On 23 February the EBA published the final draft of the Regulatory Technical Standards (RTS) on strong customer authentication and secure communication under PSD2 (the revised Payment Services Directive). During the consultation period 224 responses to the EBA's questions were submitted by a wide and representative group of stakeholders. Once EBA reviewed the responses, three key issue areas were identified:

  • scope and technological neutrality of the requirements
  • exemptions, including scope, thresholds and the addition of an exemption for low risk transactions based on TRA (transaction risk analysis)
  • access to payment accounts by third party providers and requirements concerning the information communicated

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.