These provisions include regulatory technical standards (RTS) and guidelines. 0001284204 00000 n The register ‎will include information about payment and electronic money institutions, account information service providers, their agents and branches, which are authorised or registered in the Member States. Prior to starting the development of these requirements, the EBA is issuing a Discussion Paper, with a view to obtaining early input into the development process. Article 15(5) of the PSD2 mandates the EBA to develop draft ITS specifying the details and structure of the information to be contained in the register, including the common format and model in which this information is to be provided by competent authorities. Regulatory Technical Standards on Strong Customer Authentication (SCA) The deadline for compliance with the Regulatory Technical Standards (RTS) on Strong Customer Authentication (SCA) under the PSD2 Directive is 14 September 2019. endstream endobj startxref 0 %%EOF 1140 0 obj <>stream What Makes This Course Different? We issued a consultation (CP17/11) to reflect the Treasury’s new regulations in April 2017. 0000004507 00000 n 0000006552 00000 n First, in the case of access by a client to his/her payment account online, the requirement of strong customer authentication does not apply where the client's online access is limited to either one or both of the following items, without disclosure of sensitive payment data: "Sensitive payment data" means "data, including personalised security credentials which can be used to carry out fraud […]" (Article 4(32) of PSD 2). However, the Central Bank of Ireland recognises the difficulties with meeting this deadline. ��$N�����&��$��5(�3(t;H�+���(��=LX0�w�)I�f�3�A��q��� ��� �@�U�h���'�TB�"�2a�$� �`f:nO"����\t��l�;�L �� L����7��0!pk+���qG�`F���C� �?ӏ�b{"��� ���ߘ�YM �dtg�U1�-;`@3z0��~��;�⬠�5�A$���y"@� ۝*u Please note that the deadline for the submission of comments is 18 September 2017 and that no attachments can be submitted. The technical standards mandate the existence of at least one interface that financial institutions must provide to securely send and receive information from PISPs/ AISPs. 0000013880 00000 n On 27 November 2017, the European Commission adopted, on the basis of an amended draft from the European Banking Authority ("EBA"), regulatory technical standards on strong customer authentication and common and secure communication under Article 98 of Directive 2015/2366 of 25 November 2015 on payment services in the internal market ("PSD 2"). A public hearing will take place at the EBA premises on 4 September 2017 from 10 am to 12:30 am UK time. the number of consecutive contactless electronic payment transactions initiated via the payment instrument offering contactless functionality since the last application of strong customer authentication does not exceed five. The regulatory output in this section includes the technical standards and guidelines under the revised Payment Services Directive (PSD2); the mandate conferred on the EBA in the Interchange Fee Regulation (IFR); the EBA Guidelines on the On 27 November 2017, the European Commission adopted, on the basis of an amended draft from the European Banking Authority ("EBA"), regulatory technical standards on strong customer authentication and common and secure communication under Article 98 of Directive 2015/2366 of 25 November 2015 on payment services in the internal market ("PSD 2"). Cyberthreats and cyberincidents are a major risk for companies operating in the financial sector. 1959 31 But where a client agrees to a direct debit by means of an electronic mandate, strong customer authentication requirement will nonetheless apply, since the direct debit qualifies as an action that the payer (client) carries out through a remote channel, which may imply a risk of fraud (EBA, Draft Regulatory Technical Standards on Strong Customer Authentication and common and secure communication under Article 98 of Directive 2015/2366 (PSD2): Final report, 23 February 2017, p. 7). Schweiz oder USA). The final draft ITS have been developed in accordance with Article 15(5) of PSD2, which mandate the EBA to develop draft ITS specifying the details and structure of the information to be contained in the register, including the common format and model in which this information is to be provided by competent authorities. 4�H�t"�����x2�$�A=��'���~�Bl�'����F ���A�� �0�]\:��B�ظ���� Twenty months after the European Banking Authority (EBA) issued the first draft, on 13 March the regulatory technical standard (RTS) on strong customer authentication (SCA) and Common Secure Communication (CSC) under revised Payment Services Directive (PSD2) was finally published in the Official Journal of the European Union.. Our page, and the Money Advice Service provide more information. payment and electronic money institutions and their agents; exempted payment and electronic money institutions and their agents; branches of payment institutions, electronic money institutions and account information service providers providing services in a Host Member State; account information service providers and their agents; providers of services based on specific payment instrument that can be used only in a limited way; and. As financial services providers work to ensure PSD2 compliance, it’s important to recognize that this isn’t just about technical issues. 0000004075 00000 n Article 15(4) of the PSD2 confers a mandate on the EBA to develop draft RTS setting technical requirements on the development, operation and maintenance of the electronic central register and on access to the information contained therein. xref The European Banking Authority (EBA) launched today a public consultation on the draft regulatory technical standards (RTS) and implementing technical standards (ITS) on the EBA electronic central register under the Payment Services Directive (PSD2), which respectively set requirements on the development, operation and maintenance of the register and the information to be contained in it. The banking industry is currently working on how to standardise the way data is accessed through ‘ Open Banking ’ standards. The regulatory technical standards provide exemptions for two out of the three cases where strong customer authentication is required. under the revised Payment Services Directive (PSD2) 1 Overview Introduction 1.1 The revised Payment Services Directive (PSD2) was implemented in the UK from 13 January 2018. h��V{LSg�����*my]��"ũ)Z�Ƶ��0W�VA��u�@:$Ѵ��Zŀ�̉l 0001283379 00000 n The length of the process and the number of iterations … The RTS set out requirements for manual and automated provision of information from CAs to the EBA and the timely synchronisation between the national public registers under the PSD2 and the EBA Register.