fscom News and Events

Operational and security risk reporting (REP018) and IT audits

[fa icon='calendar'] 17-Nov-2019 13:56:03 / by Alison Donnelly posted in SCA, open banking, Cybersecurity

[fa icon="comment"] 0 Comments

Around this time last year we published a blog on REP018, discussing the reporting obligation and who had to submit. Just to recap, REP018 is the name the FCA has given to the reporting return for the operational and security risk assessment that all payment service providers (PSPs) must submit to their regulator at least once a year, or more often as the regulator directs. Most other regulators, including the Central Bank of Ireland, simply refer to the return as the ‘operational and security risk assessment.’

Read More [fa icon="long-arrow-right"]

Meeting the IT Requirements of PSD2

[fa icon='calendar'] 25-Sep-2019 08:23:00 / by Alison Donnelly posted in PSD2, Regulatory compliance, Regulatory compliance advisory, Payments sector, E-money sector, Cybersecurity

[fa icon="comment"] 0 Comments

Read More [fa icon="long-arrow-right"]

18 days to go! REP018 - Are you ready?

[fa icon='calendar'] 14-Dec-2018 08:04:00 / by Alison Donnelly posted in Cybersecurity

[fa icon="comment"] 0 Comments

Read More [fa icon="long-arrow-right"]

Countdown to REP018 - 31 December 2018

[fa icon='calendar'] 23-Nov-2018 08:46:00 / by Alison Donnelly posted in Cybersecurity

[fa icon="comment"] 0 Comments

Read More [fa icon="long-arrow-right"]

REP018: Can you refresh my memory?

[fa icon='calendar'] 09-Oct-2018 11:00:00 / by Stephen Watkins posted in Cybersecurity

[fa icon="comment"] 0 Comments

Discussing reporting obligations with our payments clients recently has revealed a lack of awareness of REP018, a report driven by the requirements of the second payment services directive (PSD2). PSD2 included Article 95(2), which requires payment services providers (PSPs) to report to the competent authority with an operational and security risk assessment. So, what is REP018 and why has it caught so many by surprise?

Read More [fa icon="long-arrow-right"]

REP018, Open Banking and the InfoSec Challenges facing the Payments Industry

[fa icon='calendar'] 10-Sep-2018 09:55:00 / by Alison Donnelly posted in Open Banking and SCA, Training, Cybersecurity

[fa icon="comment"] 0 Comments

Read More [fa icon="long-arrow-right"]

Request for data deletion:  is it for legitimate reasons?

[fa icon='calendar'] 27-Jul-2018 12:48:46 / by Stephen Watkins posted in Cybersecurity

[fa icon="comment"] 0 Comments

 

At what point does empowering individuals to be ‘masters of their own personal data destiny’ encroach on a payment service provider's legal responsibility to prevent fraud, safeguard its venture and limit criminal activity?

Read More [fa icon="long-arrow-right"]

GDPR: separating fact from fiction

[fa icon='calendar'] 10-Apr-2018 22:35:06 / by James Donnelly posted in Cybersecurity

[fa icon="comment"] 0 Comments

GDPR Fines! GDPR Fines! GDPR Fines! The war cry of solicitors and tech consultants across Europe for the past year has become so loud that it’s almost impossible to distinguish it from all the other noise on social media and in the news.

Read More [fa icon="long-arrow-right"]

PSD2 - a glimpse inside the Regulator

[fa icon='calendar'] 13-Mar-2018 14:20:11 / by James Borley posted in PSD2, Regulatory compliance, Payments sector, E-money sector, Cybersecurity

[fa icon="comment"] 0 Comments

 

Much of our time is, and seems always to have been, spent trying to interpret exactly what the regulations or, more importantly, the Regulator is expecting. A leading question asked by many compliance officers is, 'what do they expect of my company?'. This is often where the compliance consultant comes in.

Read More [fa icon="long-arrow-right"]

Meeting the InfoSec demands of PSD2 and GDPR

[fa icon='calendar'] 31-Jan-2018 10:00:00 / by Greg James posted in PSD2, Cybersecurity

[fa icon="comment"] 0 Comments

Read More [fa icon="long-arrow-right"]