EC Sends Letter to the EBA on RTS Regarding Customer Authentication Under the Revised Payment Services Directive ((EU) 2015/2366) (“PSD2”)

The European Banking Authority (“EBA“) has published a letter (dated February 13, 2018) from Olivier Guersent (European Commission Director-General, DG FISMA) to Andrea Enria (EBA Chairman) that relates to the regulatory technical standards (“RTS“) on strong customer authentication (“SCA“) as well as common and secured communication under PSD2.

The letter is broad but, inter alia, states the following:

  • The Commission has amended the ‘final’ version of the RTS, and these amendments took on board concerns that were raised by the EBA and member state officials;
  • The Commission would welcome the participation of the EBA in group meetings that will evaluate application programming interface (API) standards;
  • Neither the EBA nor the Commission can reasonably anticipate all the problems with APIs, nor can they specify in the RTS how these should be addressed. As such, the EBA and the Commission will rely on relevant market players to develop APIs that work for all sides (i.e., third-party providers, banks and payment service users); and
  • The prior differences discussed between the EBA and the Commission with regards to the RTS were about processes rather than other more substantive matters. The extent to which any of these processes might be burdensome for the EBA and relevant national authorities depends on the behavior of market players.

To see the letter, please click here.