Publications and events

European regulators begin to signal implementation of EBA security guidelines

The European Banking Authority (EBA) published its final guidelines on the security of internet payments late last year (19 December 2014) with an implementation deadline of 1st August 2015. The guidelines are required to be implemented by payment service providers within this deadline, with an obligation to ‘make every effort’ to comply.

Member state competent authorities on the other hand are required to either comply or to explain a departure from the Guidelines and to notify their position to the EBA within 2 months of publication (of the Guidelines) in the official EU languages. This took place on the 5th of March, and so notification is required by the 5th of May.

We have set out below a list of member states that have notified compliance, and we have contacted others to enquire of their intentions.

In January, Denmark stated it will adopt the EBA Guidelines on 1 August 2015, and it was closely followed by Malta on the 23rd of January, which stated that it will be issuing a Banking Rule implementing the guidelines

In February, Luxembourg issued a circular confirming compliance, and the Dutch Central Bank similarly confirmed compliance by 1st of August.

Bafin, the German competent authority has recently completed a national consultation exercise and is expected to issue a final circular providing for a six-month transition period for compliance.

The Financial Services Commission in Gibraltar has recently confirmed their intention to comply with the EBA guidelines as well.

Significantly however the UK FCA have indicated that they will not be incorporating the obligations into their supervisory framework by the 1st of August deadline, as they are anticipating changes to IT security obligations that will be set out in the forthcoming PSD2. This is expected to reach political agreement next week at a meeting on the 5th of May, and adoption would then follow late in 2015, and implementation by mid-2017.

The FCA’s view is that the objectives are desirable, but the changes to IT security systems will soon be eclipsed by new obligations – within two years or so. The implication is that firms should not have to adopt standards that require changes to their systems, when new standards are anticipated within a short period of time. Given the time it takes small and large organizations to implement IT projects, this appears to be is a helpful position.

It is not clear what approach will be taken by other member state competent authorities; whether they will enforce against firms that delay implementation, or how they will police compliance.

[Update 18 May 2015]
The EMA has seen further responses from Austria, Finland, Latvia, Lithuania, Slovenia, Spain and Sweden all broadly indicating the intention to adopt the guidelines but with some caveats.

[Update 22 May 2015] The European Banking Authority (EBA) has now made public a compliance table (.pdf)  summarising the responses it received from EU and EEA member states.

European regulators begin to signal implementation of EBA security guidelines Read More »

Final EMA response to FCA consultation on complaint handling

The EMA welcomes the opportunity to respond to FCA’s consultation, ‘Improving Complaints Handling’ CP 14/30. The response below addresses the questions that are of particular concern to EMA members: Question 3 on the summary resolution communication, Question 8 on the use of premium rate telephone numbers, and Question 20 on the cost benefit analysis.

13 March 2015     Final EMA response to FCA consultation on complaint handling

Final EMA response to FCA consultation on complaint handling Read More »

Thaer Sabri was a speaker at the Russian Retail Banking Forum 2015

Retail-Banking-500x250-E-with-discount

 Dr Thaer Sabri, EMA CEO was representing the EMA in a debate about the impact of new market entrants.

 

http://www.retail-finance-russia.com/AS2363EMAh

Subject: Retail banking leaders met again at the 13th annual Adam Smith Conferences’ Forum. 

Now more than ever it is important to gather and brainstorm the how and what to do in the current economic situation.

  • How are banks’ strategies changing, and how have they changed already due to geopolitics, sanctions and the economic uncertainty?
  • Which client segments will grow? and Which product has the most potential?
  • How to cut costs but at the same time build the life-long partnerships with clients and their families?
  • What new cost-cutting solutions must banks implement to remain profitable and to resist external macroeconomic shocks?
  • How to build life-long partnerships with clients and their families?

These were the questions on top of Russian Retail Banking Forums’ agenda.

Dr Thaer Sabri, the EMA Chief Executive was a speaker at the Russian Retail Banking Forum and did present the hot topic: “EU model of evolving industry and regulation – which key provisions have enabled business and changed the landscape?”

 

THREE UNMISSABLE FEATURES OF 2015 FORUM:

  • ROUNDTABLES with the industry leaders join the leading bank CEOs at a roundtable in the audience and learn how they are adapting to crisis environment, maintaining revenue growth and growing customer base
  • NEW TOPIC Business Optimisation Summit Learn how to introduce a retail division with the aim of optimising the entire business
  • HOT TOPIC: Digital strategy of the bank. On stage discussion with most popular on-line banks in Russia including Svyatoslav Ostrovskiy, Director, Bank XXI, Sberbank

Last year the Forum was attended by 250+ executives from:
ACI Worldwide CIS ● Alfa Bank ● Absolut Bank ● Alico ● Bank of Moscow ● BelGazPromBank ● Companion ● Credit Europe Bank ● Delta Bank ● Equifax Credit Services ● Eurogiro ● Gazprombank ● Google Ireland Ltd ● Home Credit & Finance Bank ● Investtorgbank ● KIT Finance Investment Bank ● MTS Bank ● Petrocommerce Bank ● Perm Financial & Investment Group ● Promsvayzbank ● Rosbank ● Rossgosstrakh ● Saint Petersburg Bank ● Sberbank ● Sovcombank ● Svyaz Bank ● Temirbank ● Toyota Bank ● UBRD ● Universal Electronic Card ● Uraltransbank ●  VISA Payment Systems ● Vostochny Express Bank ● VTB24 ● Wallet One ● Western Union ● Zapadny Bank ● Zenit Bank

 

Thaer Sabri was a speaker at the Russian Retail Banking Forum 2015 Read More »

EMA response to EBA’s consultation on the implementation of draft EBA Guidelines

EMA responsed to EBA’s consultation

EMA response to the EBA’s consultation EBA/CP/2014/31 on the implementation of draft EBA Guidelines on the security of internet payments prior to the transposition of the revised Payment Services Directive (“PSD2”)

17 November 2014, EMA response to EBA consultation

EMA response to EBA’s consultation on the implementation of draft EBA Guidelines Read More »

EBA concerns over anonymity and IT security at bitcoin conference

Amsterdam recently hosted the Bitcoin 2014 conference, which included a session on anti-money laundering on transparent networks. Dirk Haubrich of the European Banking Authority (EBA) outlined some concerns that the EBA has on digital currencies generally, including bitcoin.

Haubrich said that the EBA is concerned about: …

EBA concerns over anonymity and IT security at bitcoin conferenceRead More »

EBA concerns over anonymity and IT security at bitcoin conference Read More »