SBP and TIN from July 1, 2026: What Changes for the Average User

TIN in SBP without panic

Анатолий Кочев
··12 min read

The news came out — and immediately headlines appeared like "banks will get access to your TIN" and "the tax office will see every transfer." Transfers via SBP have already become a daily habit, so any mention of TIN and new rules is perceived as a threat to this habit.

Below is a calm analysis without scare tactics: what exactly changes from July 1, 2026, who sends TIN to whom, what you will actually see in the app, and which myths you don’t need to fear.

SBP and TIN from July 1, 2026: What Will Really Change in Transfers

What’s Happening: The Essence of the Changes

From July 1, 2026, banks participating in the Fast Payment System (SBP) must transmit the client’s TIN as part of transfers through the NSPK (National Payment Card System) infrastructure. This is a change in how the payment system and banks’ anti-fraud systems operate.

Key point: TINs are transmitted between banks, not between users. The user still performs the usual steps:

  • selects an SBP transfer;
  • enters a phone number or selects a contact;
  • sees the recipient’s name;
  • confirms the transfer.

Everything related to TIN happens "in the background" — in the service data of the transaction sent from the sender’s bank to the recipient’s bank via the Fast Payment System.

Important: The changes in SBP from July 1, 2026, affect how banks verify the operation and the recipient. The user scenario remains the same: transfers by phone number or account, without manually entering TIN.

Why It’s Needed: The Problem of Droppers and Fraud Chains

To understand why banks need TINs for transfers via SBP, it’s useful to see what exactly they are protecting against.

Fraud schemes often involve an intermediary — a dropper. This is a person who agrees to use their account or card to receive and forward money. This can be:

  • conscious participation in a fraud scheme for a reward;
  • or a "side job" presented as a harmless service: "receive money, transfer it further, keep a part for yourself."

For the recipient’s bank, such transfers look ordinary: money arrives on an individual’s card, the sender is also an individual, just like a regular payment. When transferring by phone number, the bank sees:

  • the account or card number;
  • the full name linked to that account;
  • technical transaction data.

This is often not enough to distinguish a regular payment from a link in a fraudulent chain.

TIN is a more stable identifier of a person than a card or phone number. It:

  • is not tied to a specific card;
  • does not change when a card is reissued or the phone number changes;
  • is linked to a specific individual in accounting systems.

When banks start exchanging TINs via SBP, the recipient’s bank gains an additional reference for verification: whether the person who actually owns the account and participates in operations matches the one recorded in their systems. This helps fine-tune anti-fraud measures and block suspicious dropper schemes.

The point of anti-fraud: not to flag every everyday transfer as suspicious, but to detect unusual chains and inconsistencies in recipient data. TIN is added as another technical marker for such checks.

Who and What Exactly Transmits: SBP and TIN Mechanics

Let’s look at an SBP transfer step-by-step — considering what changes from July 1, 2026.

  1. User initiates the transfer. You select a transfer via the Fast Payment System, enter the recipient’s phone number or account, amount, and purpose (if needed).

  2. Sender’s bank forms the payment. The sender’s bank already has your data, including the TIN you provided when opening the account or during identification. When forming the transfer via SBP, the bank adds your TIN to the transaction’s service fields.

  3. NSPK routes the transfer. NSPK, as the SBP operator, handles the technical part: delivering the payment from the sender’s bank to the recipient’s bank. The TIN at this stage is not a public "label" in the payment but part of a protected interbank message.

  4. Recipient’s bank performs its checks. Upon receiving the transfer data, the recipient’s bank uses the TIN as one element to:

    • verify client information;
    • assess the operation with the anti-fraud system;
    • decide whether to credit immediately, delay for additional checks, request clarification, or reject.
  5. Money reaches the recipient. If all is well, the transfer is credited. If the bank considers the operation risky, it may delay it or request additional confirmation per its internal rules.

Throughout this chain, the user does not enter their own or the recipient’s TIN. The data transmission is handled by:

  • the sender’s bank;
  • SBP/NSPK infrastructure;
  • the recipient’s bank.

How notifications are formulated for the user in case of transfer delay or additional checks depends on the specific bank. Some may send a separate message in the app, others a standard notification about temporary operation verification.

What the User Will See in the Banking App

For most people, the key question is: how will an SBP transfer by phone number look now and whether they need to get used to a new process.

The basic scenario for regular transfers remains the same as before July 1, 2026:

  • you select the SBP section;
  • enter or select the phone number from contacts;
  • the bank shows the recipient’s name (already available in many banks);
  • you confirm the operation with a code or biometrics.

What may change in the interface depends on the bank:

  • a message that the transfer is undergoing additional verification;
  • a clarifying notification if the transfer is temporarily delayed;
  • more prominent display of the recipient’s name before confirmation;
  • in some cases, an extra confirmation step for operations the system deems riskier.

Don’t expect uniformity: there is no universal SBP screen template for all banks. Each bank decides how to show statuses and explanations to users while complying with regulator and NSPK requirements.

If app behavior changes, banks usually inform users via updates or internal app messages.

Myths and Misconceptions about TIN in SBP

When news about "new SBP and TIN requirements" appear, imagination runs wild. Let’s debunk some common claims that don’t match the actual rules.

"Now the tax office sees every transfer and immediately charges taxes"

The tax office already has tools to work with banking data under existing laws. This is not a new reality starting July 2026.

The essence: a regular SBP transfer between individuals:

  • does not automatically become taxable income;
  • does not mean tax will be withheld "by default";
  • is not equated with official business activity.

