EBA Pushes for a Synchronised Deadline for SCA Across Europe

Create a vendor selection project & run comparison reports
Click to express your interest in this report
Indication of coverage against your requirements
A subscription is required to activate this feature. Contact us for more info.
Celent have reviewed this profile and believe it to be accurate.
17 October 2019
Zilvinas Bareisis

As many of you know, the new PSD2 requirements for Strong Customer Authentication (SCA) were due to come into effect on September 14th. PSD2 requires applying strong two-factor authentication for in-scope payment transactions, which includes most remote commerce payments. However, as we outlined in our July 2019 report “Strong Customer Authentication in Europe: A Source of Differentiation for Payment Service Providers”, the industry was not ready. Had the requirements been strictly enforced from Day 1, the effects may have been devastating.

On June 21, the European Banking Authority (EBA) issued a statement recognising that the industry will struggle to meet September 14 deadline, and allowed National Competent Authorities (NCAs) “to work with PSPs and relevant stakeholders, including consumers and merchants, to provide limited additional time.” Most NCAs across Europe jumped at the opportunity. For example, in the UK, the Financial Conduct Authority (FCA) announced it would be working with the UK Finance to defer mandatory SCA for 18 months until March 2021. France announced a three-year migration plan, although they were expecting the majority of participants to be compliant after 15 months. Hungary went for 12 months, while many other regulators said they will delay enforcing the requirements without specifying the timeframes.

sign in or register to read more

Insight details

Industry or Business Focus
Insight Format
Blogs
Geographic Focus
EMEA