Presentation is loading. Please wait.

Presentation is loading. Please wait.

The role of the EBA The EBA was established by Regulation (EC) No. 1093/2010 of the European Parliament and EU Council; came into being on 1 January 2011;

Published byHugh Porter Modified over 8 years ago

Similar presentations

Presentation on theme: "The role of the EBA The EBA was established by Regulation (EC) No. 1093/2010 of the European Parliament and EU Council; came into being on 1 January 2011;"— Presentation transcript:

0 W3C IG EBA PSD2 mandate on Strong Customer Authentication and Secure Communication Geoffroy Goffinet

1 The role of the EBA The EBA was established by Regulation (EC) No. 1093/2010 of the European Parliament and EU Council; came into being on 1 January 2011; took over all existing tasks and responsibilities from the Committee of European Banking Supervisors (CEBS); took on additional tasks, incl. consumer protection, the monitoring of financial innovation, and payments; is an independent authority; is accountable to the EU Parliament and Council; has as its highest governing body the EBA Board of Supervisors, comprising the Heads of the 28 national supervisors. 1

2 Output of the EBA to date
Since its creation in 2011, the EBA has issued more than 200 legal instruments, as well as more than 100 reports. 2011 2012 2013 2014 2015 Total Regulatory Technical Standards 1 39 22 15 77 Implementing Technical Standards 21 10 9 40 Guidelines 2 6 17 19 46 Opinions / Technical Advice 14 48 Published reports 12 26 23 34 111 Recommendations 4 Breach of Union Law investigations Mediations 5 7 Peer reviews 3 Warnings  0 Stress tests  1 2

3 PSD2 - Strong Authentication & Secure Communication EBA mandates and milestones
The PSD2 confers a mandate (art 98) on the EBA to develop in close cooperation with the ECB: the requirements of the strong customer authentication; the exemptions from the application of strong customer authentication; the requirements with which security measures have to comply in order to protect the confidentiality and the integrity of the payment service users’ personalised security credentials; and the requirements for common and secure open standards of communication for the purpose of identification, authentication, notification, and information, as well as for the implementation of security measures, between account servicing payment service providers, payment initiation service providers, account information service providers, payers, payees and other payment service providers. Joint CP to allow market participants to see the complete picture and provide meaningful responses

4 ? Strong Authentication & Secure Communication milestones
First publications on Dec 8th Entry into force + 12mths 13 Jan 2018 Sep 2018 Entry into force + 24mths = Application date of PSD2 (incl. all EBA mandates, except RTS SCA-CSC) Adoption of RTS by EU Commission (date tbc) Entry into force of RTS (RTS adoption + 18 months, i.e. not before Sep ) ? Entry into force of PSD 2 EBA deliverable: 8 Feb 2016 Jul-Sept 2016 (jointly with the ECB) Security Publication of DP RTS on Strong Authentication & Secure Communication Publication of CP ? 13 Jan 2016 13 Jan 2017 End of DP consultation Milestones for the RTS and ITSs 8 February 2016 – End of public consultation on the DP Q – Development of the requirements. Summer 2016 – Tentative publication of draft Consultation Paper on the draft RTS (3 months) End of CP – Jan 2017 – finalisation of draft RTS and submission to the EU Commission

5 Strong authentication and secure communication: finding a balance between competing demands
When developing the RTS on strong customer authentication & secure communication, EBA and ECB will have to make difficult trade-offs between competing demands. 3) Tough security standards vs. Facilitation of innovative industry solutions in the future (which may suggest a high degree of (which may suggest the opposite, i.e. high level prescription in the requirements to requirements that provide flexibility across firms & time); avoid circumvention of rules); 2) Tough security standards vs. Customer convenience (which may suggest that payment user (which may suggest the opposite, e.g. one-click payments); should be subject to several security and authentication steps); 1) High degree of interoperability vs. Flexibility for market participants between all ASPSPs and all PISPs/AISPs (which may suggest the opposite, i.e. high level (which may suggest one single standard/ requirements that in turn allow for different market protocol to be prescribed by the EBA); driven solutions);

6 Strong authentication and secure communication: finding a balance between competing demands (cont.)
Discussion Paper (DP) on the RTS on strong customer authentication and secure communication, EBA & ECB raise questions on five topics. The responses to the DP will be an input to the subsequent development of the RTS, on which EBA & ECB will consult in 2016Q2. Requirements for the strong customer authentication procedure; Exemptions to the application of strong customer authentication; Protection of the payment service users’ personalised security credentials; Requirements for common and secure open standards of communication; and Possible synergies with the regulation on electronic identification and trust services for electronic transactions in the internal market (e-Idas);

Download ppt "The role of the EBA The EBA was established by Regulation (EC) No. 1093/2010 of the European Parliament and EU Council; came into being on 1 January 2011;"

Similar presentations

The Benefits and Challenges of Implementation of Basel II in Europe José María Roldán | 27 Sept 2005.

The Benefits and Challenges of Implementation of Basel II in Europe José María Roldán | 27 Sept 2005.
EU Institutional Architecture for Financial Regulation – Constitutional Issues and Solutions Alexander Türk Dickson Poon School of Law, Centre of European.

EU Institutional Architecture for Financial Regulation – Constitutional Issues and Solutions Alexander Türk Dickson Poon School of Law, Centre of European.
Towards a Banking Union - Panel I: Are growth and stability compatible? - Steven Keuning Director General HR, Budget and Organisation 20 March 2013.

Towards a Banking Union - Panel I: Are growth and stability compatible? - Steven Keuning Director General HR, Budget and Organisation 20 March 2013.
Energy Proposal for a Council Directive amending Directive 2009/71/EURATOM establishing a Community framework for the nuclear safety of nuclear installations.

Energy Proposal for a Council Directive amending Directive 2009/71/EURATOM establishing a Community framework for the nuclear safety of nuclear installations.
VI Conference Payments and securities settlement systems National bank of Macedonia Ohrid, 07.2013 KIBS AD Skopje M. Sc. Paunkoski Nikola.

VI Conference Payments and securities settlement systems National bank of Macedonia Ohrid, KIBS AD Skopje M. Sc. Paunkoski Nikola.
Presentation of the ECB Framework Regulation Organisational aspects

Presentation of the ECB Framework Regulation Organisational aspects
The European Banking Authority

The European Banking Authority
 Safe and efficient payments, throughout Europe  The Single Euro Payments Area (SEPA) is a project to harmonise the way we make and process retail payments.

 Safe and efficient payments, throughout Europe  The Single Euro Payments Area (SEPA) is a project to harmonise the way we make and process retail payments.
European Commission Directorate-General for Energy and Transport n° 1 The Developing European Railways Committee Rules and working method Brussels, 20.

European Commission Directorate-General for Energy and Transport n° 1 The Developing European Railways Committee Rules and working method Brussels, 20.
Jose Braz, ERGEG Conference on Implementing the 3rd Package 11th December 2008 The Agency for the Cooperation of European Energy Regulators.

Jose Braz, ERGEG Conference on Implementing the 3rd Package 11th December 2008 The Agency for the Cooperation of European Energy Regulators.
Mark van Stiphout – DG TREN – C2 Internal market for electricity and gas The role of TSOs in the third package EUROPEAN COMMISSION GIE conference 7 May.

Mark van Stiphout – DG TREN – C2 Internal market for electricity and gas The role of TSOs in the third package EUROPEAN COMMISSION GIE conference 7 May.
Europol’s tailor-made data protection framework

Europol’s tailor-made data protection framework
The EU Supervision, Crisis Management and Resolution Authorities: New Supranational Powers and Constitutional Law Limits Jonathan Overett Somnier, Head.

The EU Supervision, Crisis Management and Resolution Authorities: New Supranational Powers and Constitutional Law Limits Jonathan Overett Somnier, Head.
XBRL AND BANKING SUPERVISION José María Roldán Director General of Regulation, Banco de España Chair, XBRL España Chair, Committee of European Banking.

XBRL AND BANKING SUPERVISION José María Roldán Director General of Regulation, Banco de España Chair, XBRL España Chair, Committee of European Banking.
The European Railway Agency in development

The European Railway Agency in development
From European to international standards on data protection (1/2)

From European to international standards on data protection (1/2)
Andreas Weller, Head of IT Roadmap for the implementation of the new COREP and FINREP in XBRL, 31 th May 2012.

Andreas Weller, Head of IT Roadmap for the implementation of the new COREP and FINREP in XBRL, 31 th May 2012.
XBRL as a tool for supervision Arnoud Vossen Chairman CEBS Expert Group on Financial Information.

XBRL as a tool for supervision Arnoud Vossen Chairman CEBS Expert Group on Financial Information.
IT security seminar Copenhagen, April 4th 2002 M. Jean-Michel HUBERT Chairman of the French Regulation Authority IRG Chairman.

IT security seminar Copenhagen, April 4th 2002 M. Jean-Michel HUBERT Chairman of the French Regulation Authority IRG Chairman.
European Ombudsman Access to environmental information Task Force on Access to Information Geneva, 4 December 2014.

European Ombudsman Access to environmental information Task Force on Access to Information Geneva, 4 December 2014.

Similar presentations

Ads by Google