Providers of online payment accounts must have a PSD2-compliant way for third party providers (TPPs) to access account data and payment functionality. Providers who provide access through a dedicated interface are required to have a contingency mechanism in place unless they have an exemption. We explain how providers can request an exemption.
PSD2 encourages competition and innovation by supporting and regulating businesses that use customer account data to provide value add services (e.g. account dashboards, budgeting tools), and businesses that use the payment functionality of customer accounts to provide services (e.g. paying online without the use of payment cards).
Regulatory technical standards (SCA-RTS) under PSD2 set out how the secure communication between these newly regulated businesses and providers of payment accounts which are accessible online (account providers) should happen.
We have encouraged account providers to enable the access required by PSD2 by implementing dedicated interfaces based on secure application programming interfaces (APIs). A number of account providers are using APIs developed by the Open Banking Implementation Entity.
The SCA-RTS contain a requirement for account providers to build a back-up system to the dedicated interface – the contingency mechanism. However, account providers can request that we exempt them from this requirement. We will assess account providers’ dedicated interfaces to decide whether to give an exemption. EBA Guidelines set out how we should make this assessment.
We set out the information account providers should provide to us as part of an exemption request in Chapter 17 of the Payment Services and E-money Approach Document.
Submitting an exemption request on Connect
Please log in to Connect and follow these steps:
|1||Start an application|
|2||Payment Services Firms|
|3||Requests for exemption from the contingency mechanism|
|4||Complete the form|
|5||Attach supporting documents|