The role of the EBA The EBA was established by Regulation (EC) No. 1093/2010 of the European Parliament and EU Council; came into being on 1 January 2011;

Slides:

Advertisements

Similar presentations

The Benefits and Challenges of Implementation of Basel II in Europe José María Roldán | 27 Sept 2005.

Advertisements

EU Institutional Architecture for Financial Regulation – Constitutional Issues and Solutions Alexander Türk Dickson Poon School of Law, Centre of European.

Towards a Banking Union - Panel I: Are growth and stability compatible? - Steven Keuning Director General HR, Budget and Organisation 20 March 2013.

Energy Proposal for a Council Directive amending Directive 2009/71/EURATOM establishing a Community framework for the nuclear safety of nuclear installations.

VI Conference Payments and securities settlement systems National bank of Macedonia Ohrid, KIBS AD Skopje M. Sc. Paunkoski Nikola.

Presentation of the ECB Framework Regulation Organisational aspects

The European Banking Authority

 Safe and efficient payments, throughout Europe  The Single Euro Payments Area (SEPA) is a project to harmonise the way we make and process retail payments.

European Commission Directorate-General for Energy and Transport n° 1 The Developing European Railways Committee Rules and working method Brussels, 20.

Jose Braz, ERGEG Conference on Implementing the 3rd Package 11th December 2008 The Agency for the Cooperation of European Energy Regulators.

Mark van Stiphout – DG TREN – C2 Internal market for electricity and gas The role of TSOs in the third package EUROPEAN COMMISSION GIE conference 7 May.

Europol’s tailor-made data protection framework

The EU Supervision, Crisis Management and Resolution Authorities: New Supranational Powers and Constitutional Law Limits Jonathan Overett Somnier, Head.

XBRL AND BANKING SUPERVISION José María Roldán Director General of Regulation, Banco de España Chair, XBRL España Chair, Committee of European Banking.

The European Railway Agency in development

From European to international standards on data protection (1/2)

Andreas Weller, Head of IT Roadmap for the implementation of the new COREP and FINREP in XBRL, 31 th May 2012.

XBRL as a tool for supervision Arnoud Vossen Chairman CEBS Expert Group on Financial Information.

IT security seminar Copenhagen, April 4th 2002 M. Jean-Michel HUBERT Chairman of the French Regulation Authority IRG Chairman.

European Ombudsman Access to environmental information Task Force on Access to Information Geneva, 4 December 2014.

The Law of the European Union Information and Communication.

European Commission Taxation and Customs Union 11 Taxing Multinational Corporations: Addressing Transfer Pricing and Cross Border Tax Avoidance Thomas.

After the crisis: Changes in Regulation in Europe... - the most important trends and influences upon the insurance market Michaela Koller, director general,

Investment Funds Conference “Collective Investment Funds in the Qatar Financial Centre – Confidence and Opportunity” November 26-27, 2007 Michael Webb.

Terezia Sinkova EFSA The new EU Food Safety Agency.

How will the Third Liberalization package influence the framework of the regulators? Dr. Annegret Groebel Managing Director and Head of International Coordination.

CEBS in Brief. The Lamfalussy approach The Lamfalussy approach was first implemented in the securities field following the recommendations of the Committee.

WORLD BANK conference - 8 November 2005 Advanced Program in Accounting and Auditing Regulation CESR An Introduction Michel Colinet Director for Financial.

Ensuring Food Safety in Europe through Scientific Cooperation and Networking The Role of EFSA Carola Sondermann EFSA Polish Focal Point – Annual Experts.

Regulation: A European Perspective Rhodri Preece, CFA CFA Institute Centre for Financial Market Integrity.

1 New European Union System for Safeguarding Financial Stability.

European Commission, Technical Assistance Information Exchange Unit (TAIEX), DG Enlargement in co-operation with The Bulgarian Chamber of Commerce and.

TRANSPARENCY AGENDA FOR EUROPE

EPC Roadmap One year on, how are we doing? EPC Strategy Off-site, Durbuy, 2 October 2005 Gerard Hartsink, EPC Chair PRES.

Trade Defense Instruments in the EurAsEC Customs Union Andrey Zakharov Department for Internal Market Defense Eurasian Economic Commission Brussels - July.

Lisbon comitology in practice – a Commission perspective on the financial services sector Jan Ceyssens European Commission – DG Internal Market and Services.

©2012 Morrison & Foerster (UK) LLP | All Rights Reserved | mofo.com Data Protection Masterclass: The New Draft EU Data Protection Regulation 19 September.

Data protection and European citizens’ initiatives

The Digital Agenda for Payment Services

BANKING SUPERVISORS AND XBRL 11th XBRL International Conference José María Roldán Director General of Regulation, Banco de España Chair of XBRL España.

1 The regulatory framework for payments in Europe Céu Pereira, Permanent representation of Portugal to the EU.

PSD 2 Proposal for a revised Directive on payment services State of play Payment Systems Market Expert Group 11 April 2014 Silvia Kersemakers, 11 April.

European Insurance and Occupational Pensions Authority Introduction Press Briefing Frankfurt, 10 January 2011.

CONFERENCE IMPLEMENTATION OF MARKETS IN FINANCIAL INSTRUMENTS DIRECTIVE -MiFID- Split, June 2007 OPENING SPEECH Ante Samodol President of the Board.

PSD2 and W3C Impact for account and payment processing.

Deconstructing the EU NIS Directive: model, architecture, interfaces, expressions Tony Rutkowski, 08.

M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 6 – Company Law Bilateral screening:

Political implications & possible measures at EU level - Budapest – 19 May Francesco MARCHI, Euratex.

