We are the B2B client of a TPP: collecting banking data through AISP’s services is critical to us in order to provide our cash-management services to our customers (who are SMEs). Our customers therefore need us to continuously gather their data live without their constant intervention.
We do agree that the timeline to renew SCA must be extended, and we think this extension should be much longer than the 180 days proposed. In our opinion, this timeline should be ideally more than a year. As DPS2 connections can be revoked from the banking interface of our customers, a good reminder system embedded directly in the banking interfaces of our clients should prevent any abusive data collection.
On one hand, our customers simply do not understand why they are being asked to renew their SCA and often complain to us that they do not feel the need or the use for it.
They do not understand this burden: they do want to be exempted from doing so and see this requirement as a genuine obstacle to the adoption of our services (and therefore meaning those of the AISP). As our specific business case include three-party relationships with business executives and accouting professionals, the steady the data collection process, the more likely our service is to be adopted.
On the other hand, we have never received any complaints for fraud cases from our customers and never had any case of fraud. We would therefore suggest to maintain the principle of this extension, and would strongly advise to make it more than one year.