Discussing reporting obligations with our payments clients recently has revealed a lack of awareness of REP018, a report driven by the requirements of the second payment services directive (PSD2). PSD2 included Article 95(2), which requires payment services providers (PSPs) to report to the competent authority with an operational and security risk assessment. So, what is REP018 and why has it caught so many by surprise?
Stephen Watkins
Recent Posts
At what point does empowering individuals to be ‘masters of their own personal data destiny’ encroach on a payment service provider's legal responsibility to prevent fraud, safeguard its venture and limit criminal activity?