In-house training courses covering: (1) revised Markets in Financial Instruments Directive (MiFID II); (2) revised Market Abuse Directive (MAD 2) and Market Abuse Regulation (MAR); (3) Central Counterparty (CCP) Clearing, Risk Management, Recovery and Resolution (EU); (4) Automatic Exchange of Information (AEOI), Foreign Account Tax Compliance Act, Common Reporting Standard (CRS) compliance frameworks; and (5) General Data Protection Regulation (GDPR) operational Compliance.

1. STORM-7 CONSULTING
REGULATORY, RISK AND COMPLIANCE
IN-HOUSE TRAINING COURSES

2. ABOUT THE IN-HOUSE TRAINING COURSES
ATTENDEES: Unlimited.
MATERIALS: Comprehensive Hard Copy Training Course Manual and Training Reference Materials, 4 x
Electronic PowerPoint Presentations.
FIXED MODULES: 4 modules are provided for each one day In-House Training Course.
IN-HOUSE TRAINING
COURSE EXPERT
Rodrigo Zepeda is Co-Founder and Managing Director of Storm-7 Consulting. He is an expert
consultant who specialises in derivatives and banking and financial services law, regulation, and
compliance. He is an expert in a very broad range of regulatory compliance frameworks such as
FATCA, the OECD CRS, MiFID II, MAD 2 MAR, PSD2, CRD IV, Solvency II, OTC Derivatives, CCP
Clearing, PRIIPs, BRRD, AML4, and the GDPR. He holds a LLB degree, a LLM Masters degree in
International and Comparative Business Law, and has passed the New York Bar Examination. He
was an Associate (ACSI) of the Chartered Institute for Securities & Investment from 2004 to 2014
and is now a Chartered Member (MCSI). He has created and delivered numerous conferences
and training courses around the world such as ‘FATCA for Latin American Firms’ (Santo Domingo,
Dominican Republic, Panama City, Panama), ‘MiFID II: Regulatory, Risk, and Compliance (London),
and ‘Market Abuse: Operational Compliance’ (London), ‘AEOI (FATCA & CRS)’ (Manama, Bahrain).
He has also delivered numerous In-House Training Courses around the world to major international
financial institutions such as The Abu Dhabi Investment Authority (MiFID II: Operational Compliance,
Abu Dhabi, the United Arab Emirates), the United Nations Principles of Responsible Investment
(MiFID II: Final Review, London), CAF, the Development Bank of Latin America (Swaps and Over-
the-counter Derivatives, Lima, Peru), Rothschild Investment Management (UK) Limited (AEOI
(FATCA & CRS), London) and Bethmann Bank AG (MAD 2 MAR, Frankfurt). He is a Reviewer
for the Journal of Financial Regulation and Compliance and has also published widely in leading
industry journals such as the Capco Institute’s Journal of Financial Transformation, the Journal of
International Banking Law and Regulation, as well as e-books on derivatives law. Noted publications
include “Optimizing Risk Allocation for CCPs under the European Market Infrastructure Regulation”;
“The ISDA Master Agreement 2012: A Missed Opportunity”; “The ISDA Master Agreement: The
Derivatives Risk Management Tool of the 21st Century?”; “To EU, or not to EU: that is the AIFMD
question”; and “The Industrialization Blueprint: Re-Engineering the Future of Banking and Financial
Services?”.
Storm-7 Consulting is an international consulting company that provides premier intelligence, insight
and support to global financial institutions. We provide cutting-edge conferences, events, public training
courses, and in-house training courses to leading firms globally.
We provide expert regulatory compliance training covering areas such as the General Data Protection
Regulation (GDPR), the revised Markets in Financial Instruments Directive (MiFID II), Automatic
Exchange of Information (Foreign Account Tax Compliance Act (FATCA) and Common Reporting
Standard (CRS), revised Market Abuse Directive (MAD 2), Market Abuse Regulation (MAR), the revised
Capital Requirements Directive (CRD IV), Packaged Retail and Insurance Based Investment Products
(PRIIPs), Solvency II, the revised Payment Services Directive (PSD 2), Central Counterparty (CCP)
Clearing, Anti-Money Laundering (AML) and Counter Terrorist Financing (CTF), Stress Testing, and the
Senior Managers and Certification Regime.
