FCA agrees plan for a phased implementation of Strong Customer Authentication

FCA agrees plan for a phased implementation of Strong Customer Authentication
14.08.2019 12:49 pm

FCA agrees plan for a phased implementation of Strong Customer Authentication

Security and Compliance

From 14 September 2019, new European Union (EU) rules will start to apply that impact the way in which banks or payment services providers verify their customers identity and validate specific payment instructions. The new rules, called Strong Customer Authentication (SCA), are intended to enhance the security of payments and limit fraud during this authentication process.

The FCA has today agreed an 18-month plan to implement SCA with the e-commerce industry of card issuers, payments firm and online retailers. The plan reflects the recent opinion of the European Banking Authority (EBA) which set out that more time was needed to implement SCA given the complexity of the requirements, a lack of preparedness and the potential for a significant impact on consumers.

Jonathan Davidson, Executive Director for Supervision – Retail and Authorisations, said:

'The FCA has been working with the industry to put in place stronger means of ensuring that anyone seeking to make payments is not a fraudster. While these measures will reduce fraud, we want to make sure that they won’t cause material disruption to consumers themselves; so we have agreed a phased plan for their timely introduction'.

The FCA will not take enforcement action against firms if they do not meet the relevant requirements for SCA from 14 September 2019 in areas covered by the agreed plan, where there is evidence that they have taken the necessary steps to comply with the plan. At the end of the 18-month period, the FCA expects all firms to have made the necessary changes and undertaken the required testing to apply SCA.

The FCA will also continue to monitor the extent to which banks and payment service providers are meeting its expectation that they consider the impact of SCA on different groups of consumers, and provide alternative means of authentication where needed.

 Brian Costello, Vice President, Data Strategy & Strategic Solutions at Envestnet | Yodlee: It is positive to hear the FCA will delay the introduction of Strong Customer Authentication (SCA), following warnings that the new rules could negatively impact online sales. It is critical the new timeline gives companies and banks enough time to ensure they have implemented SCA requirements properly.

One consequence of the previous time frame was that, in the rush to meet the deadline, banks were planning to apply SCA to all account types, including those where the regulation did not require it. This would have impacted the customer experience for innovative new services created by UK FinTech start-ups to help consumers manage their finances, in the same way, that industry groups say that SCA could also have an impact on online sales. With this new timeline, banks can now take a pragmatic approach to SCA compliance and ensure they’re only applying the new security rules to payment accounts where the risk of fraud is greatest, while at the same time giving the UK's leading fintech sector the space it needs to continue to improve the retail banking experience.

The ruling from the FCA is positive and I hope the entire eco-system uses this extension to take the right steps to ensure SCA and the wider Open Banking initiative can reach its full potential. Not only will this protect the consumer, but will ensure the UK’s financial industry can thrive as one of the most innovative players on the world’s stage.

Related News

UK prof body partners Philippines in efforts to help eradicate money laundering & terrorism financing

The Chartered Institute for Securities & Investment (CISI) has announced a key project in the Philippines to support the country’s compliance with anti-... Read more »

Wolters Kluwer Continues PPP Educational Series With Loan Forgiveness Webinar

Wolters Kluwer Compliance Solutions is continuing to prove its industry leadership,... Read more »

Verizon Report Shows Money Still Makes the Cyber-crime World Go Round

The Verizon Business 2020 Data Breach Investigations Report (2020 DBIR) shows that financial gain remains the key driver... Read more »

Wolters Kluwer develops TSoftPlus Technology for loan forgiveness stage of U.S. Paycheck Protection Program

Wolters Kluwer Compliance Solutions is set to help local lenders and their small... Read more »

Enfuce Provides Turn-key PSD2 Compliance Services to OP Financial Group in Estonia, Latvia, and Lithuania

 Finland’s biggest fintech start-up Enfuce provides full PSD2 compliance as a service to Finland’s largest financial services group, OP Financial Group, in the Baltic states.... Read more »

World’s first real-time money laundering monitoring game released

With the Covid-19 epidemic spurring an increase in cybercrime, compliance professionals are being given a chance to test their detection skills by playing the world’s first... Read more »

Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel