FCA statement on the EBA Guidelines on Operational and Security Risks under PSD2

In response to the European Banking Authority (EBA) Guidelines on Operational and Security Risks under PSD2, published on 12 December 2017, the FCA published a statement on its website reminding payment service providers that they will be expected to comply with the Guidelines from 13 January 2018 in addition to the requirements set out in Regulation 98 (Management of operational and security risks) of the Payment Services Regulations 2017.

In addition, the FCA states that it will consult on its approach to applying these Guidelines and its expectations on payment service providers’ future reporting requirements in 2018.