We provide unique and highly innovative marketing services to firms operating in the banking, financial
services, Regulatory Technology (RegTech), and Financial Technology (FinTech) sectors. We have
designed our training events and materials to significantly enhance employees’ skills and knowledge
levels in regulatory compliance frameworks. We also seek to provide a unique, comprehensive, and
superior blend of legal, financial, strategic, operational, and technological perspectives in our events.
We have received enquiries and bookings from leading firms around the world, such as the Abu Dhabi
Investment Authority, Rothschild Investment Management (UK) Limited, Bethmann Bank AG, Dubai
Financial Market, CAF the Development Bank of Latin America, the Central Bank of Ireland, the Central
Bank of Russia, APG Asset Management, Royal London Asset Management, Brandes Investment Partners,
Eversheds, Erste Group, Millenium Information Technologies, Deutsche Bank, Bethmann Bank AG, ICBC
Standard Bank, Gulf International Bank, Raiffeisen Bank International AG, and BGC Partners.
We have collaborated with firms around the world, such as the United Kingdom Financial Conduct
Authority, Thomson Reuters, Sopra Steria, Sungard AS, Capco, OTC Partners New York, IHS Markit,
Eze Castle Integration, ICMA Centre, Sybenetix, Heriot-Watt University, J.P. Morgan Asset Management,
Custom House Global Fund Services, Cass Business School, RiXtrema, Solum Financial, Objectivus
Financial Consulting, D2 Legal Technology, Eurekahedge, Financial IT, HedgeConnection, Alpha Journal,
ATMonitor, HF Alert, and CrowdReviews.
ABOUT STORM-7 CONSULTING
2 3

3. MIFID II COMPLIANCE AND TECHNOLOGY
REVISED MARKETS IN FINANCIAL INSTRUMENTS DIRECTIVE
(MIFID II) AND MARKETS IN FINANCIAL INSTRUMENTS
REGULATION (MIFIR).
ABOUT:
This In-House Training Course is one of the most cost-effective ways to comprehensively
understand the new and highly complex revised Markets in Financial Instruments Directive
(MiFID II) and Markets in Financial Instruments Regulation (MiFIR). The MiFID II Compliance
and Technology training course is not simply about theoretical knowledge and training, it
seeks to provide attendees with operational and strategic insight into MiFID II compliance and
operational requirements. The training course will provide the ideal mix between theory and
operational practice, as well as reviewing a range of MiFID II technologies. MiFID II is not just about
compliance, it represents a key opportunity for firms to strategically differentiate themselves and
capitalise on new and emerging financial markets and investment opportunities.
MODULE 1:
MIFID II MARKET STRUCTURE, TRADE AND
TRANSACTION REPORTING
● MiFID I, MiFID II, and MiFID III Directional Timeline,
Systematic Internalisers, Organised Trading Facilities (OTF),
Multilateral Trading Facilities (MTFs).
● Trade Execution Update, Data Publication, Consolidated Tape,
Consolidated Tape Provider.
● MiFIR Reporting Framework, Reporting Obligations,
Extended Scope of Financial Instruments, Approved Reporting
Mechanism (ARM) Framework, Data Reporting Services
Providers (DRSPs), ARM Providers.
MODULE 2:
ORGANISATIONAL REQUIREMENTS,
INVESTOR PROTECTION, AND
SUITABILITY AND APPROPRIATENESS
● Client Classification, Investment Suitability and
Appropriateness.
● Product Governance, Sales Targets,
Remuneration Policies, Independent Advice,
Conflicts of Interest, Exemptions, Compliance
Function, Record Keeping.
● The Third Country Framework, Equivalence
Assessment, Third Country Firm Legal and
Taxation Considerations.
MODULE 3:
MIFID II COMPLIANCE AND TECHNOLOGY – PART I
● MiFID II Best Execution Requirements, Best Execution Technologies, Best Execution and
Transaction Cost Analysis.
● MiFID II Recording of Communications (Investment Firm Client Obligations Strategic
Considerations).
