The second package of anti-fraud measures, which is scheduled for consideration by the State Duma on June 9, has been significantly improved. The bill introduced the right to financial compensation for victims of fraudsters in the full amount of stolen funds from banks and telecom operators in cases where they do not prevent the actions of the attackers. In addition, it was decided to abandon the idea of registering on significant resources only by Russian email and the proposal to open a bank account only in connection with the Taxpayer Identification Number (TIN).
The version of the Antifraud 2.0 bill prepared for the second reading is posted on the State Duma portal. A Kommersant source close to the development of the project believes that with a high degree of probability the document will be adopted when considered on June 9 in two readings at once.
The authors excluded a number of provisions from the document, in particular the rule on confirming significant actions through the Max messenger instead of SMS, the rule on registration on significant resources only by Russian email, provisions on regulating the operation of SIM boxes and virtual telephone exchanges, as well as the rule on opening a bank account only in connection with the Taxpayer Identification Number and on ways to restore access to the account on the State Services portal.
The bill was supplemented with new measures. One of them was announced by relevant Deputy Prime Minister Dmitry Grigorenko at SPIEF 2026 and received a wide response – this is the determination of the procedure for compensation for victims of fraud. So, if a bank or telecom operator ignores a certain procedure for identifying fraudulent transactions, the client will be able to claim compensation. As stated in the table of amendments to the new version of the bill, “in the event of failure to fulfill an obligation resulting in the theft of funds from the subscriber’s personal account, the telecom operator is obliged to reimburse the subscriber for the amount of the transfer in the manner established by the government.” A similar measure is prescribed for banks.
Compensation measures may come into force on March 1, 2027. “It is assumed that the compensation will be equal to the amount of the money transfer to the fraudster. Moreover, if the organization complied with the requirements, and the client still transferred the money to the fraudster, then in this case compensation is not provided,” the office of Deputy Prime Minister Dmitry Grigorenko clarified to Kommersant.
Also, a provision was added to the project to combat the so-called revolving replacement of SIM cards: a contract for communication services can be terminated only 90 days after its conclusion. In this case, the operator is obliged to stop providing communication services and stop charging subscription fees if the subscriber has indicated that he wants to terminate the contract. Kommersant’s interlocutor, who is familiar with the progress of the preparation of the project, clarifies that the purpose of the measure is to eliminate the possibility of fraudulent activities using disposable SIM cards.
Dmitry Grigorenko, Deputy Prime Minister and Chief of Staff of the Government of the Russian Federation, at SPIEF 2026:
“No matter how much we warned about fraud, everything here is like love. If someone is happy to be deceived, he will be deceived.”
The updated text of the bill does not automatically introduce a ban on calls from abroad; this option is supposed to be enabled at the request of the subscriber. Parents are also voluntarily encouraged to report the purchase of SIM cards by minors instead of a mandatory measure. And if a foreigner does not pass verification to use a SIM card, the contract with him must be terminated.
The limit on the number of bank cards per user is now stated as no more than 20, and not as no more than 5 in each bank. At the same time, the introduction of a unified system for accounting for bank cards was retained in the project, as was the labeling of calls from abroad.
There remains a ban on hosting providers providing resources for hosting VPN services, and pre-trial blocking of sites with malware. And also the rule that the Ministry of Digital Development will have the right to set a maximum price for mass calls allowed by law.
The Ministry of Digital Development told Kommersant that “the draft for the second reading was the result of discussions with interested departments and businesses.” A number of norms have been adjusted to achieve a harmonized version. The final version will be published after the bill is adopted by the State Duma in three readings.
After finalization, the bill turned out to be quite balanced and now takes into account the interests of the main market participants, MegaFon believes. “From the point of view of wording, we see that the problems of the financial sector are transmitted to telecom operators,” VimpelCom notes. On the one hand, there are expectations that telecom operators will actively combat spam and unwanted calls, and on the other hand, banks are given the right to make such calls uncontrollably without the subscriber being able to refuse them. “Despite this, we will use any solutions to protect customers,” the operator says. T2 declined to comment. Kommersant sent a request to MTS, Sberbank, VTB, GPB, Alfa Bank and PSB.
The whole point of the bill is to break the possibility of interaction between a fraudster and his victim, says Andrey Fedorets, head of the information security committee of the Association of Russian Banks. “In general, the market views the provisions of the bill rather positively, since the requirements of the law seem to be quite balanced in terms of reducing the risks of data and money theft.”
