Open Banking is set to receive its first ‘school report’ from the European Commission this year, setting out how the second Payment Services Directive (PSD2) is performing, along with consideration of progress being made toward Open Finance.
In October 2021, the European Commission requested advice from the European Banking Authority (EBA) on a number of specific topics related to PSD2.
Topics to be examined include the licensing of payment institutions and supervision of payment service providers under PSD2, transparency of conditions and information requirements, rights and obligations under Article 75 of PSD2, Strong Customer Authentication (SCA), as well as enforcement of PSD2 and cross-sectoral topics, among other areas.
Ahead of the review, the EBA has been asked to deliver its advice to the Commission services by the 30th of June 2022. An EBA spokesperson confirmed that the Authority is currently working on developing the response with the intention of submitting it to the Commission within the deadline.
The review is expected to inform the strategy that will usher Open Finance into the European Union (EU), and therefore must align with other EU initiatives focusing on data access - such as the European Data Strategy, the Data Act, and the regulation of gatekeeping platforms.
While separate from the EBA’s response to the call for advice on the PSD2 review, the Authority recently addressed specific questions around SCA in a report published on the 5th of April, proposing amendment of its Regulatory Technical Standards (RTS) on SCA.
Taking over 1,200 responses into consideration, the RTS report follows the EBA’s consultation paper published in October 2021, which set out proposed amendments to the RTS on SCA. Responses taken were along the lines of the following:
- Introducing a new mandatory exemption to SCA, which allows account providers not to apply SCA when access is through an Account Information Service Provider (AISP), providing certain conditions are met;
- Limiting the scope of the voluntary exemption in Article 10 RTS to the case where the customer accesses the account information directly with the Account Servicing Payment Service Provider (ASPSP); and
- Extending the timeline for the renewal of SCA from every 90 days to every 180 days - both where the information is accessed through an AISP, or directly by the customer.
The final report on the draft amending RTS on strong authentication and common and secure communication introduces a targeted amendment aiming to address a subset of issues regarding access to payment account when using account information services providers. Its updates are intended to apply seven months after publication of the amending RTS in the Office Journal of the EU.
Open Banking and Open Finance in Europe will be explored in panel sessions during the Euro Banking Association and Finextra’s upcoming EBAday 2022 conference.
After two years as a virtual conference, EBAday 2022 will run in person for its seventeenth year, welcoming a host of board directors, chief executive officers, and payments and technology heads from Europe’s leading banks, as well as selected fintechs.
Register now to attend EBAday 2022 in Vienna, Austria on the 31st of May and 1st of June.