● A Review of MiFID II Best Execution Technologies and MiFID II Recording of
Communications Technologies.
MODULE 4:
MIFID II COMPLIANCE AND TECHNOLOGY – PART II
● MiFID II Suitability and Appropriateness (Assessing Suitability, Assessing
Appropriateness, Guidelines).
● MiFID II Research Unbundling, Research Payment Accounts, Broker Voting, Post-
MiFID II Commision Sharing Agreements, Research Platforms, Research Technology
Providers.
● A Review of MiFID II Research Unbundling Technologies and MiFID II Compliance
Technologies.
“The updated MiFID II training course
provides highly comprehensive
training in all of the most key aspects
of the complex and intricate MiFID II
and MiFIR operational frameworks.”
4 5

4. MAD 2 MAR (MARKET ABUSE):
OPERATIONAL COMPLIANCE
ABOUT:
This one day In-House Training Course will provide attendees with a comprehensive instruction on the new European
Union (EU) market abuse regulatory framework governed by the European Securities and Markets Authority (ESMA).
It will train attendees on the legal obligations and operational framework for the new Criminal Sanctions For Market
Abuse Directive (MAD 2) (Directive 2014/57/EU) and Market Abuse Regulation (MAR) (Regulation No 596/2014). The
course will guide attendees through new obligations for trading venues (Multilateral Trading Facility (MTF), Organised
Trading Facility (OTF), Emissions Allowances), issuers, financial services firms, and Persons Discharging Managerial
Responsibilities (PDMRs). Attendees will obtain training on monitoring, detecting, and identifying suspicious orders and
transactions under the new MAD 2 and MAR operational framework, and will also be guided through the new Buy-Back
Programmes, Stabilisation Measures, Accepted Market Practices and Market Soundings provisions.
MODULE 1:
THE MAD 2 (DIRECTIVE 2014/57/EU) AND MAR (REGULATION NO 596/201/4)
OPERATIONAL FRAMEWORK
● MAD 2 FRAMEWORK: (1) new minimum rules for criminal sanctions and criminal penalties and liability for natural and
legal persons; (2) new obligations for trading venues (MTFs, OTFS, Emissions Allowances) and issuers; and (3) application
to spot commodity contracts and transactions; and (4) benchmark manipulation.
● MAR FRAMEWORK: (1) New financial instruments covered; (2) obligations and offences (issuer disclosure of inside
information; market soundings; transactions by persons discharging managerial responsibilities; suspicious transactions
reporting; algorithmic and high-frequency trading); and (3) New whistleblowing obligations, reporting, protections, and
financial incentives.
MODULE 2:
MAR OPERATIONAL PRACTICES I: SUSPICIOUS
TRANSACTION AND ORDER REPORTS
(STORS), BUY-BACK PROGRAMME (BBP), AND
STABILISATION MEASURES
● STOR FRAMEWORK: (1) STOR content; (2) reasonably
suspicious orders (RSOs) (detection, level of suspicion, personnel
training; cancellation and modification of orders); (3) Level II
Regulatory Technical Standards (RTS) obligations (general
requirements, prevention, monitoring, detection, training,
reporting, timing, content, templates).
● BBP AND STABLISATION FRAMEWORK: (1) BBP exemption
(trading in own shares); (2) qualifying operational conditions
(disclosure, reporting, limits); (3) qualifying programme
conditions; (4) stabilisation of securities exemption; (5) qualifying
operational conditions (duration, disclosure and notification,
price limits); (6) BBP and stabilisation measures Level II RTS
compliance.
MODULE 3:
MAR OPERATIONAL PRACTICES II:
ACCEPTED MARKET PRACTICES (AMP) AND
MARKET SOUNDINGS (MS)
● AMP FRAMEWORK: (1) Establishing legitimate
reasons and conforming with accepted market practice;
(2) AMP Competent authority criteria (transparency,
safeguards, market liquidity and efficiency, trading
mechanism, integrity of related markets, investigations,
market structural characteristics); (3) AMP Level II RTS
compliance; (4) Competent authority reviews.
