The European Banking Authority (EBA) has issued a press release stating that it is getting ready to develop requirements that will harmonise regulatory and supervisory requirements for EU payment services.

In doing so the EBA will fulfil its mandates under the revised Payments Services Directive (PSD2) and the Interchange Fee Regulation (IFR). The EBA notes that the IFR has been finalised and that the PSD2 is in the final negotiation stages and that once it is agreed the EBA will approach industry and other interested parties to gather input at an early stage of the regulatory development process.

The PSD2 mandates for the EBA are expected to include requirements to improve operational and security requirements for payment services. However, as the security requirements under the PSD2 are not expected to come into force until 2018/19 the EBA has also issued final guidelines for the security of internet payments that are applicable from 1 August 2015. The guidelines are intended to set out minimum security requirements for payment services providers across the EU and provide enhanced protection of EU consumers against payment fraud on the internet. The guidelines are based on the “comply or explain” principle, meaning that Member State authorities have to notify the EBA within two months of the publication of the translations whether they will comply with the guidelines or otherwise explain their reason for non-compliance.

The EBA expects to start working on the regulatory technical standards under the IFR and develop requirements to ensure that payment card schemes and processing entities are independent from one another in terms of accounting, organisation and decision making processes. The EBA is intending to get industry views on this mandate during the summer.

View EBA outlines its upcoming initiatives for the regulation of retail payments, 21 May 2015