SlideShare a Scribd company logo

04 regulations-impact-on-finance-sector

I
innov-acts-ltd

The document discusses various regulations that are relevant to the financial sector and their impact on financial technologies. It provides an overview of regulations such as MIFID II, PSD2, PCI DSS, and national regulatory bodies. For each regulation, it describes the objective, scope, and impact on the financial sector and financial technologies. The goal is to help learn about key financial regulations and understand how they influence the development of new financial technologies.

Economy & Finance
1 of 20
Download to read offline
1H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY INNOV-ACTS, Limited H2020 FINSEC Project The FINSEC project is co-funded from the European Union’s Horizon 2020 programme under grant Agreement No 786727 Regulation in the Financial Sector and its Impact on Financial Technologies 15/11/2019
2H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Objectives ▪ Learn about most widely used regulations in the financial sector ▪ Understand the objectives of each of the regulations ▪ Explore the scope of regulations ▪ Realize its impact for financial technologies Goal Regulations relevant to the financial sector
3H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Introduction ▪ Different requirements for financial security ▪ Plethora of different regulations, standards and directives ▪ National, regional or global level ▪ Frame the way in which financial infrastructures acquire, handle, store, communicate and process information ▪ Frame the way in which financial infrastructures acquire, handle, store, communicate and process information ▪ Fulfil limitations, extend or complement existing regulations or standards ❖Standardization landscape for the financial sector is evolving at a very fast pace
4H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Regulations relevant to the financial sector
5H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY List of regulations to be addressed ▪ Markets in Financial Instruments Directive II – MiFiD II ▪ Payments Services Directive (PSD 2) - Directive 2015/2366 ▪ PSD2 - Regulatory Technical Standards (RTS) ▪ PCI DSS and PCI 3DS ▪ National regulatory bodies ▪ German supervisor authority (BaFIN) ▪ European Banking Authority III ▪ Regulation for insurance security ▪ European Central Bank (ECB) cyber incident reporting regime
6H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Markets in Financial Instruments Directive II – MiFiD II  Content  Application area ▪ Europe-wide ▪ Regulating the operation of financial markets in the European Union ▪ Framework of trading venues/structures in which financial instruments are traded ▪ Regulating the operation of trading venues/structures, looking to processes, systems and governance measures adopted by market participants and to their future supervision. Characteristics ▪ Markets in Financial Instruments Directive (“MiFID”) ▪ Regulation on Markets in Financial Instruments and Amending Regulation (“MiFIR”) Details  Focus  Objective
7H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY  Scope  Impact on financial sector Characteristics ▪ Safer, sounder, more transparent and more responsible financial system ▪ Enhances algorithmic trading activities: it introduces trading controls for algorithmic trading activities, leads to much increased speed of trading ▪ Investment firms enforced to have in place systems and risk controls such that they could effectively prevent trading that may contribute to a disorderly market or involve market abuse ▪ Enforces brokers to increase the information reported → Traders gain extended transparency ▪ Mandates the testing of algorithms used for algorithmic trading and addition of enhanced tags to precisely identify the origins of an order Details  Impact on financial technologies Markets in Financial Instruments Directive II – MiFiD II
8H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Payments Services Directive (PSD 2) - Directive 2015/2366  Content  Application area ▪ Europe-wide? ▪ Enhance innovation potential, competition and efficiency in electronic markets ▪ Offer consumers more and better choice in the EU retail payment market ▪ Introduce higher security standards for online payments Characteristics ▪ Revised Payment Services Directive (PSD2) Details  Focus  Objective
9H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY  Scope  Impact on financial sector Characteristics ▪ Changes with respect to the range of transactions, the scope of stakeholders, liability and information and security assessment ▪ Extend the EU’s regulatory framework on transactions ▪ Enhance the Payment Service Provider (PSP) with an additional category: ▪ Third-Party Service Providers (TPSPs) ▪ Account Information Service Providers (AISPs) ▪ Payment Information Service Providers (PISPs) ▪ Financial institutions to fulfil account information and payment initiation requests by providing TPSPs with the necessary information via Application Programming Interfaces (APIs)—given that they will be authorised by the payer Details Payments Services Directive (PSD 2) - Directive 2015/2366
10H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY  Impact on financial sector (cont.) Characteristics ▪ Payers to gain additional protection for the case of any incorrectly executed payments ▪ Payments will need to be processed through “strong customer authentication” ▪ Unlikely for information related to the payer to be retained for any other purposes than completing the payment ▪ Financial institutions to ensure their compliance with additional information and technology requirements ▪ Set up APIs such that it will encapsulate specific monetised services, existing margins, and simplified and optimised infrastructure ▪ Strong customer authentication Details  Impact on financial technologies Payments Services Directive (PSD 2) - Directive 2015/2366
