The approach document, PS18/24, sets out the FCA's final approach and guidance to implementing the Payment Services Directive 2017 (PSD2) and associated EBA technical standards and guidance including the Regulatory Technical Standards on strong customer authentication and secure communication (SCA-RTS) which are effective from 14 September 2019.
This follows the consultation, CP18/25, where the FCA consulted on new rules and guidance to implement remaining aspects of the revised Payment Services Directive (PSD2). Key topics in the policy statement are:
- Opening banking – this confirms the approach to assessing whether banks and other online account providers are properly set up to enable ‘open banking’. The FCA will start to make assessments, in order to exempt these firms from additional requirements, from January 2019. It encourages relevant firms to submit an exemption request before 14 June 2019 and to discuss this with the FCA in advance. See new webpage.
- Anti-fraud measures – sets out the approach to PSD2 measures designed to enhance the security of electronic payments ‘strong customer authentication’. For example, payment service providers will need to ask for more information to verify customers making some payments online, to prevent fraud. This is an important set of changes aimed at enhancing consumer protection by making electronic payments more secure. It also finalises more comprehensive fraud reporting for all payment service providers.
Also published is version 3 of the Payment Services and Electronic Money Approach Document. This includes a new chapter 20 on strong customer authentication requirements and final guidance on the contingency exemption request (chapter 17).
The FCA is also consulting in CP18/44 on Brexit contingency plans for the EBA’s RTS which is aligned with its Policy Statement. In the event of a no-deal Brexit, this consultation sets out proposals which are intended to maintain certainty and consumer protections.