Response to consultation on the Technical Standards on the EBA Register under PSD2
Go back
The stipulated time frame of one day is not suitable for a quick and fast process and does not allow in-time display of register information. A collection on a daily basis instead of on an hourly basis can lead to processing a huge amount of transactions of banned payment service providers.
A central imperative of digital banking services is the performance of these services 24/7 and in real time. The option chosen, however, forces xs2a-obliged ASPSPs to rely on several national registers instead of a centralised one, which creates an unnecessary burden by needing additional time for decentralised register checks and correlation which will cause additional costs.
Another point that we would like to point out is the risk of human error that is inherent in all manual review processes and that could be avoided by means of full automation.
Therefore figo strongly recommends to reconsider the options and propose to opt for an approach that aims for automation and centralisation. As a minimum we would strongly recommend to explicitly mention full automation as a goal for further improvements and ideally set a time span in which the register needs to be fully automated.
Furthermore to assist the technical identification of payment service providers the used IP addresses for provisioning of the service would be helpful.
Question 1: Do you agree with the option the EBA has chosen regarding the transmission of information by NCAs to the EBA? If not, please provide your reasoning
The option that was chosen by EBA is, from a figo point of view, not feasible.The stipulated time frame of one day is not suitable for a quick and fast process and does not allow in-time display of register information. A collection on a daily basis instead of on an hourly basis can lead to processing a huge amount of transactions of banned payment service providers.
A central imperative of digital banking services is the performance of these services 24/7 and in real time. The option chosen, however, forces xs2a-obliged ASPSPs to rely on several national registers instead of a centralised one, which creates an unnecessary burden by needing additional time for decentralised register checks and correlation which will cause additional costs.
Another point that we would like to point out is the risk of human error that is inherent in all manual review processes and that could be avoided by means of full automation.
Therefore figo strongly recommends to reconsider the options and propose to opt for an approach that aims for automation and centralisation. As a minimum we would strongly recommend to explicitly mention full automation as a goal for further improvements and ideally set a time span in which the register needs to be fully automated.
Question 2: Do you agree with the proposed criteria and functionalities related to the search of information in the EBA Register? If not, please provide your reasoning.
figo agrees with the proposed criteria and functionalities related to the search of information in the EBA register. figo recommends to add the criteria “brand name” and “date of authorisation” to enable a faster search. Both information will help to find the right payment service provider.Question 3: Do you agree with the proposed non-functional requirements related to the operation of the EBA Register? If not, please provide your reasoning.
figo agrees with the proposed non-functional requirements related to the operation of EBA register. figo recommends to define availability more precise, e.g. by providing percentages.. Furthermore contact information in case of potential incidents should be available in order to address issues with the EBA register. Furthermore only locations within the EU should be eligible for the processing and storage of information.Question 4: Do you agree with the way how the EBA proposes to fulfil the mandate in terms of the natural and legal persons that will need to be included in the future EBA Register? If not, please provide your reasoning.
figo agrees with the way how the EBA proposes to fulfil the mandate in terms of the natural and legal persons that will need to be included in the future EBA register. figo recommends to introduce an EU wide SCA and CSC verification service (maybe with help of ENISA) to establish a central point of trust for all TPPs.Question 5: Do you agree with the option the EBA has chosen regarding the detail of information for the natural and legal persons that will be contained in the future EBA Register? If not, please provide your reasoning.
figo agrees with the option the EBA has chosen regarding the detail of information for the natural and legal persons that will be contained in the future EBA register.Question 6: Do you agree with the EBA that the contact details, dates of authorisation/registration, and the services provided in the Host Member States, should not be included in the EBA register? If not, please provide your reasoning, which should also include the benefits for payment service users and other interested parties of having this information in the EBA Register.
figo does not agree with the EBA. This is due to the fact that contact details are necessary for ASPSPs to be able to get in touch with TPPs in the case of an incident. It would especially be important to make the contact details available in the register because according to PSD2 a contractual relationship between TPP and ASPSP is not necessary. Therefore we believe that the register would be the best option for ASPSPs to be provided with trustworthy contact details.Furthermore to assist the technical identification of payment service providers the used IP addresses for provisioning of the service would be helpful.