EBA Introduces Consultation Services on PSD2 Security Guidelines

EBA Introduces Consultation Services on PSD2 Security Guidelines
08.05.2017 07:30 am

EBA Introduces Consultation Services on PSD2 Security Guidelines

Banking , Consultancy

The European Banking Authority (EBA) launched today a consultation on its draft Guidelines on security measures for operational and security risks under the revised Payment Services Directive (PSD2). 

The Guidelines have been developed in close cooperation with the European Central Bank (ECB), and are in support of the objectives of PSD2, such as strengthening the integrated payments market in the EU, mitigating the increased security risks arising from electronic payments, and promoting equal conditions for competition. The consultation runs until 7 August 2017.

PSD2 requires payment service providers (PSPs) to establish a framework with appropriate mitigation measures and control mechanisms to manage operational and security risks arising from the payment services they provide, and has mandated the EBA to specify the details of these requirements.

In particular, these draft Guidelines cover the governance of the operational and security risk management framework, the risk management and control models, outsourcing, the identification, classification and risk assessment of functions, processes and assets, as well as the protection of the integrity of data, systems and confidentiality, physical security and asset control. 

In addition, the draft Guidelines propose requirements in relation to the monitoring, detection and reporting of security incidents and risks, business continuity management, scenario-based continuity plans, incident management and crisis communication, the testing of security measures, and situational awareness and continuous learning. Finally, in order to ensure that the security measures implemented by the PSPs are well communicated to payment service users (PSUs) the Guidelines also cover the management of the relationship with PSUs.
Consultation process

Responses to this consultation can be sent to the EBA by clicking on the "send your comments" button on the website. All contributions received will be published following the close of the consultation, unless requested otherwise. Please note that the deadline for the submission of comments is 7 August 2017 and that no attachments can be submitted. A public hearing will then take place at the EBA premises on 20 June 2017 from 13.00 to 16.00 UK time.

Legal basis and background

These Guidelines have been drafted in accordance with Article 95(3) of Directive (EU) 2015/2366 on payment services in the internal market (PSD2), which mandates the EBA, in close cooperation with the ECB, to issue Guidelines with regard to the establishment, implementation and monitoring of the security measures, including certification processes where relevant. The Guidelines are addressed to both competent authorities and PSPs. 

Related News

Wolters Kluwer Innovates with New Banking Tech Launch to Facilitate Paycheck Protection Program

Wolters Kluwer Compliance Solutions has launched a dedicated banking technology solution, utilizing its market-... Read more »

More than 90% of UK consumers claim technology offering impacts their choice of bank, fintech finds

 Research conducted by new entrant to the UK fintech market, Modularbank, in partnership with market research specialists, OnePoll, has found that over 90% of... Read more »

Pannovate partners up with Salt Edge to deliver instant PSD2 compliance

Pannovate, UK’s leading payment and digital banking technology company, has partnered up with Salt Edge, leader in offering open banking and secure customer... Read more »

National initiative launched by Fintech Tully aims to help 17 million people in the UK who have been financially impacted by COVID-19

Tully, Nottingham-based Fintech, has today announced the launch of their COVID-19 Relief and Wellbeing Network to help people financially impacted by the COVID crisis get... Read more »

Celent Recognizes Backbase as a Leader in Digital Onboarding and Origination Solutions

Backbase, the leading omni-channel digital banking platform, announced today that it has topped Celent’s Retail Banking Customer Onboarding Platform vendor assessment, winning... Read more »

Magazine
ALL
Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel