Application in UK of EBA Guidelines on Security of Internet Payments
On 2 April 2015, the FCA published a statement on its website as follows:
Security of Internet Payments – EBA Guidelines
The European Banking Authority (EBA) has published its final Guidelines on the Security of Internet Payments. We are fully supportive of the objectives behind the Guidelines and agree with the importance of consumers being protected against fraud when making payments online. Ensuring the security of payments and the protection of sensitive customer data is a critical part of the infrastructure of robust payment systems.
Many firms already have in place measures for strong customer authentication, and we would remind payment service providers of their responsibility to ensure consumers’ payments are safe and secure. We will be incorporating the detail of the requirements of the Guidelines into our supervisory framework in line with the revised Payment Services Directive (PSD2) transposition timeline.
The statement can be found on the FCA website (at the bottom of the page) here.
This is entirely consistent with our understanding of the FCA’s approach: essentially, it is that the Guidelines requirements will be adopted in the UK as part of and in time with PSD2 transposition.