The European Banking Authority (EBA) yesterday made further announcements on progress towards the final rules under the revised Payments Services Directive (PSD2).

Central contact points

It launched a public consultation on draft regulatory technical standards (RTS) for PSD2, which is due to take effect from January 2018. The RTS in question specify the criteria for determining when to appointment a central contact point and the functions that contact points should have. A central contact point is an entity appointed by an EU member state to ensure there is good communication and reporting under PSD2 and to facilitate the supervision by the competent authorities in the home and host country, when cross-border payments services are provided in another member state. The consultation runs until 29 September 2017.

EBA disagrees with Commission's amendments

The EBA also published its opinion on the subject of strong customer authentication and common and secure communication, in response to the European Commission's intention to amend related RTS. In substance the EBA rejected the Commission's suggested changes, disagreeing with three out of four of them because they “would negatively impact the fine trade-off and balances previously found in the RTS”. It said that, while it agrees with the aims sought in the Commission's amendments, it disagrees with some of the means by which the Commission is proposing to achieve those aims.

The draft RTS on strong customer authentication and common and secure communication was first published in February this year. However, the EBA says it had to make “difficult trade-offs between the various, at times competing, objectives of the PSD2, such as enhancing security, promoting customer convenience, ensuring technology and business-model neutrality, contributing to the integration of the European payment markets, protecting consumers, facilitating innovation, and enhancing competition through new payment initiation and account information services”.

The Commission wanted to amend the EBA's draft RTS in four main areas:

1. the proposal for the audits to be performed by statutory auditors;
2. an additional, standalone exemption to be added for specific types of corporate transactions;
3. for payment service providers to report the outcome of the monitoring and calculation of the fraud rate to the EBA; and
4. to require Account Servicing Payment Service Providers (ASPSPs) that have set up a dedicated interface to ensure that Account Information Service Providers (AISPs) and Payment Initiation Service Providers (PISPs) can access the ASPSP's customer interface as a fall-back in case the dedicated interface is not performing as required under the RTS.

It is now up to the Commission to make the final decision on the details of the RTS.

---

CTMfile take: This is part of an ongoing debate on the details of how PSD2 should be implemented. A group of fintech lobbyists have also had their say on the EBA's interpretation of the RTS, saying that they “do not reflect the principles laid down in PSD2”.