Our previous articles showed the influence of national and european legislation on virtual currencies, however only being a partial area of the payment business. Here is also an example of international influence: The Financial Action Task Force (FATF) published a statement on 19th October. The FATF plans the progressive publication of guidelines for the supervision and control of virtual asset service providers.

The European Banking Authority (EBA) published a draft of the EBA Guidelines on Outsourcing and launched a public consultation. The consultation period closed on 24 September 2018. The new Guidelines are planned to enter into force on 30 June 2019 and will add further provisions and regulations with regard to outsourcing arrangements.

The second payment services directive (Directive (EU) 2015/2366, “PSD2”) as well as well as the fourth anti-money laundering directive (Directive (EU) 2015/849, “4AMLD”) gives EU member states’ (“Host Member State”) authorities the competence to require those payment service providers or e-money issuers having its head office in another EU member state and acting in the territory of that Host Member State in forms other than a branch to appoint a central contact point in the territory of that Host Member State. The appointment of such central contact point and the obligations connected with such appointment might have a significant impact on the provision of payment services or e-money business under the provisions of the European Passport.

What are the practical implications? What does it mean that the RTS are now in force? And isn’t PSD2 already in force since 13 January 2018?

On 2 April 2015, the FCA published a statement on its website as follows:

Security of Internet Payments – EBA Guidelines

The European Banking Authority (EBA) has published its final Guidelines on the Security of Internet Payments. We are fully supportive of the objectives behind the Guidelines and agree with the importance of consumers being protected against fraud when making payments online. Ensuring the security of payments and the protection of sensitive customer data is a critical part of the infrastructure of robust payment systems.