As we marked the first anniversary of PSD2 implementation (at least, in the UK!) this week, there will doubtless be numerous conversation pieces and reflections about the success of PSD2 so far – and its relationship with Open Banking – and what more delights both have to offer in 2019, the year the UK is supposed to leave the European Union.
Assurance, or the use of auditors to search for problems at firms, can be very useful to the regulated community in all manner of ways, especially during the authorisation process or in respect of the EU's Payment Services Directive.
As we embark upon yet another week of uncertainty regarding what Brexit deal, if any, the Prime Minister might secure, the latest in my Q&As with EU regulators sees me heading to Sweden.
I fondly recall, back in my FSA days, visiting Finansinpektionen (the Swedish FSA) to find out more about the payments market in Sweden and how they approached licensing and supervision, given they were one of the few EU Member States that took advantage of article 26(1) of PSD1 to allow for ‘Small Payment Institutions’ (SPIs). Colleagues at Finansinspektionen were friendly, approachable and keen to exchange knowledge and experience, so I was hopeful that they would continue to be so despite my own departure from the regulator. I am thankful, therefore, to Roger Jacobsson for sparing the time to answer our standard questions regarding UK payment/e-money institutions looking to establish a second business in Europe to benefit from passporting rights.
New rules for payment and e-money institutions
Over the past couple of months, the FCA has been consulting on whether to apply the Principles for Businesses, and some other Handbook rules, to payment and e-money institutions and registered account information service providers. This marks another step in the FCA’s journey towards greater supervision of the non-bank payment services sector.
So, after weeks of conversations with various regulators across Europe, I am delighted to be able to share the views of the Central Bank of Ireland towards UK payment and e-money institutions looking to set up a new office in Ireland as part of their Brexit strategy. Since firms started thinking about their Brexit strategies, Ireland has often been mentioned by clients of fscom as their first consideration, principally based on common language and proximity. Indeed, being based in Belfast, we find our own proximity to Dublin to be particularly helpful in helping firms with the Central Bank. As we have seen though, there are many other factors that need to be taken into account. As ever though, I do not pass comment on the Central Bank’s views in this article, preferring to simply pass them on to help you make up your own mind. So, thanks again to the Central Bank for granting me access and, in particular, to Russell Burke from the Payments Authorisation Team.
Discussing reporting obligations with our payments clients recently has revealed a lack of awareness of REP018, a report driven by the requirements of the second payment services directive (PSD2). PSD2 included Article 95(2), which requires payment services providers (PSPs) to report to the competent authority with an operational and security risk assessment. So, what is REP018 and why has it caught so many by surprise?