On 17 September 2018, the FCA published Consultation Paper 18/25: Approach to final regulatory technical standards and EBA guidelines under the revised payment services directive (PSD2), (CP18/25).
CP18/25 focuses on the regulatory technical standards for strong customer authentication and common and secure open standards of communication (SCA-RTS). Most SCA-RTS have to be applied by firms from 14 September 2019 onwards. The EBA has consulted on draft Guidelines on the conditions to be met to benefit from an exemption from contingency measures under Article 33(6) of Regulation. The EBA’s consultation is reflected in CP18/25.
CP18/25 proposes rules and changes to the guidance on PSD2 in the Payment Services and E-money Approach Document, and the Perimeter Guidance Manual (PERG) to ensure, amongst other things:
- ASPSPs can be exempted from the requirement to build a contingency mechanism ahead of 14 September 2019;
- information can be received that PSPs are required to provide under the finalised SCA-RTS in a consistent format;
- the FCA’s Approach Document guidance on PSD2 is up-to-date with the SCA-RTS; and
- the FCA’s Approach Document is aligned with the finalised EBA exemption guidelines.
Specifically, within CP18/25:
- Chapter 3 addresses the FCA’s proposed approach to SCA-RTS between payment account providers and third-party providers.
- Chapter 4 addresses the FCA’s proposed approach to the SCA-RTS in relation to requirements for strong customer authentication.
- Chapter 5 addresses changes to fraud and complaints reporting under PSD2 in light of the EBA’s guidelines on fraud reporting, and the FCA’s continued work concerning authorised push payment fraud.
- Chapter 6 provides additional changes to various chapters of the payment service and E-money Approach Document to remain up to date following the finalisation of a number of EU RTS and guidelines in the payment services field.
The deadline for responses to CP18/25 is 12 October 2018.