The appearance of TIN in SBP’s technical fields relates to banks’ anti-fraud checks, not to launching a new automatic tax system on every account movement.

"You will have to find out and enter the recipient’s TIN every time"

The phrase "SBP and TIN from July 1, 2026" in headlines may create the impression that a separate field "enter recipient’s TIN" will appear when transferring by phone number.

In usual SBP transfer scenarios:

  • you enter the phone number or account;
  • the app automatically fetches recipient data;
  • TIN is only involved in the service exchange between banks.

Manual entry of the recipient’s TIN for everyday SBP transfers is not a new user obligation.

"Any transfer to a friend is now at risk of being blocked"

Banks’ anti-fraud systems have analyzed transfers for many parameters before July 2026: amounts, frequency, unusual directions, device and geolocation combinations, etc. TIN just adds another marker to this picture.

Regular transfers:

  • to close people;
  • to frequent recipients (whom you have transferred to before);
  • in familiar amounts and patterns

still go through as standard everyday operations. Delays may occur due to internal bank settings, but TIN itself doesn’t make every operation suspicious.

More on what to do if your transfer is delayed or blocked by the bank can be found in the analysis "Bank Blocked a Transfer: What to Do".

"TIN is confidential information and cannot be transmitted anywhere"

TIN is personal data, but it is an identifier, not a secret like a PIN or password:

  • it is used in contracts, receipts, declarations;
  • it is not intended for logging into online banking;
  • you cannot "withdraw money" from your account using just a TIN.

This doesn’t mean you should publicly share your TIN without reason, but its use in protected banking protocols is a normal part of identification, not a leak.

Emphasis: TIN in SBP is a technical detail for banks and NSPK. For users, it remains critical to protect other things: bank login and password, confirmation codes, device and SIM card access.

What Users Should Really Do

The changes in the Fast Payment System themselves don’t require you to "learn a new transfer procedure." But it’s a good reason to tidy up your basic financial hygiene.

1. Update apps and enable protection

  • Install the latest version of your bank’s app. Updates often fix vulnerabilities and support new SBP requirements.
  • Enable biometric login (if convenient) and lock the app with a PIN or device security system.

2. Monitor whom you transfer to

  • Before confirming a transfer, check the recipient’s name. When transferring by phone number, this is a key marker that the money goes to the right person.
  • Transfer via SBP only to people you know personally or whose details you received from a reliable source (e.g., an official service provider account).

If someone offers a "simple scheme" — receive money and immediately forward it, "help transfer," "provide an account for a one-time operation" — this is exactly the area where banks are tightening anti-fraud. It’s better to refuse than explain the money’s origin to the bank later.

The biggest danger in everyday SBP transfers is not TIN transmission but fraudsters trying to access your account.

  • Never share SMS or push notification codes with anyone claiming to be from the bank, NSPK, or "security service."
  • Don’t click links in messages about "suspicious SBP transfer," "account blocking," or "operation confirmation."
  • If in doubt, close the conversation and open the banking app directly — not via a link.

4. Communicate with the bank only through official channels

If a transfer is delayed or the bank requests clarification:

  • use the chat inside the app;
  • call the number on the back of your card or the official website;
  • do not use numbers from messages or ads, even if they look "almost official."

When SBP rules change, scammers actively exploit the news to launch "security service calls" and phishing campaigns. The simpler your rule ("only app, website, number from card"), the less chance you’ll fall for it.

Why SBP and TIN Changes Are No Reason to Panic

The Fast Payment System didn’t appear yesterday. Over several years of development:

  • limits and fees have changed;
  • new transfer and payment scenarios have been added;
  • requirements for showing recipient names and operation checks have been strengthened.

Each time the news caused anxiety, but the everyday user scenario remained very similar: phone number — name — confirmation.

SBP and TIN from July 1, 2026, continue this process:

  • banks and NSPK strengthen anti-fraud and fight against droppers;
  • another identifier — the sender’s TIN — appears in the service data of transfers;
  • the usual transfer scenario by phone number remains familiar to users.

Financial news anxiety is normal. But your real security depends more on a few simple habits than on changes in interbank protocols:

  • keep apps updated;
  • check the recipient’s name before transferring;
  • don’t share codes or access;
  • communicate with the bank only through official channels.

This doesn’t require deep legal or regulatory knowledge. Just a few conscious rules you follow automatically.

Do This Today

  • Update your bank app and enable basic security settings: login by code, biometrics, and login notifications.
  • At your next SBP transfer by phone number, pay attention to how the recipient’s name is displayed and make sure you recognize it.
  • Save your bank’s official phone number from the back of your card in your contacts and label it clearly to avoid confusion with similar numbers.
  • Adopt the rule: if someone asks for an SMS or push code, end the conversation immediately, call the number from your card, or open the official chat in the app.
  • Delete old links to "personal accounts" and "operation confirmations" from messengers and SMS that you no longer use, to avoid accidentally clicking them later.

FAQ

No. The tax office already has access to banking data under existing laws. Regular SBP transfers between individuals do not automatically become taxable income or trigger automatic tax withholding.

No. In normal SBP transfers, you enter the phone number or account, and the app fetches recipient data automatically. TIN is transmitted only between banks in the background.

No. Banks’ anti-fraud systems already analyze many parameters. TIN is just an additional marker. Regular transfers to known recipients usually proceed without issues.

TIN is personal data but an identifier, not a secret like a PIN or password. It is used in contracts and declarations and is safely transmitted in protected banking protocols.

Related posts