11H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Payments Services Directive (PSD 2) - Directive 2015/2366 Characteristics ▪ Ensure compliance with additional information and technology requirements ▪ Set up APIs such that it will encapsulate specific monetised services, existing margins, and simplified and optimised infrastructure ▪ Strong customer authentication ▪ Third Party Service Providers (TPSPs) perspective : Set up risk and control frameworks, comply with all relevant reporting obligations, and perform AML and KYC controls Details  Impact on financial technologies (cont.)
12H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY PSD2 - Regulatory Technical Standards (RTS)  Content Characteristics ▪ Regulatory technical standards (RTS) on the basis of the draft submitted by the European Banking Authority (EBA) ▪ RTS for strong customer authentication (SCA) and secure open standards of communication (CSC) are the basis for the implementation of PSD2 ▪ Safer and more innovative electronic payments ▪ RTS formulate specific security measures to ensure the effective and secure communication between relevant actors Details  Focus  Objective
13H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY PSD2 - Regulatory Technical Standards (RTS)  SCA Characteristics ▪ Requires that the customer’s identity is verified using at least two mechanisms of the: ▪ knowledge (i.e., something that only the user knows e.g., Password) ▪ possession (i.e. something only the user possesses, e.g., a card, mobile phone) ▪ inheritance (i.e. something the user is, e.g., biometric) ▪ Regulates the way the customer’s account is shared between the ASPSP and the AISP or PISP ▪ Secure communication channel will be established to provide access to the payment account ▪ RTS requires customers to provide their explicit consent to the AISP or PISP to share their payment account details or initiate a payment transaction Details  CSC
14H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY PSD2 - Regulatory Technical Standards (RTS)  Impact on financial technologies Characteristics ▪ Payment services providers (PSPs) need to ensure that their technology and infrastructure provides customers with the ability to identify themselves using more than one authentication mechanism ▪ To achieving SCC: ▪ Option #1: to create an API that will provide identical level of availability and performance as the customer’s online interface and it will also enable the provider to also offer a payment initiation of account information services without any obstacle. ▪ Option #2: Offer an adaptation of the customer’s online banking interface. Adaptation of the customer’s payment account, accessed using personalized security credentials by the TPP such that it can be adjusted to desired interface. Details
15H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY PCI DSS and PCI 3DS  Content  Application area ▪ Worldwide ▪ To secure card payments ▪ Ensure that ‘cardholder data’ as the full Primary Account Number (PAN) and other card information (e.g. Cardholder name, expiration date, CVCs etc.) are protected ▪ Prevent unauthorized transactions where the “Card is not Presented” and protect the merchant from fraud Characteristics ▪ Payment Card Industry Data Security Standard (PCI DSS) issued by the Payment Card Industry Security Standards Council ▪ Three-Domain Secure (3DS) is a messaging protocol that enables consumers to authenticate themselves with their card issuer when making e-commerce purchases Details  Objective  Focus
16H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Characteristics ▪ PCI DSS ▪ very specific to the payment card sector ▪ relevant to the payment functions of business systems ▪ Compliance of PCI DSS is imposed by Credit card processors to card issuers and merchant banks ▪ Introduces requirements, including: ▪ establishment of an effective operational and security risk management framework ▪ processes that detect, prevent and monitor potential security breaches and threats ▪ risk assessment procedures ▪ regular testing ▪ processes that raise awareness to Payment Service Users on security risks and risk-mitigating actions Details  Scope PCI DSS and PCI 3DS
17H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY  Impact on financial technologies Characteristics ▪ Protection expected from cyber-physical threats ▪ Requires the establishment that any physical access to data or systems that house cardholder data are protected Details PCI DSS and PCI 3DS
18H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY National regulatory bodies – German supervisor authority (BaFIN)  Content  Geographical area ▪ Germany ▪ Introduces supervisory requirements for IT in financial institutions (BAIT) ▪ BAIT : ▪ encapsulates requirements lead to the secure design of IT systems and of the associated processes and IT governance ▪ contains interpretation of the legal regulations according to German Banking Act and the Minimum Requirements for Risk Management : ▪ appropriate technical and organisational equipment of IT systems for information security and adequate contingency planning ▪ BaFin is the (German) acronym for the Federal Financial Supervisory Authority in Germany  Focus  Objective
19H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY European Banking Authority III  About  Geographical area ▪ Europe-wide ▪ Regulation (EU) No 1093/2010 establishing the EBA requires that competent authorities and financial institutions make every effort to comply with the EBA guidelines and recommendations (Article 16) ▪ To maintain financial stability in the EU and to safeguard the integrity, efficiency and orderly functioning of the banking sector ▪ Efficient and effective supervisory practices across the EU and ensure uniform application of Union law ▪ Regulatory guidelines and recommendations Characteristics ▪ Independent EU Authority which works to ensure effective and consistent prudential regulation and supervision across the European banking sector Details  Objective  Focus
20H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY European Banking Authority III  Scope Characteristics ▪ Article 9(2) of the EBA's Founding Regulation mandates the Authority to monitor new and existing financial activities ▪ Obligation extends to all areas of the EBA's competence, including the field of activities of credit institutions, financial conglomerates, investment firms, payment institutions, and electronic money institutions Details

