Primary tabs

Unknown

Yes, there should not be any exemption and if there is finally an exemption, banks and other actors should let the possibility for the user to choose to be exempted or not (on an opt-out policy). You regulators should not bend before financial institution given the amount of cybersecurity incident that could and are being avoided with MFA.
Yes, this should not be extended, and if it is extended it should be configurable by the customer
No
consumers and consumers' associations
Unknown