● MS FRAMEWORK: (1) MS operational framework
(MAR, Article 11); (2) Procedural conditions and
obligations for market participants (written records,
consent, obligations to inform); (3) ESMA MS Guidelines;
(4) Level II RTS and Implementing Technical Standards
(ITS) on appropriate arrangements, procedures and
record keeping requirements.
MODULE 4:
MAD 2 AND MAR OPERATIONAL COMPLIANCE
PROGRAMMES
● COMPLIANCE: (1) MAD 2 and MAR compliance programmes;
and (2) modification of existing Information Technology (IT)
infrastructures.
● NEW EXEMPTIONS: (1) trading in own shares in buy-
back programs; (2) trading in securities for the stabilization
of securities exception and eligibility conditions; (3) public
authorities in pursuit of monetary, exchange rate, or public debt
management policy; (4) EU Agricultural Policy and Climate
Policy; (5) Chinese Walls.
● NEW POWERS AND SANCTIONS: (1) Minimum Supervisory
and Investigatory Powers (document and data access;
interviews; dawn raids, inspections, recordings, data traffic,
telecommunications operators, temporary prohibitions); (2)
Administrative Sanctions and Measures; (3) Financial Penalties
(individuals, companies).
“Even though providing regular training
on market abuse to employees is a
mandatory requirement, many firms
are still continuing to operate in
breach of MAD 2 MAR requirements.
This training course allows firms to
finally become compliant in a highly
cost effective way.”
6 7

5. ABOUT:
This one day In-House Training Course will provide delegates with a comprehensive understanding of central counterparty
(CCP) clearing models and operational frameworks in the European Union (EU). Delegates will receive in depth instruction
on the EU CCP regulatory framework governed by the European Securities and Markets Authority (ESMA) and the European
Market Infrastructure Regulation (EMIR). Delegates will be able to practically compare a range of key issues affecting CCP
offerings in the EU. The one day In-House Training Course will also provide deep coverage of margining practices, clearing
models and agreements, operational risks, and risk management frameworks affecting CCPs. Finally, delegates will be
guided through the intricacies of effective CCP Recovery and Resolution Plans, and CCP Default Management, Recovery
and Continuity Frameworks.
MODULE 1:
THE CENTRAL COUNTERPARTY (CCP)
CLEARING MODEL
● An Overview of the CCP Clearing Model
(Functional Definition; CCP Ownership; CCP
Advantages and Disadvantages; Novation; Cleared
Products; Margining; Multilateral Netting; Risk and
Default; Loss Mutualisation; Auctions; Portability).
● CCP Regulation v. ‘Too Big To Fail’.
● Case Study: LCH.Clearnet Swapclear.
MODULE 2:
THE EU CCP REGULATORY FRAMEWORK
● ESMA and CCP authorisation, recognition and supervision in
the EU.
● CCP operating, clearing and reporting obligations under
the EMIR framework, CCP Cleared Products, Reporting,
Interoperability, Third Country CCPs.
● Basel III capital treatment/risk weightings for Qualifying and
Non-Qualifying CCPs.
MODULE 3:
CCP CLEARING MODELS AND AGREEMENTS (DIRECT AND INDIRECT)
● CCP and Client Clearing Documentation and common negotiated provisions (Margin, Termination
Events, Pre-Default Porting).
● Customer clearing under modified Master Agreements.
● An Overview of ISDA® Clearing Agreements and Addendums (EU International Swaps and
Derivatives Association (ISDA)/Futures Industry Association (FIA) Cleared Derivatives Execution
Agreement + Addendum).
MODULE 4:
DESIGNING EFFECTIVE CCP DEFAULT
MANAGEMENT, RECOVERY AND CONTINUITY
FRAMEWORKS
● The 2012 Committee on Payments and Market Infrastructure -
Organization of Securities Commissions (CPMI-IOSCO) Principles
for Financial Market Infrastructure.
● The ISDA® Principles for CCP Recovery and CCP Default
Management, Recovery and Continuity.
● Developing new Total Loss Absorbing Capacity (TLAC), Bail-
inable debt standards for CCPs, and Developing Standardised
Regulatory Stress Testing and Disclosure.
