EBA mandate on the RTS on strong customer authentication & secure communication Status update

Similar documents
The EBA and its mandate on strong customer authentication & secure communication under Article 98 PSD2

EBA GL on fraud reporting requirements under Article 96(6) PSD2 Helene Oger-Zaher Consumer Protection, Financial Innovation and Payments, EBA

Opinion of the European Banking Authority on the transition from PSD1 to PSD2

Draft RTS on the content of recovery plans

NEWSLETTER UPCOMING EBA PUBLICATIONS (JUNE SEPTEMBER 2016)

COMMISSION DELEGATED REGULATION (EU) No /.. of

Revision of the Payment Services Directive (PSD2) Krzysztof Zurek and Silvia Kersemakers DG FISMA, European Commission PSMEG meeting 3 December 2015

EBA FINAL draft regulatory technical standards

Payments Services: Regulatory Timeline. February 2017

JC /05/2017. Final Report

EBA FINAL draft implementing technical standards

Public hearing on the Guidelines on recovery plan indicators. London, 25 November 2014

CP on RTS on Disclosure of Countercyclical Capital Buffer. Public Hearing 8 September 2014

Consultation Paper. on Draft Guidelines on fraud reporting requirements under Article 96(6) of Directive (EU) 2015/2366 (PSD2) EBA/CP/2017/13

Securitisation and Covered Bonds: the work of

27/03/2018 EBA/CP/2018/02. Consultation Paper

The role and work of the EBA in the new European resolution regime Stefano Cappiello EBA Head of Unit, Recovery and Resolution

EPCA PAYMENT SUMMIT Arno Voerman (Van Doorne N.V.) Edwin Jacobs (Time.Lex)

GUIDELINES ON PROFESSIONAL INDEMNITY INSURANCE UNDER PSD2 EBA/GL/2017/08 12/09/2017. Guidelines

18 November CEBS s guidelines regarding revised Article 3 of Directive 2006/48/EC

CEBS Public Consultation on Liquidity Cost Benefit Allocation (CP 36) Presentation at Public Hearing 1 June 2010, London Dominique Laboureix

Draft RTS on materiality threshold for past due credit obligations. Public Hearing 16 January 2015

European Securities Markets Challenges and opportunities ahead

C HAPTER B. Introduction. Capital Markets and Securities Law

Bird & Bird on the most important consequences of PSD2

JC /07/2018. Final report

NEWSLETTER I. UPCOMING EBA PUBLICATIONS (JANUARY MARCH 2018)

Post Consultation Report on the implementation of the revised CBM Directive No 1 on the Provision and Use of Payment Services*

EBA CP on Draft RTS on assessment methodologies for the Advanced Measurement Approaches for operational risk under Article 312 of CRR

COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL. A Roadmap towards a Banking Union

Committee on Consumer Protection and Financial Innovation (CCPFI)

Isabelle Vaillant Director of Regulation. European Institute of Financial Regulation (EIFR) 23 Septembre 2016

Draft Outline of the 2016 Work Programme

FINAL DRAFT RTS UNDER ARTICLE 45(6) OF DIRECTIVE (EU) 2015/849 JC /12/2017. Final Report

Section 3.4 covers the two payment card schemes overseen by the Bank : the domestic Bancontact scheme and the international Mastercard scheme.

Dear Chairman, dear Members of the TAX3 Special Committee,

ESMA Risk Assessment Work Programme 2017

Payment Services and Electronic Money Our Approach

Financial Services Commission

RTS AND GL ON GROUP FINANCIAL SUPPORT EBA/CP/2014/ October Consultation Paper

on creditworthiness assessment

EUROPEAN COMMISSION Directorate General Internal Market and Services

EBA/CP/2015/ November Consultation Paper

COMMISSION STAFF WORKING DOCUMENT IMPACT ASSESSMENT. Accompanying the document

Public hearing EBA Draft RTS on the methods of prudential consolidation under Article 18 of the CRR. London, 22 January 2018

EBA s role in promoting supervisory and regulatory convergence in the EU. Andrea Enria - EBA Chairman Helsinki 5 June rd FIN-FSA Conference

Strengthening the European banking system Overview of the CRDIV. World Bank CFRR IFRS Seminar for banking supervisors 18 April 2012, Zagreb

Guidelines on complaints-handling for the securities and banking sectors

b) "Requested Authority" means the Authority to whom a request is made under this MoU; and

the security of retail payments

The EBA after one year: achievements and challenges ahead

Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

JC/GL/2017/ September Final Guidelines

Official Journal of the European Union. (Non-legislative acts) REGULATIONS

Council of the European Union Brussels, 23 November 2018 (OR. en)

Cooperation between authorities Preserving the relevance of deposit guarantee in Europe

