EBA published an Opinion on the implementation of the regulatory technical standards on strong customer authentication (SCA) and common and secure communication (CSC). The regulatory standards were published in the Official Journal on March 13, 2018 and will legally apply from September 14, 2019. EBA also published a consultation paper on the draft guidelines to clarify a number of issues identified by market participants in relation to the regulatory technical standards on SCA and CSC. Comments to the consultation must be submitted by August 13, 2018.
The Opinion focuses on the implementation of the standards while the consultation paper proposes a pragmatic and consistent approach to the four conditions to be met to benefit from an exemption from the fallback option envisaged under Article 33(6) of the regulatory standards. The Opinion is addressed to the national competent authorities while the draft guidelines aim to provide clarity for all parties involved (account servicing payment service providers or ASPSPs, competent authorities, and EBA) in a pragmatic way and allow competent authorities to perform a speedy assessment, especially during the time when the bulk of the exemption requests will be received.
In the Opinion, EBA clarifies a number of issues identified by market participants and competent authorities to assist in this implementation. The Opinion conveys views of EBA in some pressing areas identified by the market and competent authorities, including on the exemptions to SCAs, consent, the scope of data sharing, and requirements for Application Programming Interfaces (APIs) and dedicated interfaces to take into account. The Opinion clarifies that when determining which method(s) to use to perform the authentication procedure, the ASPSP needs to ensure that all methods of strong customer authentication offered to its customers can be supported when using the API.
Going forward, EBA will provide further clarification on the interpretation of the regulatory technical standards on SCA and CSC through its online Interactive Single Rulebook and Q&A tools, which are to be extended to the queries related to the revised Payments Services Directive (PSD2), including the associated EBA technical standards and guidelines.
Comment Due Date: August 13, 2018
Keywords: Europe, EU, Banking, PMI, Opinion, Guideline, Regulatory Technical Standards, SCA, CSC, Single Rulebook, Q&A, PSD 2, EBA
EBA issued a revised list of validation rules with respect to the implementing technical standards on supervisory reporting.
EBA published its response to the call for advice of EC on ways to strengthen the EU legal framework on anti-money laundering and countering the financing of terrorism (AML/CFT).
NGFS published a paper on the overview of environmental risk analysis by financial institutions and an occasional paper on the case studies on environmental risk analysis methodologies.
MAS published the guidelines on individual accountability and conduct at financial institutions.
APRA published final versions of the prudential standard APS 220 on credit quality and the reporting standard ARS 923.2 on repayment deferrals.
SRB published two articles, with one article discussing the framework in place to safeguard financial stability amid crisis and the other article outlining the path to a harmonized and predictable liquidation regime.
FSB hosted a virtual workshop as part of the consultation process for its evaluation of the too-big-to-fail reforms.
ECB updated the list of supervised entities in EU, with the number of significant supervised entities being 115.
OSFI published the key findings of a study on third-party risk management.
FSB is extending the implementation timeline, by one year, for the minimum haircut standards for non-centrally cleared securities financing transactions or SFTs.