CCP CLEARING, RISK MANAGEMENT, RECOVERY
AND RESOLUTION (EU)
“The rise in the CCP clearing model
in the EU has precipitated an urgent
need for market participants to
comprehensively understand the
complexities of CCP regulatory and
risk frameworks, margining practices,
clearing agreements, and recovery
and resolution plans.”
8 9

6. MODULE 1:
THE FATCA REGULATORY FRAMEWORK
● Key FATCA Aims, Objectives and Milestones and Global Implementation and
Impact.
● FATCA Definitions (FFI; P-FFI; RDC-FFI; CDC-FFI; NFFE; GIIN; FDAP
Income; RO; IGA; USWAs; Gross Proceeds; Passthru Payments; Grandfathered
Obligations; Active Income; Passive Income).
● The Three Pillars of FATCA (1) PILLAR I: Classification (Direct and Indirect US
Accounts, Regulatory Exemptions), Due Diligence (Individual and Entity Accounts),
Classification of Financial Entities; (2) PILLAR II: FFI and NFFE Documentation
and Reporting Obligations, FATCA Reporting, Recalcitrant Accounts; (3)
PILLAR III: 30% Withholding Penalty, Withholding Payments, FATCA Reporting
Responsibilities, Civil and Criminal Penalties for Responsible Officers.
ABOUT:
This one day In-House Training Course will provide delegates with a
comprehensive understanding of the new United States Foreign Account Tax
Compliance Act (FATCA) requirements, by combining theory with practice and
by incorporating interactive learning elements. The course aims to demystify the
complexity of both FATCA and the Organisation for Economic Co-operation and
Development (OECD) Common Reporting Standard (CRS) frameworks. The
course Expert Trainer will ensure that delegates fully understand the operational
impact that FATCA and the OECD CRS will have on the business and on clients,
as well as guiding delegates through necessary adaptation processes, compliance
solutions, and the complexities of understanding the way the FATCA and OECD
CRS frameworks operate around the world.
MODULE 2:
THE CRS REGULATORY FRAMEWORK
● A Global Overview of CRS Reporting, Implementation Timelines, and
2017 and 2018 Reporting Deadlines.
● A Review of the CRS (Standard for Automatic Exchange of Financial
Account Information), and the Model Competent Authority Agreement
(Model CAA).
● CRS Classification, Participating Financial Institutions, and Non-
Resident Account Holders of CRS Participating Countries; On-boarding
of New Entity and Individual Accounts and Client On-boarding Solutions,
Pre-Existing Account Due Diligence Procedures; CRS Reporting (Foreign
Debt, Equity Interests, Custody Accounts, Foreign Deposit Accounts),
Reportable Accounts, and Enhanced File Review Procedures.
AEOI (FATCA & CRS) OPERATIONAL
COMPLIANCE
MODULE 3:
AEOI (FATCA & CRS) OPERATIONAL COMPLIANCE
● A Legal Review of the Model 1(Reciprocal 1A); Model 1 (Non-Reciprocal 1B);
Model 2 (No Pre-Existing Tax Information Exchange Agreement (TIEA) or Double
Tax Convention (DTC) Required); Model 2 (Pre-Existing TIEA or DTC); IRS FFI
Agreement (Form 8957).
● A Review of the CRS Commentaries; Comparing FATCA and CRS Frameworks
and Identifying Key Differences; Identifying and Assessing Compliance and Non-
Compliance Costs, Organisational Gap Analysis and Developing Effective AEOI
Compliance Frameworks; Responsible Office Preparation, Certifications, and
Onboarding and Client Relationships.
MODULE 4:
AEOI (FATCA & CRS) RISK MANAGEMENT
● A Review of the Model Mandatory Disclosure Rules for CRS
Avoidance Arrangements and Opaque Offshore Structures.
● A Review of Jurisdictional Trends and Operational Risk Review.
● A Review of AEOI (FATCA & CRS) Loopholes and Anti-Avoidance
Strategies.
“The recent Australian CBA $700 million fine
has identified how much failing to put in place
effective anti-money laundering procedures can
cost banks. However, many banks and financial
institutions are still continuing to put in place
ineffective measures to implement FATCA and
CRS frameworks, and are still unaware of the
array of loopholes and anti-avoidance strategies
that are currently in use by criminal money
launderers and tax evaders around the world.”