Recommended

Payment System Risk. Visa
Payment System Risk. VisaPayment System Risk. Visa
Payment System Risk. Visa
Internet Security Auditors
 
Swift gpi
Swift gpiSwift gpi
Swift gpi
omid tabrizian
 
Supervisory challenges of Fintech
Supervisory challenges of FintechSupervisory challenges of Fintech
Supervisory challenges of Fintech
Finanssivalvonta
 
The rise of fin tech presentation
The rise of fin tech presentationThe rise of fin tech presentation
The rise of fin tech presentation
Bovill
 
MiFID II: the next step presentation
MiFID II: the next step presentationMiFID II: the next step presentation
MiFID II: the next step presentation
Bovill
 
Distributed Ledger Technology for the Securities Industry
Distributed Ledger Technology for the Securities IndustryDistributed Ledger Technology for the Securities Industry
Distributed Ledger Technology for the Securities Industry
Laura Anthony, Esq.
 
[WSO2Con EU 2017] Fraud Prevention and Compliance in Financial Sector with WS...
[WSO2Con EU 2017] Fraud Prevention and Compliance in Financial Sector with WS...[WSO2Con EU 2017] Fraud Prevention and Compliance in Financial Sector with WS...
[WSO2Con EU 2017] Fraud Prevention and Compliance in Financial Sector with WS...
WSO2
 
European Payments Initiative Hybrid MeetUp_K.Herreman_Azzana_210624
European Payments Initiative Hybrid MeetUp_K.Herreman_Azzana_210624European Payments Initiative Hybrid MeetUp_K.Herreman_Azzana_210624
European Payments Initiative Hybrid MeetUp_K.Herreman_Azzana_210624
FinTech Belgium
 

Recommended

Payment System Risk. Visa
Payment System Risk. VisaPayment System Risk. Visa
Payment System Risk. Visa
Internet Security Auditors
 
Swift gpi
Swift gpiSwift gpi
Swift gpi
omid tabrizian
 
Supervisory challenges of Fintech
Supervisory challenges of FintechSupervisory challenges of Fintech
Supervisory challenges of Fintech
Finanssivalvonta
 
The rise of fin tech presentation
The rise of fin tech presentationThe rise of fin tech presentation
The rise of fin tech presentation
Bovill
 
MiFID II: the next step presentation
MiFID II: the next step presentationMiFID II: the next step presentation
MiFID II: the next step presentation
Bovill
 
Distributed Ledger Technology for the Securities Industry
Distributed Ledger Technology for the Securities IndustryDistributed Ledger Technology for the Securities Industry
Distributed Ledger Technology for the Securities Industry
Laura Anthony, Esq.
 
