Search for Q&As Submit a question

List of Q&As

Scope of the corporate SCA exemption.

Does the corporate SCA exemption apply only if the payer initiates (and transmits) payments directly to their ASPSP and not for payments transmitted via a 3rd party service provider (i.e. a PISP)?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2019_4693| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 02/05/2019

"Authorisation number" in eIDAS certificates

There are two possible interpretations of the Regulation (EU) 2018/389 (RTS) Article 34 paragraph (2) in the case of payment service providers registered in Member State “A”:1) The authorisation number is the number of the resolution of the NCA (or its predecessor in title) authorising the provision of payment services for the specific PSP, which is not the same as the Registration number appearing in the NCA’s public register.2) The authorisation number is the Registration number appearing in the NCA’s public register (which is a reference number formed based on the VAT number).Please clarify whether interpretation 2) above is in line with the requirements of the RTS? Please clarify whether the 8-digit Registration number (based on the VAT number) appearing in the NCA’s public register, and appearing as “National Identification Number” in the EBA PSD2 register or as “National Reference” in the EBA credit institution register can be used as the “authorisation number” in eIDAS certificates?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2019_4679| Topic: Central register of the EBA| Date of submission: 23/04/2019

Requirement on the use of a Qualified Certificate for Electronic Seals (QSealC) for integrity and authenticity

Please clarify  whether in the EBA’s Opinion on the use of eIDAS under the RTS on SCA and CSC, under Paragraph 11, Qualified Electronic Seals employing a Qualified Seal creation Device are required to provide integrity and authenticity through the reference to Article 35(2) of Regulation (EU) No 910/2014?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2019_4586| Topic: Other topics| Date of submission: 28/02/2019

Qualified certificate under eIDAS for ASPSP

Is it required for an Account Servicing Payment Service Provider (ASPSP) to use qualified certificates under eIDAS to identify itself to a Third Party Provider (TPP)?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2018_4413| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 10/12/2018

Secure corporate payment processes and protocols

Are USB drives (containing a certificate) used only by corporate clients compatible with RTS requirements?Can USB drives be considered as payment processes exempted from strong customer authentication ?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2018_4400| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 04/12/2018

ASPSP providing updated payment status to PISP

Are account servicing payment service providers (ASPSPs) required to provide information on the initiation and execution of the payment transaction, including updates, in order for a payment initiation service provider (PISP) to comply with Article 46(a) PSD2 and pursuant to Article 36(1)(b) RTS?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2019_4601| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 11/03/2019

Applicability of SCA to electronically processed SEPA Direct Debits / Interpretation of EBA Q&A 2018_4359

Are mandates for direct debits which are set up without direct involvement of the payer’s PSP subject to SCA requirements?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2019_4664| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 10/04/2019

Currency conversion of the EUR thresholds contained in the RTS

May payment service providers (PSPs) and card schemes set rounded and easily understandable non-EUR currency equivalents for the EUR thresholds set out in the RTS?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2018_4040| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 28/06/2018

Testing eIDAS certificates before 14 September 2019

How can Third Party Providers (TPPs) and Account servicing payment service providers (ASPSPs) test their interfaces using PSD2 eIDAS-certificates during the testing period prior to September 2019 as it is only mandatory to use PSD2 eIDAS certificates from September 2019 onwards?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2018_4138| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 18/07/2018

Application of Transaction Risk Analysis (TRA) exemption – Real time risk analysis / monitoring

Is it acceptable if a payment service provider (PSP) looking to apply the TRA exemption makes a best effort using the information available to them to identify that none of the six individual factors mentioned in Article 18(2)(c) of the Commission Delegated Regulation 2018/389 are applicable, but does not have to actually identify non-applicability of all of these factors to be able to use the TRA exemption? 

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2018_4127| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 17/07/2018

Exemption for secure corporate payment processes and protocols

May lodged and virtual cards benefit from the exemption for secure corporate payment processes and protocols under Article 17 RTS?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2018_4060| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 28/06/2018

Transaction Risk Analysis (TRA) exemption – Frequency of recalculation of fraud rate

Should the fraud rate, in accordance with Article 19 of the RTS, be recalculated every day using the trailing 90 days of data, or should it be recalculated once every 90 days (using the trailing 90 days of data)? If the fraud rate should be recalculated once every 90 days (using the trailing 90 days of data), can the calculation periods be aligned with calendar quarters? (e.g. the fraud rate for use during Q1 2020 (01-Jan-20 to 31-Mar-20) would be based on fraud data for Q4 2019 (01-Oct-19 to 31-Dec-19).

