The European Banking Authority (EBA) has extended its current deadline for the migration to strong customer authentication (SCA) under the revised Payment Services Directive (PSD2) for e-commerce card-based payment transactions as part of a new opinion published today.
The opinion confirms the new deadline as 31 December 2020, marking a 15-month extension for payment providers to implement the new rules.
It follows the EBA’s recognition of the complexity of the requirements, and the lack of preparedness, which would result in significant impact for consumers.
A number of recommendations have been set out in the Opinion, including the suggestion that national competent authorities (NCA) should communicate to payment service providers (PSP) in their jurisdiction that the supervisory flexibility they have exercised does not represent a delay in the application date of the SCA requirements in PSD2 and the EBA’s Technical Standards.
The EBA has also requested that NCAs take a “consistent approach toward the SCA migration period” across the European Union, and that they ensure that their respective PSPs carry out the actions set out in the opinion paper.
Following a research exercise carried out in July and August of this year, the EBA assessed feedback of numerous correspondents and found that the 18-month suggestion put forward appeared to be driven significantly by the timeline of the development of 3DS Secure 2.
Establishing the new deadline, the EBA has also clarified its position across Europe, strongly urging domestic market regulators to focus on “monitoring migration plans instead of pursuing immediate enforcement actions against payment service providers that are not compliant”.