UK FCA Phased Payment Security
On Aug. 13, UK FCA agreed plan re strong customer authentication.
- FCA agreed a plan for phased implementation of strong customer authentication (SCA) with e-commerce industry of card issuers, payments firms and online retailers.
- Follows UK FCA Dec. 2018 proposed RTS for authentication of customers, see #50915.
- Follows EBA Jun. 2019 issued opinion on strong customer authentication, see #61767.
- New EU rules, SCA, impacting way in which banks/payment services providers (PSPs) verify customer identity, validate specific payment instructions, will soon be applicable.
- Intended to enhance payments security and limit fraud, the FCA phased plan gives payments and e-commerce industry extra time i.e. 18-month to implement SCA in UK.
- Aligned with EBA opinion stating that more time is needed to implement SCA due to requirements complexity, lack of preparedness and significant impact on consumers.
- FCA Enforcement Post-EU Deadline
- No enforcement action if firms do not meet Sep. 14, 2019 deadline in areas covered by the plan, if evidence proves they took all necessary steps to comply with the plan.
- By end 18-months, expect necessary changes made, testing undertaken by all firms.
- FCA will monitor banks and PSPs developments regarding impact of SCA on different consumer groups, expects provision of alternative means of authentication, if needed.
- Aug. 2019 UK Finance Response
- On Aug. 13, UK FB issued statement re FCA SCA implementation plan, see #63847.
||Bank; BS; Corp; MSB
||PR, 8/13/2019; EBA-Op-2019-06; PSD Dir 2015/2366; Fintech
||Complaints; Compliance; Financial; Legal; Operations; Privacy; Product; Reporting; Risk; Settlement; Technology; Treasury
||Banking; Cards; Corporate; Deposits; Payments
Last substantive update on 08/13/2019