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2018_4045| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 28/06/2018

Validation rule v1088_m

Validation rule v1088_m verifies that the amount entered in F01.01 row 280, column 010 (Property, Plant and Equipment in the Balance Sheet Statement) should be equal or larger than the amount entered in F13.02 row 020, column 010 (Property, Plant and Equipment obtained by taking possession during the period). This validation rule implies that collateral obtained in the form (nature) of Property, Plant and Equipment is classified in the Balance Sheet Statement as Property, Plant and Equipment. We believe in most cases the collateral obtained by taking possession will be classified as either held for sale (based on IFRS 5.6 and meeting the requirements from IFRS 5.7) or as “other assets” (based on meeting the conditions of IFRS 5.6, but not IFRS 5.7 (plan for immediate sale in present condition and sale being highly probable)) and thereby will be reported in either F01.01 row 370, column 010 or F01.01 row 360, column 010. We therefore question whether the current validation rule is appropriate.

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2019_4464| Topic: Supervisory reporting| Date of submission: 17/01/2019

Securitisations reporting in C 09.04 for v 2.8

How should the securitisations under the new framework be reported in template C 09.04 in v 2.8?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2018_4408| Topic: Supervisory reporting| Date of submission: 06/12/2018

Reverse repos (Reverse Repurchase Agreements) in AE-Assets Encumbrance

RE 680/2014, Annex XVI, § 2.1.1.14 (b) deals with Repos / Matching (or Reverse) Repos in the AE-Assets Encumbrance reporting. Questions : 1)where must be reported in AE-ASS (F32.01) and by impact in AE-ADV1 (F36.01) the cash received by the reporting institution from its Reverse Repos ? because it should be registered among the Encumbered Assets whereas the (iv), taken over below in Background section doesn’t evoke the treatment for the carrying amount, contrary of Repos in the paragraph (iii). 2) the paragraph (iv) of the mentioned article indicates that the fair value of the collateral of reverse repurchase is reported including AE-SOU (F32.04), r050, c030 and 040 : is c030 provided for Reverse Repos and c040 for Reverse Repos regiven in Repos ?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2018_4372| Topic: Supervisory reporting| Date of submission: 14/11/2018

Validation rule v0853_m - Framework release 2.8

In tables F10.00 and F11.01 should the notional amount of derivatives be reported if the fair value is equal to zero?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2018_4355| Topic: Supervisory reporting| Date of submission: 01/11/2018

Finrep Locom valued debt instruments: Could it be that "Accumulated negative value adjustments on LOCOM assets - credit risk induced" should be presented under accumalated impairment and not under "Accumulated negative changes in fair value due to credit risk on non-performing exposures"

Could it be that the following validation rules 5319_m until v5331_m are not correct for LOCOM valuated debt instruments.

COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

ID: 2018_4336| Topic: Supervisory reporting| Date of submission: 23/10/2018

Finrep Solo GAAP: The following validation rules v5476_m until v5489_m are missing the column"Accumulated negative value adjustments on LOCOM assets - credit risk induced"

Dear Could it be that the the column "Accumulated negative value adjustments on LOCOM assets - credit risk induced" is missing in the validation rules from v5476_m until v5489_m?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2018_4335| Topic: Supervisory reporting| Date of submission: 23/10/2018

Difference in reporting requirements for C71 as per the EBA Annotated Reports and ITS Monitoring Metrics

There is some confusion in relation to two documents provided by the EBA on the ITS Supervisory Reporting website. In regards to the C 71.00 report, on the Annoted Report (see screenshot attached) it is shown clearly that the counterparty should not include "Central Banks" - but tat the same time in the ITS document also provided by the EBA (unable to attach more than one attachment for reference) for C 7.001, they mention clearly that "Central Banks" should be included in the Issuer/Counterparty Sector.

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2018_4217| Topic: Supervisory reporting| Date of submission: 24/08/2018

Accumulated other comprehensive income in template C.01.00

Is the accumulated other comprehensive income in template C.01.00 the same amount than in row 090 in F.01.03? Is row 280 in F.01.03 also taken into account?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2018_4116| Topic: Supervisory reporting| Date of submission: 16/07/2018

PDF