Response to public hearing on the Consultation paper on the amendment of the RTS on SCA&CSC under PSD2
Go back
We also believe that the fact that this extended timeline is applicable to existing accesses previously consented by the PSU before the implementation date shall be clarified. The exemption is written in a way where 180 days (or 365+) must have lapse before the ASPSP could enforce a SCA, not in a way where the consent is “valid” for a defined amount of time.
Q1. Do you have any comments on the proposal to introduce a new mandatory exemption for the case when the information is accessed through an AISP and the proposed amendments to Article 10 exemption?
We totally agree and welcome this mandatory exemption. This proposal is critical to the competitiveness of our services and to ensure the level playing field between all market players offering these account information services. It is also very important that this applies to all PSU not only to consumers.Q2. Do you have any comments on the proposal to extend the timeline for the renewal of SCA to 180-days?
We totally agree that the timeline must be extended. We would have appreciated a longer period of 1 year for instance. Since we have more than 10 years of experience on AIS services and fraud scenarios, we believe that 6 month or 1 year won’t change anything from a fraud point of view. On the other hand it makes a big difference on service adoption and user experience.Q3. Do you have any comments on the proposed 6-month implementation timeline, and the requirement for ASPSPs to make available the relevant changes to the technical specifications of their interfaces not less than one month before such changes are required to be implemented?
This implementation period has to be strictly respected by ASPSP. So far, AISP have been exposed to numerous transition extension periods that have negatively impacted their services (2 years so far). This 6 months timeline means reasonably almost the end of 2022 for Account Information Services Providers to give it the benefit to their users.We also believe that the fact that this extended timeline is applicable to existing accesses previously consented by the PSU before the implementation date shall be clarified. The exemption is written in a way where 180 days (or 365+) must have lapse before the ASPSP could enforce a SCA, not in a way where the consent is “valid” for a defined amount of time.