Response to consultation on the Technical Standards on the EBA Register under PSD2

Go back

Question 1: Do you agree with the option the EBA has chosen regarding the transmission of information by NCAs to the EBA? If not, please provide your reasoning

General comments:

Finance Norway recognises that the EBA is mandated by PSD2 to develop, operate and maintain an electronic register for competent authorities to report information and set technical requirements on development, operation and maintenance. However, further guidance to the functionalities of the register is not assigned to the EBA. In our view, with the objective of PSD2 in mind, the register should be easily accessible, automatic and complete.

The purpose of PSD2 is to create an open and fair competitive ground in the EU/EEA for payment services, requiring ASPSPs to, if requested, make customers payment accounts available for third party providers. For a secure communication with TPPs, easy access to information regarding TPPs should be accessible without having to depend on various sources to retrieve information on TPPs. Therefore, the register need to be automated, available real-time, legally-binding, accurate and openly available to all stakeholders.

In support of the above, the EBA register should serve as an electronic central point of trust for all parties for the following use-cases:
- PSU’s for searching information about a specific PSP
- TSP’s for issuing qualified certificates
- ASPSP’s for verification of status of a TPP

The EBA Register, as described in the Consultation paper will only partly serve these purposes. Finance Norway strongly urge the EBA to consider the register to also serve these purposes to achieve the objectives of the directive and provide real value to the payment service community.

Question 1:

After assessing the listed options, Finance Norway finds Option c) An automated approach, as favourable and Option b) A semi-automated approach, to be a minimum requirement. Option a) a manual approach, should only be used as a fall-back solution if an automated entry into the register is unavailable.

The EBA suggests in the consultation paper, rationale 15, that the EBA register is updated “a day” after the information is updated in the national register of the competent authorities. Additionally, article 10 also refer to “a day” for processing batch files. Articles 11 (6) and 16 (2) however, refer to “business day(s).” We urge the EBA to clarify what is meant by “a day” and “business day,” and whether these should be understood equally.

Also, we encourage the EBA to apply and define “end of day,” since this might be viewed differently across member states.

The EBA Register should be a trusted source of information for verifying TPPs, and updated so that the EBA Register reflects the local registers in real-time to prevent deviating information from being available in different registers. If ASPSPs are obligated to retrieve or confirm information from local registers and the EBA Register, this will be counterproductive and defeat the purpose of a single register for all ASPSPs to verify information on TPPs. We ask the EBA to address this issue in the guidelines.

Question 2: Do you agree with the proposed criteria and functionalities related to the search of information in the EBA Register? If not, please provide your reasoning.

With regards to EBAs position on the functionality of the EBA Register we need to highlight the importance of a machine-readable register. While the directive itself does not command EBA to develop and operate a machine-readable interface (e.g API) to search and retrieve results, for the EBA Register to function to the best of its ability it is necessary to create a register that is complete, accurate and openly available. This presupposes a machine-readable solution.

We anticipate that several TPP’s will be operating in the market of cross border payment services. Considering the attention related to API standardisation, several TPP’s expect that ASPSP’s interfaces are available with a minimum integration effort. If the ASPSP’s would have to manually search the webpages of the EBA to verify the TPP’s authorisation for a given payment service and territory, this will lead to more friction and longer lead-times to establish services in the market for payment services, with resulting frustration and less trust.

We encourage the EBA to interact and collaborate with the national authorities of member states in light of the NCAs obligations stated in PSD2 article 14. This will help achieve a fully functional, accurate and available EBA register.

Question 3: Do you agree with the proposed non-functional requirements related to the operation of the EBA Register? If not, please provide your reasoning.

Finance Norway would like to express concern with the EBAs position that the EBA Register is not meant to be updated real-time. We strongly disagree with this position. For the EBA Register to be relevant and serve a purpose, it should be available and updated in real time. Otherwise it will prove redundant.

Question 4: Do you agree with the way how the EBA proposes to fulfil the mandate in terms of the natural and legal persons that will need to be included in the future EBA Register? If not, please provide your reasoning.

Finance Norway understands the reasoning behind the EBA proposal. However, a single register that contains information on all licensed institution, including credit institutions providing payment initiation services and account information services, is preferable and necessary to make the register efficient and useful for the stakeholders. We strongly encourage EBA to take into consideration the requirements credit institutions are obligated to adhere to in its interaction with TPPs; identification, authentication, security measures etc.

We therefore urge the EBA to reconsider this position and make sure that also credit institutions licensed to provide services listed in PSD2 Annex 1 nr.7 and 8 are included in the EBA Register.

Question 5: Do you agree with the option the EBA has chosen regarding the detail of information for the natural and legal persons that will be contained in the future EBA Register? If not, please provide your reasoning.

No comment

Question 6: Do you agree with the EBA that the contact details, dates of authorisation/registration, and the services provided in the Host Member States, should not be included in the EBA register? If not, please provide your reasoning, which should also include the benefits for payment service users and other interested parties of having this information in the EBA Register.

No comment

Question 7: Do you agree with the extension of the information for the service providers excluded from the scope of the PSD2 that will be entered in the EBA register? If not, please provide your reasoning.

No comment

Question 8: Do you agree with the scope of the information on agents of payment institutions, exempted payment institutions, account information service providers, electronic money institutions and exempted electronic money institutions to be included in the EBA register? If not, please provide your reasoning.

No comment

Please select which category best describes you and/or your organisation

[Other "]"

If you selected "Other", please provide details

The industry organisation for the financial industry in Norway.

Name of organisation

Finans Norge