[WSO2Con EU 2017] Fraud Prevention and Compliance in Financial Sector with WS...
[WSO2Con EU 2017] Fraud Prevention and Compliance in Financial Sector with WS...[WSO2Con EU 2017] Fraud Prevention and Compliance in Financial Sector with WS...
[WSO2Con EU 2017] Fraud Prevention and Compliance in Financial Sector with WS...
WSO2
 
European Payments Initiative Hybrid MeetUp_K.Herreman_Azzana_210624
European Payments Initiative Hybrid MeetUp_K.Herreman_Azzana_210624European Payments Initiative Hybrid MeetUp_K.Herreman_Azzana_210624
European Payments Initiative Hybrid MeetUp_K.Herreman_Azzana_210624
FinTech Belgium
 
05 standards and general purpose regulations - impact on finance
05 standards and general purpose regulations - impact on finance05 standards and general purpose regulations - impact on finance
05 standards and general purpose regulations - impact on finance
innov-acts-ltd
 
11 eu-institution-studies-regulation-finance-sector
11 eu-institution-studies-regulation-finance-sector11 eu-institution-studies-regulation-finance-sector
11 eu-institution-studies-regulation-finance-sector
innov-acts-ltd
 
03 regulatory landscape&regtech
03 regulatory landscape&regtech03 regulatory landscape&regtech
03 regulatory landscape&regtech
innov-acts-ltd
 
06 digitalization-in-finance
06 digitalization-in-finance06 digitalization-in-finance
06 digitalization-in-finance
innov-acts-ltd
 
Open Banking and Payment Service Directive
Open Banking and Payment Service DirectiveOpen Banking and Payment Service Directive
Open Banking and Payment Service Directive
Lac Vuong
 
Go Beyond PSD2 Compliance with Digital Identity
Go Beyond PSD2 Compliance with Digital Identity Go Beyond PSD2 Compliance with Digital Identity
Go Beyond PSD2 Compliance with Digital Identity
ForgeRock
 
01 introduction-to-digital-finance
01 introduction-to-digital-finance01 introduction-to-digital-finance
01 introduction-to-digital-finance
innov-acts-ltd
 
Cyber Security Unit laws_and_regulatory_requirements.pptx
Cyber Security Unit laws_and_regulatory_requirements.pptxCyber Security Unit laws_and_regulatory_requirements.pptx
Cyber Security Unit laws_and_regulatory_requirements.pptx
SourabhNath4
 
Psd2 brochure
Psd2 brochurePsd2 brochure
Psd2 brochure
MirandaCarterGibbs
 
PSD2: The Advent of the New Payments Market in Europe
PSD2: The Advent of the New Payments Market in EuropePSD2: The Advent of the New Payments Market in Europe
PSD2: The Advent of the New Payments Market in Europe
TransUnion
 
Website Compliance Requirements To Integrate A Payment Gateway
Website Compliance Requirements To Integrate A Payment GatewayWebsite Compliance Requirements To Integrate A Payment Gateway
Website Compliance Requirements To Integrate A Payment Gateway
ITIO Innovex
 
apidays LIVE Singapore 2021 - Transforming trade with the Networked Trade Pla...
apidays LIVE Singapore 2021 - Transforming trade with the Networked Trade Pla...apidays LIVE Singapore 2021 - Transforming trade with the Networked Trade Pla...
apidays LIVE Singapore 2021 - Transforming trade with the Networked Trade Pla...
apidays
 
AMS_03 François De Witte_. .pptx
AMS_03 François De Witte_. .pptxAMS_03 François De Witte_. .pptx
AMS_03 François De Witte_. .pptx
FinTech Belgium
 
FIDO Authentication in Europe the Momentum and Opportunities
FIDO Authentication in Europe the Momentum and OpportunitiesFIDO Authentication in Europe the Momentum and Opportunities
FIDO Authentication in Europe the Momentum and Opportunities
FIDO Alliance
 
Open Banking / PSD2 & GDPR Regulations and How They Are Changing Fraud & Fina...
Open Banking / PSD2 & GDPR Regulations and How They Are Changing Fraud & Fina...Open Banking / PSD2 & GDPR Regulations and How They Are Changing Fraud & Fina...
Open Banking / PSD2 & GDPR Regulations and How They Are Changing Fraud & Fina...
Idan Tohami
 
[Ekata] Unlocking the Potential of PSD2 SCA.pdf
[Ekata] Unlocking the Potential of PSD2 SCA.pdf[Ekata] Unlocking the Potential of PSD2 SCA.pdf
[Ekata] Unlocking the Potential of PSD2 SCA.pdf
ChinmayaShrivastava1
 
PCI DSS Compliance Readiness
PCI DSS Compliance ReadinessPCI DSS Compliance Readiness
PCI DSS Compliance Readiness
Al Abbas, PMP, CISSP, MBA, MSc
 
