PSD2 AND API SECURITY WHITE PAPER
1. PSD2 IS AN EU LAW, WILL THE UK NEED TO COMPLY AFTER BREXIT? There is still a lot of uncertainty surrounding Brexit, but in the meantime while the UK remains an EU member state, PSD2 directly applies to organisations within the UK. To minimise disruptions to UK businesses following Brexit – whenever that may be – the government has adapted and incorporated certain EU legislation, including PSD2, into UK domestic law. PSD2 is therefore likely to remain in UK legislation for the foreseeable future, with the long-term plan to replace PSD2 with the UK Open Banking System.
TELL ME ABOUT THE UK OPEN BANKING SYSTEM In January 2018, the Open Banking system was set up by the Competition and Markets Authority on behalf of the UK government. Every PSP that uses Open Banking to offer products and services must be regulated by the FCA or the EU equivalent. There is currently very little to differentiate Open Banking from PSD2. However, where PSD2 requires banks to open-up their data to third party providers (TPPs), Open Banking states that data is made available in a standardised format.
PSD2 is a much-needed legislation that presents financial institutions with new challenges. It also presents ample opportunity for banks to update legacy systems, collaborate and improve their security platforms. The UK’s own introduction of Open Banking echoes the need for a truly disruptive transformation of the payments industry, with new entrants able to utilise banks’ open APIs.
NETACEA.COM
/ 3