10 1110 11

7. GENERAL DATA PROTECTION REGULATION
OPERATIONAL COMPLIANCE
ABOUT:
The new General Data Protection Regulation (2016/679) (GDPR) represents one of the most significant
changes in the existing data protection framework in place across the European Union (EU). Its territorial
scope is extremely broad and so many companies based outside the EU that are processing personal data
about individuals based in the EU will now need to comply with its provisions. The new and complex risk-
based framework now imposes onerous accountability requirements on data controllers and data processors,
and also brings in new types of data such as genetic, pseudonymous, and biometric data. It is imperative
that firms not only clearly and comprehensively understand the new framework, but that they are also able
to understand what changes they need to make internally in order to be GDPR compliant. This new one day
In-House Training Course will expertly guide attendees through the legal, technological, and operational
framework, as well as providing real and unique strategic perspectives. Attendees will also be guided through
a range of data protection compliance technology tools and software, and will also learn about offerings from
third party data service providers.
MODULE 1:
AN OVERVIEW OF THE NEW GENERAL DATA PROTECTION
REGULATION (GDPR) FRAMEWORK
An Overview of the new General Data Protection Regulation.
● A Summary of the Main Changes from the EU Data Protection Directive.
● Material and Territorial Scope; Extraterritorial Effect; Definitions; Genetic
and Biometric Data; Pseudonymous Data; Exemptions (Entity, Activity),
Derogations, Special Conditions, Restrictions.
● An Overview of Implementation Costs for average Small and Medium-Sized
Enterprises (SMEs).
MODULE 2:
THE GDPR OPERATIONAL FRAMEWORK
● Key Concepts in the GDPR Framework (Personal Data;
Data Processing; Data Controllers; Data Processors; Data
Transfers; Profiling and Automated Decision-Taking).
● Principles relating to the Processing of Personal Data
and Lawfulness of Processing.
● Grounds for Processing Data and Data Rights
(Rectification, Objection, Erasure, Subject Access, Data
Security, Data Portability, Restriction of Processing,
Profiling Rights).
● Legal Basis for Data Processing; Conditions for
Consent, Legitimate Interest Legal Basis; Purpose
Limitation Principle; Processing of Special Categories of
Personal Data.
MODULE 3:
ORGANISATIONAL READINESS FOR THE GDPR
● Data Protection Officer Responsibilities and Data Privacy Impact
Assessments.
● Supervision, Non-Compliance, Sanctions and Fines.
● Codes of Conduct, Data Protection Certification Mechanisms, Data
Protection Seals and Marks, and Developing a Transparent and Robust
Information Governance Framework; Transfers of Personal Data to Third
Countries.
● GDPR Compliance Programmes, Internal Controller Effectiveness
Verification, and Independent Expert Effectiveness Verification.
MODULE 4:
DATA PROTECTION COMPLIANCE TECHNOLOGY TOOLS
AND SOFTWARE
● Overview of Key Requirements (Content Filtering; Stream-Based Protection;
Bandwidth Optimization; Privacy-by-Design Requirements; Digitization
Strategy).
● Security Architecture, Security Policy, Privileged Credentials, Digital
Identities, Encryption, Scalable SSL Decryption with Micro-Segmentation.
● Test Data Management (People, Systems, and Technology), Copying,
Masking.
● A Review of Select GDPR Software Technology Tools and Software: (1)
Software AG; (2) Veritas; (3) CA Technologies; (4) Iboss Cybersecurity.
“
Firms need to be able to
not only comprehensively
understand GDPR
requirements, but also
to leverage GDPR from
a strategic marketing
perspective.”
12 1312 13

8. REVISED PAYMENT SERVICES DIRECTIVE
(PSD2): REGULATION AND INNOVATION
MODULE 1:
AN OVERVIEW OF THE PSD AND PSD2
OPERATIONAL FRAMEWORKS
● Overview of the Payment Services Directive (2007/64/
EC) (PSD), Harmonization and Integration of Retail
Payments in the European Union (EU), Consumer
Protection, Payment Efficiency, and Payment Chain Security
Risks.