-1- WORKSHOP ON DATA PROTECTION AND DATA TRANSFERS TO THIRD COUNTRIES Technical and organizational security measures Skopje, 16 May - 17 May 2011 María.

1 29 June 2016 EU and Polish legislation related to the payment services market TAIEX Workshop on Regulation of Payment Systems 29 June 2016, Kiev Ewa.

2 PSD2- C HALLENGES AND OPPORTUNITIES Pascale-Marie BRIEN– Senior Policy Adviser.

1 1 European Central Bank Frankfurt, 21 September 2009 The new European supervisory architecture.

The Citizen in the centre in EU, Bratislava November,2005

Update from the Faster Payments Task Force

Public Hearing | Slavka Eley

Dr. Stephan Finke Deutsche Akkreditierungsstelle GmbH

LEGAL ASPECTS OF FINANCE Lecture 5

European Insurance and Occupational Pensions Authority Introduction

Financial Instruments: the regulatory framework

Key dates for PSD2 and implications to EU/UK payment processors

Timing June : Negotiations with Council and EP: modification of the Financial Regulation subject to ordinary legislative procedure End 2011:

Technological changes in the finance sector

The EDPS: competences and processing of personal data in EU funds

The EPSAS Governance Framework

Comitology and the Treaty of Lisbon

Jill Michielssen European Commission, DG Environment

Neopay Practical Guides #2 PSD2 (Should I be worried?)

Presentation to the Portfolio Committee

Financial Reporting Policy

EUnetHTA Assembly May 2018.

Presentation transcript:

W3C IG EBA PSD2 mandate on Strong Customer Authentication and Secure Communication Geoffroy Goffinet

The role of the EBA The EBA was established by Regulation (EC) No. 1093/2010 of the European Parliament and EU Council; came into being on 1 January 2011; took over all existing tasks and responsibilities from the Committee of European Banking Supervisors (CEBS); took on additional tasks, incl. consumer protection, the monitoring of financial innovation, and payments; is an independent authority; is accountable to the EU Parliament and Council; has as its highest governing body the EBA Board of Supervisors, comprising the Heads of the 28 national supervisors. 1

Output of the EBA to date Since its creation in 2011, the EBA has issued more than 200 legal instruments, as well as more than 100 reports. 2011 2012 2013 2014 2015 Total Regulatory Technical Standards 1 39 22 15 77 Implementing Technical Standards 21 10 9 40 Guidelines 2 6 17 19 46 Opinions / Technical Advice 14 48 Published reports 12 26 23 34 111 Recommendations 4 Breach of Union Law investigations 0 Mediations 5 7 Peer reviews 3 Warnings 0 Stress tests 1 2

PSD2 - Strong Authentication & Secure Communication EBA mandates and milestones The PSD2 confers a mandate (art 98) on the EBA to develop in close cooperation with the ECB: the requirements of the strong customer authentication; the exemptions from the application of strong customer authentication; the requirements with which security measures have to comply in order to protect the confidentiality and the integrity of the payment service users’ personalised security credentials; and the requirements for common and secure open standards of communication for the purpose of identification, authentication, notification, and information, as well as for the implementation of security measures, between account servicing payment service providers, payment initiation service providers, account information service providers, payers, payees and other payment service providers. Joint CP to allow market participants to see the complete picture and provide meaningful responses

? Strong Authentication & Secure Communication milestones First publications on Dec 8th Entry into force + 12mths 13 Jan 2018 Sep 2018 Entry into force + 24mths = Application date of PSD2 (incl. all EBA mandates, except RTS SCA-CSC) Adoption of RTS by EU Commission (date tbc) Entry into force of RTS (RTS adoption + 18 months, i.e. not before Sep. 2018 ) ? Entry into force of PSD 2 EBA deliverable: 8 Feb 2016 Jul-Sept 2016 (jointly with the ECB) Security Publication of DP ↙ RTS on Strong Authentication & Secure Communication Publication of CP ↙ ? 13 Jan 2016 13 Jan 2017 End of DP consultation Milestones for the RTS and ITSs 8 February 2016 – End of public consultation on the DP Q2 2016 – Development of the requirements. Summer 2016 – Tentative publication of draft Consultation Paper on the draft RTS (3 months) End of CP – Jan 2017 – finalisation of draft RTS and submission to the EU Commission

Strong authentication and secure communication: finding a balance between competing demands When developing the RTS on strong customer authentication & secure communication, EBA and ECB will have to make difficult trade-offs between competing demands. 3) Tough security standards vs. Facilitation of innovative industry solutions in the future (which may suggest a high degree of (which may suggest the opposite, i.e. high level prescription in the requirements to requirements that provide flexibility across firms & time); avoid circumvention of rules); 2) Tough security standards vs. Customer convenience (which may suggest that payment user (which may suggest the opposite, e.g. one-click payments); should be subject to several security and authentication steps); 1) High degree of interoperability vs. Flexibility for market participants between all ASPSPs and all PISPs/AISPs (which may suggest the opposite, i.e. high level (which may suggest one single standard/ requirements that in turn allow for different market- protocol to be prescribed by the EBA); driven solutions);

Strong authentication and secure communication: finding a balance between competing demands (cont.) Discussion Paper (DP) on the RTS on strong customer authentication and secure communication, EBA & ECB raise questions on five topics. The responses to the DP will be an input to the subsequent development of the RTS, on which EBA & ECB will consult in 2016Q2. Requirements for the strong customer authentication procedure; Exemptions to the application of strong customer authentication; Protection of the payment service users’ personalised security credentials; Requirements for common and secure open standards of communication; and Possible synergies with the regulation on electronic identification and trust services for electronic transactions in the internal market (e-Idas);