Last week, the European central bank published the assessment guide for the security of Internet payments. The guide contains a list of the assessment questions that assists payment service providers with the implementation of the European requirements for the security of Internet payments. Payment Service Providers must demonstrate their compliance with these requirements by January 2015.
The requirements and the guide are drafted by a committee of European bank supervisors and central bankers in a group of supervisors known as the European Forum on the Security of Retail Payments. As supervising compliance with these recommendations falls within the competence of home member state supervisors, the intention is for the guide to facilitate a harmonised and comparable assessment across different member states. In that respect, the guide harmonises the approach that will be adopted by supervisors.
The publication of the guide and the recommendations on the security of internet payments takes place in anticipation of further European rules on the security of payments. The revision of the Payment Services Directive is likely to include the formalisation of a lead role for the European Banking Authority in defining and updating security requirements for payment services providers in Europe.
The EMA will be reviewing the assessment document with its members and will consider issues arising from its implementation over the coming year.