● Overview of the Revised Payment Services Directive
(2015/2366/EU) (PSD2), Payment Services (Account
Information Services (AIS), Payment Initiation Services
(PIS), Payment Institutions (Banks, Building Societies,
Money Remitters, E-Money Institutions, FinTech Platforms,
Acquirer Payment Institutions, Non-Bank Credit Card
Issuers and Merchant Acquirers).
MODULE 2:
UNDERSTANDING THE NEW PSD2
FINANCIAL LANDSCAPE
● The PSD2 Operational Framework, the Single Euro
Payments Area (SEPA), Payment Services Providers,
and Exemptions (Commercial Agency, Limited Network,
Digital Device, Automated Teller Machine (ATMs); Third-
Party Account Access, Account Information Aggregators,
AIS Providers (AISPs), PIS Providers (PISPs), and
Execution of Payment Transactions.
● PSD2 Security Framework (Data Protection,
Operational Risks, Security Risks, Authentication, Fraud
Controls, Incident Notification); Consumer Protection
MODULE 3:
A REVIEW OF EBA REGULATORY
TECHNICAL STANDARDS AND GUIDELINES
● Analysis of the European Banking Authority (EBA)
Regulatory Technical Standards (RTS):
(1) Strong Customer Authentication and Common and
Secure Communication; and
(2) Passport Notifications.
● Analysis of the EBA Guidelines:
(1) Major Incidents Reporting;
(2) Minimum Monetary Amount for Professional Indemnity
Insurance; and
(3) Authorisation and Registration.
● Overview of the Revised Payment Services Directive
(2015/2366/EU) (PSD2), Payment Services (Account
Information Services (AIS), Payment Initiation Services
(PIS), Payment Institutions (Banks, Building Societies,
Money Remitters, E-Money Institutions, FinTech Platforms,
Acquirer Payment Institutions, Non-Bank Credit Card
Issuers and Merchant Acquirers).
MODULE 4:
PSD2 STRATEGIC REGULATORY
CHALLENGES AND OPPORTUNITIES
● PSD2 Strategic Regulatory Compliance (Third Party
Providers (TPPs), Access to Accounts (XS2A), Open
Application Programming Interfaces (APIs), and Open
Banking Technical Standards).
● PSD2 Strategic Challenges and Opportunities for
FinTech Firms, and a Review of Existing FinTech Firm
Offerings (AccessPay, Adyen, AstroPay, Azimo, Currency
Cloud, DoPay, Flypay, Droplet, Judo, GoCardless, Ixaris,
Monese, MoneyMover, Osper, Mondo, Moni, Pockit,
Revolut, SumUp, Yoyo).
ABOUT:
There can be no doubt that the new Payment Services
Directive (2015/2366/EU) (PSD2) is set to revolutionise
banking services throughout the European Union (EU)
and usher in a whole new host of unique and innovative
payments systems and ideas. Given the sheer breadth of
Payment Institutions affected by PSD2, the complexity of
this new payments landscape should not be underestimated.
Firms need to not only become PSD2 compliant, but without
a shadow of a doubt they also need to arm themselves with
strategic insights that will allow them to successfully navigate
and thrive in this newly forecasted complexity of payments
systems and institutions. This one day In-House Training
Course seeks to provide firms with highly comprehensive
yet logical guidance through the new PSD2 framework, in
addition to presenting insights into new strategic regulatory
challenges and opportunities which came into force on 13th
of January 2018.
“The new PSD2 framework is not only complex,
but at the same time if understood strategically
it represents one of the best ways for firms to be
able to create long-term strategic competitive
advantage.”
Bookings and Enquiries
UK +44 (0)20 7846 0076
www.storm-7.com
client.services@storm-7.com
(Complaints Procedures, Dispute Resolution, Penalties,
Surcharge Restrictions, Refund Rights, Liability for
Unauthorised Transactions).
14 1514 15

9. 16
© COPYRIGHT 2018 STORM-7 CONSULTING LIMITED
LEVEL 24/25 THE SHARD | 32 LONDON BRIDGE STREET