EBA Introduces Consultation Services on PSD2 Security Guidelines

EBA Introduces Consultation Services on PSD2 Security Guidelines
08.05.2017 07:30 am

EBA Introduces Consultation Services on PSD2 Security Guidelines

Banking , Consultancy

The European Banking Authority (EBA) launched today a consultation on its draft Guidelines on security measures for operational and security risks under the revised Payment Services Directive (PSD2). 

The Guidelines have been developed in close cooperation with the European Central Bank (ECB), and are in support of the objectives of PSD2, such as strengthening the integrated payments market in the EU, mitigating the increased security risks arising from electronic payments, and promoting equal conditions for competition. The consultation runs until 7 August 2017.

PSD2 requires payment service providers (PSPs) to establish a framework with appropriate mitigation measures and control mechanisms to manage operational and security risks arising from the payment services they provide, and has mandated the EBA to specify the details of these requirements.

In particular, these draft Guidelines cover the governance of the operational and security risk management framework, the risk management and control models, outsourcing, the identification, classification and risk assessment of functions, processes and assets, as well as the protection of the integrity of data, systems and confidentiality, physical security and asset control. 

In addition, the draft Guidelines propose requirements in relation to the monitoring, detection and reporting of security incidents and risks, business continuity management, scenario-based continuity plans, incident management and crisis communication, the testing of security measures, and situational awareness and continuous learning. Finally, in order to ensure that the security measures implemented by the PSPs are well communicated to payment service users (PSUs) the Guidelines also cover the management of the relationship with PSUs.
Consultation process

Responses to this consultation can be sent to the EBA by clicking on the "send your comments" button on the website. All contributions received will be published following the close of the consultation, unless requested otherwise. Please note that the deadline for the submission of comments is 7 August 2017 and that no attachments can be submitted. A public hearing will then take place at the EBA premises on 20 June 2017 from 13.00 to 16.00 UK time.

Legal basis and background

These Guidelines have been drafted in accordance with Article 95(3) of Directive (EU) 2015/2366 on payment services in the internal market (PSD2), which mandates the EBA, in close cooperation with the ECB, to issue Guidelines with regard to the establishment, implementation and monitoring of the security measures, including certification processes where relevant. The Guidelines are addressed to both competent authorities and PSPs. 

Related News

Al Ain Finance selects Temenos SaaS to remotely deploy corporate banking solution during Covid-19

Temenos (SIX: TEMN), the banking software company today announced that Al Ain Finance will rapidly deploy Temenos Infinity and Temenos... Read more »

New digital-first bank – Monument – coming to the UK, to meet the needs of professionals, property investors and entrepreneurs

Monument reveals that it is in the latter stages of its application for a banking licence.  Monument plans to launch the bank of choice for the overlooked and underserved... Read more »

Royal Bank of Scotland (RBS) Leverages Mphasis’ Testing Centre of Excellence to Support Business Alignment Objectives

Mphasis (BSE: 526299; NSE: MPHASIS), an Information Technology (IT) solutions provider specialising in ... Read more »

OpenPayd unveils crypto banking and payments proposition amid unprecedented sector growth

OpenPayd, the API-led Banking-as-a-Service provider, today unveils its banking and payments solution for... Read more »

CaixaBank to enable non-residents to open an account and apply for a mortgage online

CaixaBank, Spain’s leading retail bank headed by chairman Jordi Gual and chief executive officer Gonzalo Gortázar, has become the country’s first bank to... Read more »

Paymentology eyes the Middle East as competition to attract digital-ready customers grows

UK cloud-based payment processor, Paymentology announces the expansion of its Middle East operation to meet the projected growth of digital banking in the... Read more »

Magazine
ALL
Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel