls, the invoice remains a business problem, and the bookkeeping needs a clear record of what happened.
A pause is not delay
DNB’s supervisory review in June 2026 looked at seven banks, payment institutions, and electronic money institutions. It saw strong operational commitment, with room for sharper fraud-risk steering, capacity planning, and better use of risk appetite. DNB also described the tension between executing a customer order and pausing a suspected fraudulent payment.
That same tension sits inside small companies. Wages, rent, tax, supplier payments, refunds, and card settlements must keep moving. Yet some signals deserve a pause: a changed IBAN, a new foreign beneficiary, an urgent same-day transfer, a refund to a different account, or a bankhelpdesk call.
A micro-business does not need a fraud department. It needs a modest habit that fits the company. One person can prepare ordinary payments, while abnormal payments receive a second check. Supplier bank data can be stored outside a single email thread. Old bank users and accounting-software access deserve regular review.
The written note matters. Who requested the change? Who checked it? Which number was called? Which invoice, contract, order, or delivery did the payment belong to? A short note made on the day is often more useful than a long policy nobody follows.
Incoming money has a story
Payment fraud is also about money entering the company. FIU-Nederland received more than 3 million unusual-transaction reports in 2025 and declared about 92,000 transactions suspicious. It also highlighted third-party payments as one channel for criminal money flows.
What founders should check
In one FIU analysis of third-party payments to Dutch companies, 2,000 transactions were declared suspicious, with a value of EUR 300 million. The practical lesson is plain. Payer, customer, invoice, contract, delivery address, and bank account should tell a story that makes business sense.
A company bank account is not a neutral pipe. Rotterdam District Court, in ECLI:NL:RBROT:2026:2259, held on specific facts that making a bank account available for third-party money flows can be unlawful. That court signal belongs close to ordinary administration, not far away in a legal drawer.
Webshops have their own version of the same question. DNB says card-payment fraud remained the most frequent category in 2025, with 514,000 fraudulent transactions and about EUR 41 million involved. The rise was mainly in online payments. Stolen card data and phishing sit behind many of those transactions.
Payment policy is now business policy
Refunds, delivery changes, foreign orders, and dispute evidence are not back-office details. They protect margin. A webshop that cannot explain why it shipped to a different address, refunded to another account, or accepted an unusual order may have trouble after the payment has already moved.
Cash is not a simple escape route. DNB also reported more fraud in cash withdrawals. Rijksoverheid states that from 1 January 2026, cash payments of EUR 3,000 or more for goods are prohibited in the Netherlands for traders in goods. Cash still has daily value, but larger payment choices now carry fraud and compliance meaning.
From 1 July 2026, FIU-Nederland receives a suspension power under Article 17a of the Wwft. It can request obliged entities to temporarily suspend transactions. FIU says the practical focus will mainly be banks, crypto service providers, and payment service providers.
The installer at 16:45 does not need panic. The better answer is a calm rule that gives people permission to stop. If the bank account changes, check through a trusted channel. If the payment is urgent and unusual, slow it down. If the payer, invoice, and delivery do not match, write down why the chain makes sense.
Fast payments will remain part of Dutch business life. The question is whether the company can explain important money movements before and after they happen. Trust in payments is no longer only a bank matter. It is also a daily discipline at the desk where the invoice is opened, the supplier is trusted, and the button is pressed.
Sources
- DNB ziet fraude in betalingsverkeer met 30 procent toenemen
- De Nederlandsche Bank – 2025 payment fraud figures
- De Nederlandsche Bank – Definition and publication of fraud data
- De Nederlandsche Bank – Bank and payment institution fraud controls
- CBS – Online fraud victimisation
- Autoriteit Financiële Markten – Fraud complaint handling by payment providers
- FIU-Nederland – Fraud proceeds, unusual transactions, and business exposure
- FIU-Nederland – New FIU suspension power from 1 July 2026
Referenced in the article
Column | Human Resources
Care Pay Is Rising, and the Roster Carries the Real Cost
A reported VVT pay deal lands in a sector where absence, travel, and safety already shape every hour.
Column | Human Resources
Dutch Non-Competes May Soon Carry a Real Price
The cabinet wants freedom for workers, but employers still need to protect real business value.
Column | Compliance
One Invoice Sentence Can Shift a Customer’s Customs Bill
Preferential origin can sharpen a sale, but only when the export records can carry the promise.
The Polder is written for readers who need the Dutch business environment translated into practical meaning. Corrections, source policy and editorial accountability are part of the publication record.
