Response to consultation on the Technical Standards on the EBA Register under PSD2
Go back
Additionally we suggest to oblige the Member State Competent Authorities to immediately enter (manually or by uploading) information to the EBA Register on any TPPs excluded from their register and these should be processed and made available immediately in the EBA Register.
We also suggest that the following information be included in the register: complaint handling contact information (e-mail, address, phone), fraud contact information (e-mail, address, phone), reason: In case of complaints, or fraud, the TPP and the ASPSP have to consultation each other, and the dedicated contact data will help the process.
Question 2: Do you agree with the proposed criteria and functionalities related to the search of information in the EBA Register? If not, please provide your reasoning.
We agree in general with the functionalities related to the search of the information described in the Consultation Paper. However, we suggest reconsidering machine readability. Reasoning: considering that Account Servicing Payment Service Providers (ASPSPs) will be obliged to allow access to their systems to any entity which is in the register in the Member State where the ASPSP operates, it will be crucial for the ASPSP to be notified immediately if the account information service provider or payment initiation service provider (Third Party Provider - TPP) accessing the ASPSPs system was excluded from the another Member States register where the TPP operates. The fact that a TPP was excluded from a Member State register constitutes the “objectively justified and duly evidenced reason” referred in Article 68 5) in DIRECTIVE (EU) 2015/2366 (PSD2). Taking into consideration that the Member States registers are not expected to communicate such changes with each other, and the EBA Register will not distribute such information to all Member State registers where the given TPP operates, the ASPSPs should be provided with means to be notified immediately, and “machine readability” provides such means to ASPSPs. Another possible solution could be to provide possibility of subscription to changes to the EBA Register which would imply some sort of immediate notification sent to ASPSPs subscribing to receive changes.Additionally we suggest to oblige the Member State Competent Authorities to immediately enter (manually or by uploading) information to the EBA Register on any TPPs excluded from their register and these should be processed and made available immediately in the EBA Register.
Question 6: Do you agree with the EBA that the contact details, dates of authorisation/registration, and the services provided in the Host Member States, should not be included in the EBA register? If not, please provide your reasoning, which should also include the benefits for payment service users and other interested parties of having this information in the EBA Register.
We agree that these information should not be included in the EBA Register. However we suggest including the date when the TPP was excluded from the Host Member States register, or the date when any data of a given TPP in the EBA Register was last changed. This information could then be used to filter searches hence a recently excluded TPP can be easily identified without having to process long lists.Question 8: Do you agree with the scope of the information on agents of payment institutions, exempted payment institutions, account information service providers, electronic money institutions and exempted electronic money institutions to be included in the EBA register? If not, please provide your reasoning.
We agree with the scope of information on TPPs in the EBA Register. However we suggest including additional information on TPPs which support identification of an entity accessing an ASPSPs system. Reasoning: considering that “screen scraping” will not be banned in the interim period from 13th January 2018 until the corresponding RTS is applicable, ASPSPs will be without any means of identifying a TPP accessing their systems. If IP addresses from where a TPP communicates or other technically verifiable information could be provided in the EBA Register, this would enable ASPSPs to identify registered TPPs. Considering that the EBA Register will be populated by Member State registers, this implies such information to be made available in those Registers as well. We understand that the Member State registries are not in scope of the current Consultation Paper and the EBA may come to the conclusion that such information is not required in the EBA Register, in which case we suggest to take this comment into consideration when defining the Member State registers.We also suggest that the following information be included in the register: complaint handling contact information (e-mail, address, phone), fraud contact information (e-mail, address, phone), reason: In case of complaints, or fraud, the TPP and the ASPSP have to consultation each other, and the dedicated contact data will help the process.