European Parliament Writes to EBA About the Development of Regulatory Technical Standards (RTS) on Strong Customer Authentication and Secure Communication


On November 11, 2016, the EBA published a letter (dated October 24, 2016) from the European Parliament in relation to the development of regulatory technical standards (“RTS“) on strong customer authentication (“SCA“) and secure communications under the Revised Directive on Payment Services (“PSD2“) in the internal market ((EU) 2015/2366).

The European Parliament’s negotiating team is of the view that payment initiation service providers and account information service providers should have direct access to the payer’s account without being required by an account servicing payment service provider to use a particular business model. In its letter, the European Parliament therefore raised its concerns surrounding the EBA’s proposal for a dedicated interface that could give rise to account servicing payment service providers excluding or limiting direct access to a payer’s account via existing online banking facilities. Article 98(2) of PSD2 mandates that the EBA develop RTS in order to secure and maintain fair competition among all payment service providers and to ensure technology and business model neutrality, and the introduction of the dedicated interface will go against this principle.

The European Parliament also stated in its letter that it is of the view that the RTS are unclear in relation to the exemptions from the SCA (notably, whether the exemptions are optional or mandatory).