EU regulatory agenda 2018 2019
EU regulatory agenda 2018 2019EU regulatory agenda 2018 2019
EU regulatory agenda 2018 2019
Roger Coenen
 
Prepaid Payment Regulatory Aspects
Prepaid Payment Regulatory AspectsPrepaid Payment Regulatory Aspects
Prepaid Payment Regulatory Aspects
Raghavendra L Rao
 
FinTech Regulatory Landscape by Trystan Tether and Gabor Helembai 25 10 2016
FinTech Regulatory Landscape by Trystan Tether and Gabor Helembai 25 10 2016FinTech Regulatory Landscape by Trystan Tether and Gabor Helembai 25 10 2016
FinTech Regulatory Landscape by Trystan Tether and Gabor Helembai 25 10 2016
bhalasz
 
H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020
H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020
H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020
innov-acts-ltd
 
H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820
H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820
H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820
innov-acts-ltd
 

More Related Content

Similar to 04 regulations-impact-on-finance-sector

05 standards and general purpose regulations - impact on finance
05 standards and general purpose regulations - impact on finance05 standards and general purpose regulations - impact on finance
05 standards and general purpose regulations - impact on finance
innov-acts-ltd
 
11 eu-institution-studies-regulation-finance-sector
11 eu-institution-studies-regulation-finance-sector11 eu-institution-studies-regulation-finance-sector
11 eu-institution-studies-regulation-finance-sector
innov-acts-ltd
 
03 regulatory landscape&regtech
03 regulatory landscape&regtech03 regulatory landscape&regtech
03 regulatory landscape&regtech
innov-acts-ltd
 
06 digitalization-in-finance
06 digitalization-in-finance06 digitalization-in-finance
06 digitalization-in-finance
innov-acts-ltd
 
Open Banking and Payment Service Directive
Open Banking and Payment Service DirectiveOpen Banking and Payment Service Directive
Open Banking and Payment Service Directive
Lac Vuong
 
Go Beyond PSD2 Compliance with Digital Identity
Go Beyond PSD2 Compliance with Digital Identity Go Beyond PSD2 Compliance with Digital Identity
Go Beyond PSD2 Compliance with Digital Identity
ForgeRock
 
01 introduction-to-digital-finance
01 introduction-to-digital-finance01 introduction-to-digital-finance
01 introduction-to-digital-finance
innov-acts-ltd
 
Cyber Security Unit laws_and_regulatory_requirements.pptx
Cyber Security Unit laws_and_regulatory_requirements.pptxCyber Security Unit laws_and_regulatory_requirements.pptx
Cyber Security Unit laws_and_regulatory_requirements.pptx
SourabhNath4
 
Psd2 brochure
Psd2 brochurePsd2 brochure
Psd2 brochure
MirandaCarterGibbs
 
PSD2: The Advent of the New Payments Market in Europe
PSD2: The Advent of the New Payments Market in EuropePSD2: The Advent of the New Payments Market in Europe
PSD2: The Advent of the New Payments Market in Europe
TransUnion
 
Website Compliance Requirements To Integrate A Payment Gateway
Website Compliance Requirements To Integrate A Payment GatewayWebsite Compliance Requirements To Integrate A Payment Gateway
Website Compliance Requirements To Integrate A Payment Gateway
ITIO Innovex
 
apidays LIVE Singapore 2021 - Transforming trade with the Networked Trade Pla...
apidays LIVE Singapore 2021 - Transforming trade with the Networked Trade Pla...apidays LIVE Singapore 2021 - Transforming trade with the Networked Trade Pla...
apidays LIVE Singapore 2021 - Transforming trade with the Networked Trade Pla...
apidays
 
AMS_03 François De Witte_. .pptx
AMS_03 François De Witte_. .pptxAMS_03 François De Witte_. .pptx
AMS_03 François De Witte_. .pptx
FinTech Belgium
 
FIDO Authentication in Europe the Momentum and Opportunities
FIDO Authentication in Europe the Momentum and OpportunitiesFIDO Authentication in Europe the Momentum and Opportunities
FIDO Authentication in Europe the Momentum and Opportunities
FIDO Alliance
 
Open Banking / PSD2 & GDPR Regulations and How They Are Changing Fraud & Fina...
Open Banking / PSD2 & GDPR Regulations and How They Are Changing Fraud & Fina...Open Banking / PSD2 & GDPR Regulations and How They Are Changing Fraud & Fina...
Open Banking / PSD2 & GDPR Regulations and How They Are Changing Fraud & Fina...
Idan Tohami
 
