U.K., Others Opt Out of EBA E-Commerce Security Guidelines
May 26, 2015
On Thursday, the European Banking Authority (EBA) announced five countries will not fully comply with guidelines, finalized and made public in December , seeking to make shopping on the Internet more secure. The U.K., Slovakia and Estonia have informed the EBA they will not comply with the regulations the EBA said will be in force starting August 1 of this year. The U.K.’s Financial Conduct Authority (FCA) said it “does not have the power, without legislative change, to make binding rules requiring all payment service providers (credit institutions, payment institutions and e-money institutions) to comply with the EBA Guidelines.”
The guidelines are not enforceable and serve only as a stop-gap measure until the revised Payment Services Directive (PSD2) becomes final sometime in 2018 or 2019. All European nations have been asked to voluntarily comply with the EBA guidelines or explain why they will not. The FCA said it is “fully supportive of the objectives behind the EBA Guidelines and agrees with the importance of consumers being protected against fraud when making payments online,” but said it is following other recommendations that are in place that will ensure an orderly transition to the PSD2.
Slovakia and Estonia also cited current frameworks that make compliance with the EBA guidelines unfeasible. Sweden and Cyprus cited specific clauses in the EBA rules they will be unable to comply with.