EPC: EU regulatory initiatives impacting the security of euro payments – the 2015 outlook

12 January 2015

This blog tackles the proposed revised PSD2, the proposed new Network and Information Security Directive, the guidelines on the security of internet payments released by the EBA and initiatives considered by the EC with regard to virtual currencies.

Regulatory action rolling out in 2015 will determine the foreseeable future with regard to the security of payments in Europe. In the European Payments Council's (EPC) Newsletter article entitled ‘Tensions in Cyberspace: Competing Priorities and Legislative Initiatives in the Online Payments World’, the authors Dermot Turing, Simon Crown and Maria Troullinou consider the interaction between relevant initiatives recently launched or adopted by various European Union (EU) regulatory bodies aimed at promoting the security of payments. The authors point out that tensions between these initiatives “are the inevitable product of attempting to put in place various legislative initiatives relating to similar areas simultaneously.”

They outline that tensions “exist between security on the one hand and the promotion of competition, technological neutrality and access on the other.” As each proposal goes through the EU legislative process, “the risk is that the end result will be a series of measures that when put together reveal the underlying tensions between theory and practice”. Another question is whether, and to what extent, all of these proposals “will keep in sync with the plethora of technological developments”. It therefore, remains to be seen whether the end result will be an “uneasy compromise between the interests of the relevant actors and policymakers” or “a series of harmonious provisions”.

The answer to these questions remains pending until relevant legislation currently in progress and other regulatory initiatives are fully implemented by the various actors concerned, including EU Member States as well as payment service and other providers.

Considering the plethora of regulatory initiatives aimed at ensuring the security of payments now in the pipeline, the EPC, which is not part of the EU institutional framework, reiterates the need to carefully coordinate efforts with a view to ensure consistency of policy. The hope remains that the end result will not be tensions in cyberspace, i.e. possibly conflicting and competing compliance requirements, but a series of harmonious provisions that promote a secure, competitive and innovative payments landscape.

Full blog


© EPC