On 19 December 2018, the FCA published Policy Statement 18/24: Approach to final Regulatory Technical Standards and EBA guidelines under the revised Payment Services Directive (PS18/24).
In PS18/24, the FCA sets out new or amended rules, directions and guidance to implement regulatory technical standards (RTS) for strong customer authentication and common and secure open standards of communication (SCA-RTS) and related guidelines developed by the European Banking Authority (EBA) under the revised Payment Services Directive (PSD2). The FCA also confirms its approach to assessing whether banks and other online account providers are properly set up to enable ‘open banking’. It will start to accept exemption requests and make assessments of them from January 2019. The FCA encourages relevant firms to submit an exemption request before 14 June 2019 and to discuss this with it in advance. The FCA also sets out its approach to parts of the SCA-RTS which are designed to enhance the security of electronic payments. For example, banks will need to ask for more information to verify customers making some payments online, to prevent fraud.
In addition, the FCA has published Consultation Paper 18/44: Brexit – RTS for strong customer authentication and common and secure open standards of communication (CP18/44) which sets out how it proposes to make technical standards substantially the same as the SCA-RTS if there is no implementation period following the UK’s departure from the EU. The deadline for comments on CP18/44 is 19 February 2019.