The main regulatory changes introduced PSD2 in a nutshell

Guidelines on the treatment of CVA risk under the supervisory review and evaluation process (SREP) 27 January 2016 Public Hearing, London

ESMA s consultation papers on draft regulatory standards under the securitisation regulation Roxana Damianov, Thierry Sessin-Caracci, Adrien Amzallag

REPORT FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL

Regulations and guidelines 4/2018

EUROPEAN BANKING AUTHORITY SUMMARY OF THE ANNUAL REPORT 2013

PSD2 and other European legal developments

Draft EBA Guidelines on the security measures for operational and security risks of payment services under PSD2

Consultation Paper. Draft guidelines on cooperation agreements between deposit guarantee schemes under Directive 2014/49/EU EBA/CP/2015/13

EBA FINAL draft Regulatory Technical Standards

Final Report EMIR RTS on the novation of bilateral contracts not subject to bilateral margins

EBA/GL/2017/08 07/07/2017. Final Report

The Changing EU Regulatory Framework for Retail Payments

B8-0551/2018 } B8-0552/2018 } RC1/Am. 57

Delegations will find below a Presidency compromise text on the above Commission proposal, as a result of the 17 June meeting.

ESMA Risk Assessment Work Programme 2018

European Banking Authority

FRAMEWORK APPLICABLE TO THE NOTIFICATION OF AIFS

EBA FINAL draft Regulatory Technical Standards

The new architecture of the EU regulation

Regulations and guidelines 1/2012

PSD2 Stakeholder Liaison Group. 10 February 2017

Innovation in Payment Services: The Role of EU Policies

The main regulatory changes introduced PSD2 in a nutshell

Guidelines On the Process for the Calculation of the Indicators to Determine the Most Relevant Currencies in which Settlement Takes Place

CESR/ CEBS/2008/39 CEIOPS-3L March 2008

Recommendation on the coverage of entities in the group recovery plan

ECB-PUBLIC OPINION OF THE EUROPEAN CENTRAL BANK. of 28 May 2015

The EU's Financial Services Action Plan

EBA final draft Implementing Technical Standards

Draft Technical Standards on valuation for resolution. 16 January 2015

EUROPEAN BANKING AUTHORITY. Summary of the EBA 2012 annual report

ECB-PUBLIC OPINION OF THE EUROPEAN CENTRAL BANK. of 28 June on credit agreements for consumers relating to residential immovable property

Stress Testing the Credit Risk of Mortgage Loans: the relationship between portfolio-lgd and the Loan-to-Value Distribution

Supervision of Non-Banking Payment Service Providers

Council of the European Union Brussels, 4 December 2018 (OR. en) Anti-Money Laundering Action Plan - Council Conclusions (4 December 2018)

COMMISSION DELEGATED REGULATION (EU) /... of

EBA/Rec/2017/02. 1 November Final Report on. Recommendation on the coverage of entities in a group recovery plan

OPINION OF THE EUROPEAN CENTRAL BANK

Delegations will find below a Presidency compromise text on the above Commission proposal, to be discussed at the 28 February 2011 meeting.

TEMPLATE: COMMENTS ON THE DRAFT "RECOMMENDATIONS FOR PAYMENT ACCOUNT ACCESS SERVICES"

ECA-

How to ensure enough Loss Absorbing Capacity: From TLAC to MREL

EIOPA: recent developments in insurance and pensions. EVCA Investors' Forum Geneva, 14 March 2012

Transcription:

EBA mandate on the RTS on strong customer authentication & secure communication Status update Geoffroy Goffinet Consumer Protection, Financial Innovation and Payments, EBA European Payments Gateway Conference, Brussels, 9 June 2016

Outline I. Introduction to the EBA > The creation of the EBA > Legal Instruments > Scope of action > Output to date III. EBA s mandates under the PSD2 > Mandates and timelines > Competing demands on strong customer authentication > Issues addressed in the EBA Discussion Paper 1

Introduction to the EBA 2

The creation of the EBA The EBA was established by Regulation (EC) No. 1093/2010 of the European Parliament and EU Council; came into being on 1 January 2011; took over all existing tasks and responsibilities from the Committee of European Banking Supervisors (CEBS); took on additional tasks, incl. consumer protection, the monitoring of financial innovation, and payments; is an independent authority; is accountable to the EU Parliament and Council; and has as its highest governing body the EBA Board of Supervisors, comprising the Heads of the 28 national supervisory authorities. 3

Main objective and mandate of the EBA Objective To protect the public interest by contributing to the short, medium and longterm stability and effectiveness of the financial system, for the Union economy, its citizens and businesses. (Art.1(5)). Means by which the EBA is to achieve its objective The EBA shall inter alia contribute to improving the functioning of the internal market, including in particular, a sound, effective and consistent level of regulation and supervision; ensuring the taking of credit and other risks are appropriately supervised and regulated; enhancing customer protection; (Art. 1(5)(f); monitor[ing] new and existing financial activities and adopt[ing] guidelines and recommendations with a view to promoting the safety and soundness of markets and convergence of regulatory practice. (Art. 9(2)) 4

