PaymentsJournal
SUBSCRIBE
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
No Result
View All Result

PSD2: The Real RTS Deadline Is Closer Than Banks Think

Marten Nelson by Marten Nelson
October 15, 2018
in Compliance and Regulation, Featured Content
0
PSD2 regulation

PSD2 regulation

3
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

Let’s work backwards. Most banks know that the final deadline to comply with PSD2’s Regulatory Technical Standard (RTS) is 14th September 2019. Eleven months away.

Following the amendments to the RTS, however (based on industry consultation and lobbying from third party providers), there is another deadline for banks to negotiate, which is much sooner and far less talked about: March 14th, 2019.

By then, banks must have their ‘dedicated interface’ (open API) ready for testing by PISPs and AISPs. Article 33.6 of the RTS states that banks which aren’t ready for testing by this time must instead provide a ‘contingency mechanism’ which, for most, will mean formalising their maintenance of a web-based online or mobile interface for TPP screen scraping.

This route has negative implications for banks. But because most third parties think that screen scraping will make their lives easier, TPPs tend not to talk about the downsides.

To begin with, screen scraping poses a significant security risk: it means the security credentials of banks’ customers are shared with third parties who, if breached, could compromise all their customers’ online or mobile banking facilities.

Secondly, maintaining two (or more) interfaces drastically increases costs for the bank; each interface will require strict and ongoing monitoring and reporting to their local competent authority. For tier two banks, challenger banks and foreign banks in the UK, all of which are resource-stretched, this will further compound the serious RTS compliance burden that already includes delivering secure customer authentication, managing exemptions, identifying and managing TPPs, developing the testing sandbox, creating documentation etc.

Overall, it makes by far the most sense for banks to focus on supporting one, secure, RTS compliant open API. Especially when time is such a factor: there really isn’t much of it available before March next year.

As is so often the case, partnership holds the key. Dedicated, specialist third parties have created platforms that address these issues already, by providing a single API overlay and full developer support for TPP connections and testing. Crucially, for smaller banks, they can also lower total cost of ownership by 70% compared to inhouse development, and implement in just 90 days.

Screen scraping and other interface shortcuts are not in the interests of banks, or their customers. Banks don’t need to allow their systems and operations to be compromised simply because a regulatory deadline is looming.

Tags: Compliance and RegulationPSD2
3
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

    Analyst Coverage, Payments Data, and News Delivered Daily

    Sign up for the PaymentsJournal Newsletter to get exclusive insight and data from Javelin Strategy & Research analysts and industry professionals.

    Must Reads

    5 Ways to Protect Your Financial Institution from a Cyberattack

    5 Ways to Protect Your Financial Institution from a Cyberattack

    May 26, 2023
    traditional banks

    How Traditional Banks Can Modernize Without Risk

    May 25, 2023
    identity fraud

    Javelin’s Identity Fraud Study Highlights the Changing Nature of Fraud

    May 24, 2023
    SASE, security-as-a-service

    Security-as-a-Service Secures
    Distributed IT Models

    May 23, 2023
    mule. real-time

    Early Detection of Mule Activity Requires Real-Time Solutions

    May 22, 2023
    embedded finance, ecommerce

    How Retailers Can Enter the World of Embedded Finance Confidently 

    May 19, 2023
    cross-border

    Cross-Border Trade is a Cinch with the Right Payments Partner

    May 18, 2023
    debit

    5 Reasons Merchants See Debit As
    Top-of-Mind for In-Store Sales

    May 17, 2023

    Linkedin-in Twitter

    Advertise With Us | About Us | Terms of Use | Privacy Policy | Subscribe
    ©2023 PaymentsJournal.com

    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Videos
    Menu
    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Videos
    • Industry Opinions
    • Recent News
    • Resources
    Menu
    • Industry Opinions
    • Recent News
    • Resources
    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Industry Opinions
    • Faster Payments
    • News
    • Jobs
    • Events
    No Result
    View All Result