EBA adopts decision on reporting of payment fraud data under the revised Payment Services Directive

The European Banking Authority (EBA) has adopted a decision on the reporting by competent authorities of payment fraud data under the Payment Services Directive (PSD2).  Competent authorities shall report to the EBA the payment fraud data under the PSD2, as specified in the EBA Guidelines on fraud reporting, via the European Centralised Infrastructure of Data (EUCLID) and according to the EBA Data Point Model (DPM).

This Decision allows the establishment of a streamlined workflow arrangement whereby the European Central Bank, on behalf of the relevant competent authorities, could submit data in line with the specifications set out in the EUCLID Decision.

Background

In accordance with Article 96(6) of PSD2, payment service providers are required to report statistical data on fraud relating to different means of payment to their competent authorities. Competent authorities are required in turn to provide the EBA and the ECB with such data in aggregated form. The EBA Guidelines on fraud reporting, which were published in 2018 and apply as of  January 2019, specify the payment fraud data that should be reported under the PSD2. Under the Guidelines, competent authorities are required to send aggregate data to the EBA and the ECB within six months from the day after the end of the reporting period.