On 2 April 2015, the FCA published a statement on its website as follows:

Security of Internet Payments – EBA Guidelines

The European Banking Authority (EBA) has published its final Guidelines on the Security of Internet Payments. We are fully supportive of the objectives behind the Guidelines and agree with the importance of consumers being protected against fraud when making payments online. Ensuring the security of payments and the protection of sensitive customer data is a critical part of the infrastructure of robust payment systems.

The European Banking Authority (‘EBA’) published a consultation paper in October on the implementation of its Guidelines on the security of internet payments, developed in conjunction with the European Central Bank (‘ECB’), with the basis of much of the Guidelines stemming from recommendations put forward by the European Forum for the Security of Retail Payments. Dr. Matthias Terlau and Dr. Daniel Walter of Osborne Clarke discuss what is expected of payment service providers in the context of the proposed Guidelines.

The European Banking Authority (‘EBA’) published a consultation paper on the implementation of its Guidelines on the security of internet payments, the output of work undertaken in conjunction with the European Central Bank (‘ECB’), with the basis of much of the guidelines being work by the European Forum for the Security of Retail Payments. The EBA expects these proposed guidelines to enter into force in August 2015. Dr. Matthias Terlau and Dr. Daniel Walter of Osborne Clarke discuss the compliance expectations for payment service providers and analyse the critical aspects of the proposed guidelines.

Both, EU Commission and ECB are particularly engaged to make internet payments more secure. The ECB formed a forum of European central banks and supervisory authorities, called SecuRe Pay, to discuss and eventually agree on a set of rules for the enhancing of security of internet payments, one of the most important of such rules being the strong customer authentification when making internet payments or accessing payment data. The rules were finally issued as recommendations of the ECB in January 2014.
The EU Commission included in July 2014 the same basic rule on strong customer authentification within its proposal for a Second Payment Services Directive (PSD2).

Following recent legal developments regarding Bitcoins, such as the US court decisions in the cases of “Bitcoin Foundation” and “Trendon Savers & Bitcoin Savings Trust”, a US Congress hearing on Bitcoins, the prohibition of the receipt of Bitcoins by financial service providers in China as well as the warnings issued by the French National Bank and the European Financial Supervisory Authority, the German Federal Financial Supervisory Authority (BaFin) has also issued a circular on Bitcoins on 19 December 2013 in order to clarify potential risks for con-sumers as well as authorisation requirements for Bitcoin traders and online platforms.