Response to consultation on the Technical Standards on the EBA Register under PSD2

Go back

Question 1: Do you agree with the option the EBA has chosen regarding the transmission of information by NCAs to the EBA? If not, please provide your reasoning

GLEIF will not provide a response to this question.

Question 2: Do you agree with the proposed criteria and functionalities related to the search of information in the EBA Register? If not, please provide your reasoning.

GLEIF will not provide a response to this question.

Question 3: Do you agree with the proposed non-functional requirements related to the operation of the EBA Register? If not, please provide your reasoning.

GLEIF will not provide a response to this question.

Question 4: Do you agree with the way how the EBA proposes to fulfil the mandate in terms of the natural and legal persons that will need to be included in the future EBA Register? If not, please provide your reasoning.

GLEIF will not provide a response to this question.

Question 5: Do you agree with the option the EBA has chosen regarding the detail of information for the natural and legal persons that will be contained in the future EBA Register? If not, please provide your reasoning.

GLEIF would like to thank the EBA for the opportunity to comment and provide feedback on how the Legal Entity Identifier (LEI) could be useful and effective in the implementation and ongoing operation of the Payment Services Directive 2 (PSD2).

Two areas of requirements that are set out in the consultation paper especially are relevant for leveraging the LEI. These are:

- the provision of information by CAs to the EBA and the validation of that information;
- the responsibilities of the EBA related to the management and maintenance of the EBA
register
Under PSD 2, the EBA can include in its register only information provided by the National Competent Authorities included in their national public registers. The EBA states in the consultation that the information provided by the EU competent authorities will vary widely due to the national practices among competent authorities that differ significantly and that information is not consistently collected by the competent authorities or published in the national public registers.

However, there are a core set of data elements that are common to all of the payment provider types required to be included in the PSD2 register:

Name of the entity
Address of the Head Office
Country using ISO 2-digit county codes
City
Address
Post code
National Identifier

A similar data set will be collected for branches of three types of payment provider types – payment institutions, electronic money institutions, account information service providers:

Name of the branch of the entity in the host member state
Address of the branch in the host member state
Country using ISO 2-digit county codes
City
Address
Post code

This above information on all payment provider types that are legal entities, as well as for branches operating in host countries, could be sourced from the Global LEI System (GLEIS), freely and publicly available. This information on each entity is validated upon LEI registration with established processes for maintaining and updating information for legal entities and branches, to satisfy the requirements mentioned above of validation of the information and management and maintenance of the EBA register.

The key to this would be though for the National Competent Authorities to adopt the LEI and include the LEI in their national public registers due to the requirement that the EBA can include in its register only information provided by the National Competent Authorities included in their national public registers. If both the EBA and the National Competent Authorities used the LEI to identify all payment provider types, there would not be the need to transmit the above information for each entity by the National Competent Authorities to the EBA for entry into the EBA register.

This would apply to both payment service providers that are legal entities as well as payment service providers that are not. LEIs are able to be assigned to individuals acting in a business capacity, thus covering payment service providers that are not legal entities and ensuring that uniform identification of payment service providers fully can be ascertained.

Branches and subsidiaries of non-EU firms, if licensed, also can provide payment services and such entities very often also offer cross-border money transfer. In case of such payment services providers, the use of the LEI could provide relevant complementing information about the relationships of these branches and subsidiaries with their foreign parent institutions.

The LEI would be the only reference needed to be able to point to the most current validated information for these legal entities in the GLEIS. Access to the detailed information on each legal entity could be accomplished through implementation of standard APIs from the EBA register to the GLEIS, which also would be available to the public. The transmission of information from the National Competent Authorities to the EBA could concentrate on information about these entities that is specific to PSD2, such as the services that the entity is authorized to perform, in which locations and the authorization status of each entity. There also would be no duplicate submission of the same reference data by multiple National Competent Authorities. This is an important factor in maintaining the data quality of the EBA register whether the transmission of the information is by automated means, or more critically, subject to input errors for manual transmissions. Although elements in addition to the data elements contained in the LEI data record must be collected, nonetheless, the application of LEI still could simplify the provision of required information.

Most payment service providers within the scope of PSD2 also must possess LEIs according to MiFID II provisions starting from 3rd January 2018 and must regularly renew their LEIs. Hence, the leveraging of the LEI to identify payment service providers as well for PD2 would not impose an additional burden on these payment service providers.

Further, the design of the LEI, in which the code itself is persistent and the updates and maintenance is performed only on the related reference data, is relevant to PSD2 past the management and maintenance of the EBA register and the registers of the National Competent Authorities. The persistence of the LEI code would ensure compliance with the use of digital certificates according to the eiDAS framework, as the eiDAS technical specification already includes a tag for the LEI to be embedded within certificates and seals, to support identify validation and management for PSD2.

The use of the LEI within digital certificates will allow for the first time a persistent global identification code to be present in digital certificates. Validated reference data for each LEI will continue to be updated and maintained according to the requirements of the GLEIS. Digital certificates will continue to expire and new certificates will need to be issued and there could be multiple occurrences. This puts a management burden on the regulators and private sector firms to chain and trace the certificates over time. With the presence of the LEI in each digital certificate, this would be resolved and for the first time successively issued digital certificates will be able to be linked to each other and to the entities that they identify.

These are important considerations and features for a regulation that is founded on clear and consistent identification and validation across the EU member states for the protection of those using the payment provider types in the EU.

Finally, for agents that provide the whole set of payment services for which the respective payment service provider is authorized or registered, there would be the potential for standard identifier to be assigned to financial professionals who are natural persons and therefore, not eligible to be assigned LEIs. PSD2 is not alone in needing to identify these financial professionals as natural persons as a similar requirement is seen with the ESMA implementation of MiFID II, offering the opportunity to solve this requirement as well in a standard way.

Question 6: Do you agree with the EBA that the contact details, dates of authorisation/registration, and the services provided in the Host Member States, should not be included in the EBA register? If not, please provide your reasoning, which should also include the benefits for payment service users and other interested parties of having this information in the EBA Register.

GLEIF will not provide a response to this question.

Question 7: Do you agree with the extension of the information for the service providers excluded from the scope of the PSD2 that will be entered in the EBA register? If not, please provide your reasoning.

GLEIF will not provide a response to this question.

Question 8: Do you agree with the scope of the information on agents of payment institutions, exempted payment institutions, account information service providers, electronic money institutions and exempted electronic money institutions to be included in the EBA register? If not, please provide your reasoning.

GLEIF will not provide a response to this question.

Please select which category best describes you and/or your organisation

[Other "]"

If you selected "Other", please provide details

Swiss non-profit foundation

Name of organisation

Global Legal Entity Identifier Foundation (GLEIF)