This policy statement PS19/26 confirms the regulatory technical standards for strong customer authentication and common and secure open standards of communication, which will apply in the UK, in the event of a no-deal exit by the UK from the EU.
The UK regulatory technical standards are substantially the same as EU technical standards designed to make electronic payments safer and more secure. Making the UK regulatory technical standards in this way will provide certainty for firms and maintain consumer protections.
In December 2018, as part of our Brexit contingency plan we consulted CP18/44 on making regulatory technical standards for strong customer authentication and common and secure open standards of communication. These standards would apply in the UK from 14 September 2019 in the event of the UK’s withdrawal from the European Union (EU) without a ratified withdrawal agreement “a no-deal exit”.
In our consultation paper, we proposed to make these standards substantially the same as EU regulatory technical standards (EU-RTS) after a no-deal exit. This policy statement summarises the feedback we received from our consultation and publishes the UK regulatory technical standards (UK-RTS), together with Handbook changes, which we will make in the event of a no-deal exit.
Today we have confirmed our approach to this.
This policy statement will primarily be of interest to all payment service providers, including:
It will also be of interest to consumer bodies and relevant trade bodies, retailers, consumers, micro-enterprises and those involved in open banking initiatives.
Payment service providers must comply with the provisions of the UK-RTS in the event of a no-deal exit.
In August 2019, we wrote to trade bodies setting out the terms of a 6-month adjustment period for implementing the EU-RTS. In the event of a no-deal exit, firms should treat those terms as applying to the UK-RTS.