The EBA s scope of action The EBA s regulatory remit is defined by the EU Directives and Regulations that fall into its scope of action, either because they are listed in the EBA s founding regulation or because they confer tasks on the EBA. They include: Capital Requirements Directive (CRR/D IV) Deposit Guarantee Scheme Directive (DGSD) Mortgage Credit Directive (MCD) Payment Accounts Directive (PAD) Electronic Money Directive (EMD) Payment Services Directive (PSD1 + forthcoming PSD2) Anti Money Laundering Directive (AMLD) Markets in Financial Instruments Directive (MiFID/R, for structured deposits) 5

Legal instruments available to the EBA The EBA has different types of legal instruments at its disposal that differ in terms of purpose, legal status, and possible addressees. Technical standards Guidelines and recommendations Opinions / Technical Advice Warnings Temporary prohibitions Joint Positions Breach of Union law investigations Binding and non-binding mediation 6

Output of the EBA to date Since its creation in 2011, the EBA has issued more than 200 legal instruments, as well as more than 100 reports. 2011 2012 2013 2014 2015 Total Regulatory Technical Standards 0 1 39 22 15 77 Implementing Technical Standards 0 0 21 10 9 40 Guidelines 2 6 2 17 19 46 Opinions / Technical Advice 1 6 6 14 21 48 Published reports 6 12 26 23 34 111 Recommendations 2 0 4 1 2 9 Breach of Union Law investigations 0 0 0 1 0 1 Mediations 0 2 5 0 0 7 Peer reviews 0 0 1 1 1 3 Warnings 0 0 2 0 0 2 Stress tests 1 0 0 1 1 3 7

The EBA s mandates under the PSD2 8

Security (jointly with the ECB) Register Authorisation Consumer Protection Coordination of home - host supervision EBA mandates in PSD2 and their timelines EBA deliverable: Entry into force of PSD 2 Entry into force + 12mths Entry into force + 18mths Entry into force + 24mths = Application date of PSD2 (incl. all EBA mandates, except N:) RTSs on Passporting Notification & on supervision Publication of CP with draft RTS RTS Central Contact Points GL on PI Insurance for PSPs GL on complaints procedures GL on PI authorisation First consultations published RTS/ITSs on EBA register GL on incident reporting GL on Security measures RTS on Strong Authentication & Secure Communication Publication of DP Adoption of RTS by EU Commission (date tbc) Entry into force of RTS (RTS adoption + 18 months, i.e. not before Sep. 2018 )?? 9 Jan 2016 Jan 2017 July 2017 Jan 2018 Sep 2018

Strong authentication and secure communication: finding a balance between competing demands When developing the RTS on strong customer authentication & secure communication, EBA and ECB will have to make difficult trade-offs between competing demands. 1) Tough security standards vs. Facilitation of innovative industry solutions in the future (which may suggest a high degree of (which may suggest the opposite, i.e. high level prescription in the requirements to requirements that provide flexibility across space & time); avoid circumvention of rules); 2) Tough security standards vs. Customer convenience (which may suggest that payment user (which may suggest the opposite, e.g. one-click payments); should be subject to several security and authentication steps); 3) High degree of interoperability vs. Flexibility for market participants between all ASPSPs and all PISPs/AISPs (which may suggest the opposite, i.e. high level (which may suggest one single standard/ requirements that in turn allow for many different marketprotocol to be prescribed by the EBA); driven solutions); 10

Issues addressed in the Discussion Paper In the Discussion Paper (DP) on the RTS on strong customer authentication and secure communication, EBA & ECB have asked questions on five topics. The responses to the DP will be an input to the subsequent development of the RTS, on which EBA & ECB will consult in 2016Q2. Requirements for the strong customer authentication procedure; Exemptions to the application of strong customer authentication; Protection of the payment service users personalised security credentials; Requirements for common and secure open standards of communication; and Possible synergies with the regulation on electronic identification and trust services for electronic transactions in the internal market (e-idas); Everyone had the opportunity to submit responses to the EBA, by 8 February 2016. The EBA has received 118 responses and is currently in the process of assessing them. As a next step, in summer 2016, the EBA will be issuing a Consultation Paper with draft requirements. 11

EUROPEAN BANKING AUTHORITY Tower 42, 25 Old Broad Street London EC2N 1HQ Tel: +44 2073821770 Fax: +44 207382177-1/2 E-mail: info@eba.europa.eu http://www.eba.europa.eu

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback