The European Banking Authority (EBA) has adopted a set of regulatory technical standards ‘for strong customer authentication[,] and common and secure open standards of communication,’ and sent them to the European Parliament and Council for scrutiny. The Parliament and Council have until 27 February 2018 to consider the RTS, although they can extend the scrutiny period until 27 May 2018, if they wish. Unless the Parliament and Council object, which is possible but unlikely, the RTS will be published in the Official Journal of the European Union and come into force the following day. Banks, payment initiation service providers (‘PISPs’) and account information service providers (‘AISPs’) established in the European Union will be obliged to comply with the RTS 18 months after that. Because that is likely to fall in the Brexit transition period (if there is one), banks, PISPs and AISPs established in the UK may also be obliged to comply with the RTS, even if it is only for a short while.
If you are a registered user, please click here to read the full article.