Interactive Single Rulebook

The Interactive Single Rulebook is an on-line tool that provides a comprehensive compendium of  the level 1 text for the Capital Requirements Regulation (CRR) and the Capital Requirements Directive (CRD IV); Bank Recovery and Resolution Directive (BRRD); the Deposit Guarantee Schemes Directive (DGSD); and the Payments Services Directive (PSD2)  the corresponding technical standards developed by the European Banking Authority (EBA) and adopted by the European Commission (RTS and ITS), as well as the EBA Guidelines and related Q&As.
The purpose of the Single Rulebook is to ensure the consistent application of the regulatory banking framework across the EU.
This Interactive Single Rulebook is meant purely as a documentation tool and the EBA does not assume any liability for its contents. For the authentic version of EU legislation users should refer to the Official Journal of the European Union.
Please click on the relevant legislative text to see technical standards, guidelines and Q&As relating to each Article.

« Back

Interactive Single Rulebook

Path Payment Services Directive > TITLE IV > CHAPTER 5 > Article 96 (Copy link to article)
Title Article 96
Description Incident reporting
Main content

1. In the case of a major operational or security incident, payment service providers shall, without undue delay, notify the competent authority in the home Member State of the payment service provider.

Where the incident has or may have an impact on the financial interests of its payment service users, the payment service provider shall, without undue delay, inform its payment service users of the incident and of all measures that they can take to mitigate the adverse effects of the incident.

2. Upon receipt of the notification referred to in paragraph 1, the competent authority of the home Member State shall, without undue delay, provide the relevant details of the incident to EBA and to the ECB. That competent authority shall, after assessing the relevance of the incident to relevant authorities of that Member State, notify them accordingly.

EBA and the ECB shall, in cooperation with the competent authority of the home Member State, assess the relevance of the incident to other relevant Union and national authorities and shall notify them accordingly. The ECB shall notify the members of the European System of Central Banks on issues relevant to the payment system.

On the basis of that notification, the competent authorities shall, where appropriate, take all of the necessary measures to protect the immediate safety of the financial system.

4. EBA shall, in close cooperation with the ECB, review the guidelines referred to in paragraph 3 on a regular basis and in any event at least every 2 years.

5. While issuing and reviewing the guidelines referred to in paragraph 3, EBA shall take into account standards and/or specifications developed and published by the European Union Agency for Network and Information Security for sectors pursuing activities other than payment service provision.