Banks and third party providers agree on joint efforts regarding the transition to new payment rules; Joint statement of European Credit Sector Associations (ECSAs) and Third Party Provider associations on PSD2 rules applicable on 14 September 2019.
Today, the European Banking Federation (EBF), the European Association of Co-operative Banks (EACB) and the European Savings and Retail Banking Group (ESBG), known collectively as the European Credit Sector Associations (ECSAs), on the one side and the European Third Party Providers Association (ETPPA) and the Financial Data and Technology Association (FDATA) on the other side, formulated a Joint Statement to smoothen the transition to the new security and communication standards that will be applicable from 14 September 2019 within the framework of the revised payments services directive (PSD2), according to a press release.
The statement covers a series of communication and information related commitments to improve the interactions between banks and Third Party Providers (TPPs) regarding the implementation of the new standards.
The parties to the statement reasserted their full commitment to the objectives of PSD2 which will create a more secure, innovative and competitive payments landscape with stronger consumer protection. The successful implementation of the PSD2 framework aims to create a vibrant market for payments in the European Union opening up new opportunities for all the players involved.
Representatives of the banking sector stressed that with this statement the banking industry is sending a strong signal about its willingness to make PSD2 a success. According to them, the objective of this initiative is to put forward joint solutions to facilitate as much as possible the implementation of PSD2. TPP representatives highlighted the need to ensure full business continuity of TPP-provided services to the benefit of European consumers, merchants and corporates.
Both parties also call on the National Competent Authorities to use the possibilities given to them within the law to the maximum extent possible to help avoid unintended customer detriment.
The statement resulted from a continued dialogue between representatives of the two third party providers associations and the three ECSAs overseen by the relevant EU authorities including DG FISMA and DG COMP of the European Commission as well as the European Banking Authority. The parties to the statement will monitor the progress made on a best effort basis until the 14 September 2019.
Joint Statement – Brussels, 26 July 2019.
The representatives of the two European Third Party Providers associations ETPPA and FDATA, hereafter: “the TPPs” and the three European Credit Sector Associations, hereafter: “the ECSAs”,
a) The ECSAs and TPPs fully support the political goals of PSD2 and share the ambition to make it a success;
b) The ECSAs and TPPs recognize that the full legal implementation of PSD2 and the RTS on SCA and CSC will be completed on 14 September 2019;
c) The ECSAs and the TPPs acknowledge that from a forward looking technology perspective the preferred way ASPSPs give access to relevant accounts is through APIs;
d) The ECSAs and TPPs recognize that the successful implementation of PSD2 is a pre-requisite to reap the full benefits of it and for taking further steps beyond PSD2, which is on the agenda of the ERPB SEPA API Access Scheme Working group;
e) The ECSAs and the TPPs should therefore do everything reasonably possible to avoid “customer detriment” of their mutual customers within the legal boundaries PSD2, the RTS and other relevant legislation;
f) On 10 July 2019 the European Commission organised a joint workshop at which staff from EBA were present as observers. Arguments were exchanged by ASPSPs and TPPs. It was agreed that a small task force would endeavour to draw up a “gentlemen’s agreement” that might possibly address some of the issues;
g) The ECSAs and TPPs subsequently drew up this current joint statement in good faith.
Have agreed to the following on a best effort basis:
1) The parties agree to call upon ASPSPs to provide contingency relevant documentation in their developer portals, more specifically on TPP identification and use of SCA in such contingency scenario. ASPSPs and TPPs shall collaborate for a coordinated and progressive SCA implementation within the boundaries of the law.
2) The parties agree to call upon ASPSPs and TPPs, to neutrally communicate to PSUs about the changes brought by the introduction of new SCA methods.
3) The parties agree to call upon the ECSA membership to populate and promote transparency initiatives, such as the existing central transparency register maintained by NISP, which contains at minimum the ASPSPs official name, a link to their PSD2 related developer portal and a relevant contact point either email or phone.
4) The parties agree to call upon the TPP’s representative associations to call upon their memberships to intensify testing the APIs that are currently available in developer portals and provide relevant feedback to the ASPSPs.
5) The parties agree to call upon the NCAs to use the possibilities given to them within the law to the maximum extent possible to help avoid unintended customer detriment.
6) The parties agree to call upon the relevant authorities to consider urgently the legal possibilities to solve the unintended consequences of 90 day SCA renewal in the context of AIS, taking into account other stakeholder’s views.
7) The parties agree to continue their constructive dialogue towards the 14 September deadline and agree to maintain the task force referred to in consideration f) to monitor progress on a regular basis.
„For more than a week now, ScoreRise enrolls daily hundreds of users through an innovative facial recognition interface. Enrollment takes less than a minute and it does not require presence of a human operator or video recording. And, of course, it stays fully GDPR compliant with help from Reff & Associates and Deloitte Romania.”