News - Web Releases 2019


Regulatory technical standards on strong customer authentication

On 21 June 2019, the European Banking Authority (EBA) published its Opinion on the elements of strong customer authentication (SCA) under the revised Payment Services Directive (PSD2). This opinion addresses concerns about the preparedness and compliance with the SCA requirements of some actors in the payments chain.

The deadline for compliance with the regulatory technical standards on strong customer authentication and common and secure open standards of communication (RTS on SCA and CSC) under the PSD2 Directive is 14 September 2019.

In this scenario, the Central Bank of Malta acknowledges that there are difficulties with meeting the deadline of 14 September 2019 and - as Competent Authority - has been engaging with stakeholders to develop a migration plan to implement SCA for e-commerce transactions.

In this regard the Central Bank of Malta is formally delaying the application of the provisions of the RTS for regulated institutions on e-commerce transactions made with payment cards only, and no enforcement action will be taken provided that there is evidence that such institutions have taken the necessary steps to comply with the agreed migration plans.

The Central Bank of Malta, in order to agree on a harmonised approach and to ensure a smooth implementation of SCA, will continue to engage with the EBA, with other National Competent Authorities in the European Union as well as with stakeholders.