Skip to main content
Response to consultation paper on the draft revised Guidelines on major incident reporting under PSD2
Go backQ1. Do you agree with the change proposed in Guideline 1.4 to the absolute amount threshold of the criteria ‘Transactions affected’ in the higher impact level?
We propose the change of the lower impact level - transactions affected from >10% to >20%, because we rapidly affect 10% of the services when a service is fully not functional.
Q2. Do you agree with the changes proposed in Guideline 1.4 to the assessment of the criteria ‘Transactions affected’ and ‘Payment service users affected’ in the lower impact level, including the introduction of the condition that the operational incidents must have a duration longer than one hour?
Regarding the duration, we propose to increase from 1 hour to 1.5 hours.Q3. Do you agree with the inclusion of the new criterion ‘Breach of security measures’ in Guidelines 1.2, 1.3 and 1.4?
Yes.Q4. Do you agree with the proposed changes to the Guidelines aimed at addressing the deficiencies in the reporting process?
Yes.Q5. Do you support the introduction of a standardised file for submission of incident reports from payment service providers to national competent authorities? If so, what type of structured file format would you support (e.g. “MS Excel”, “xbrl”, “xml”) and why?
Yes. Rather than choosing a format, we would opt for an application. In any case, if an application is not possible, MS Excel.Q6. Do you agree with the proposed changes to Guidelines 2.4, 2.7, 2.12, 2.14, and 2.18 that are aimed at simplifying the process of reporting major incidents under PSD2?
Yes.Q7. Do you agree with the proposed changes to the templates in the Annex to the Guidelines?
Yes.Name of the organization
UniCredit Bank S.A.