[Ekata] Unlocking the Potential of PSD2 SCA.pdf
[Ekata] Unlocking the Potential of PSD2 SCA.pdf[Ekata] Unlocking the Potential of PSD2 SCA.pdf
[Ekata] Unlocking the Potential of PSD2 SCA.pdf
ChinmayaShrivastava1
 
PCI DSS Compliance Readiness
PCI DSS Compliance ReadinessPCI DSS Compliance Readiness
PCI DSS Compliance Readiness
Al Abbas, PMP, CISSP, MBA, MSc
 
EU regulatory agenda 2018 2019
EU regulatory agenda 2018 2019EU regulatory agenda 2018 2019
EU regulatory agenda 2018 2019
Roger Coenen
 
Prepaid Payment Regulatory Aspects
Prepaid Payment Regulatory AspectsPrepaid Payment Regulatory Aspects
Prepaid Payment Regulatory Aspects
Raghavendra L Rao
 
FinTech Regulatory Landscape by Trystan Tether and Gabor Helembai 25 10 2016
FinTech Regulatory Landscape by Trystan Tether and Gabor Helembai 25 10 2016FinTech Regulatory Landscape by Trystan Tether and Gabor Helembai 25 10 2016
FinTech Regulatory Landscape by Trystan Tether and Gabor Helembai 25 10 2016
bhalasz
 

Similar to 04 regulations-impact-on-finance-sector (20)

05 standards and general purpose regulations - impact on finance
05 standards and general purpose regulations - impact on finance05 standards and general purpose regulations - impact on finance
05 standards and general purpose regulations - impact on finance
 
11 eu-institution-studies-regulation-finance-sector
11 eu-institution-studies-regulation-finance-sector11 eu-institution-studies-regulation-finance-sector
11 eu-institution-studies-regulation-finance-sector
 
03 regulatory landscape&regtech
03 regulatory landscape&regtech03 regulatory landscape&regtech
03 regulatory landscape&regtech
 
06 digitalization-in-finance
06 digitalization-in-finance06 digitalization-in-finance
06 digitalization-in-finance
 
Open Banking and Payment Service Directive
Open Banking and Payment Service DirectiveOpen Banking and Payment Service Directive
Open Banking and Payment Service Directive
 
Go Beyond PSD2 Compliance with Digital Identity
Go Beyond PSD2 Compliance with Digital Identity Go Beyond PSD2 Compliance with Digital Identity
Go Beyond PSD2 Compliance with Digital Identity
 
01 introduction-to-digital-finance
01 introduction-to-digital-finance01 introduction-to-digital-finance
01 introduction-to-digital-finance
 
Cyber Security Unit laws_and_regulatory_requirements.pptx
Cyber Security Unit laws_and_regulatory_requirements.pptxCyber Security Unit laws_and_regulatory_requirements.pptx
Cyber Security Unit laws_and_regulatory_requirements.pptx
 
Psd2 brochure
Psd2 brochurePsd2 brochure
Psd2 brochure
 
PSD2: The Advent of the New Payments Market in Europe
PSD2: The Advent of the New Payments Market in EuropePSD2: The Advent of the New Payments Market in Europe
PSD2: The Advent of the New Payments Market in Europe
 
Website Compliance Requirements To Integrate A Payment Gateway
Website Compliance Requirements To Integrate A Payment GatewayWebsite Compliance Requirements To Integrate A Payment Gateway
Website Compliance Requirements To Integrate A Payment Gateway
 
apidays LIVE Singapore 2021 - Transforming trade with the Networked Trade Pla...
apidays LIVE Singapore 2021 - Transforming trade with the Networked Trade Pla...apidays LIVE Singapore 2021 - Transforming trade with the Networked Trade Pla...
apidays LIVE Singapore 2021 - Transforming trade with the Networked Trade Pla...
 
AMS_03 François De Witte_. .pptx
AMS_03 François De Witte_. .pptxAMS_03 François De Witte_. .pptx
AMS_03 François De Witte_. .pptx
 
FIDO Authentication in Europe the Momentum and Opportunities
FIDO Authentication in Europe the Momentum and OpportunitiesFIDO Authentication in Europe the Momentum and Opportunities
FIDO Authentication in Europe the Momentum and Opportunities
 
Open Banking / PSD2 & GDPR Regulations and How They Are Changing Fraud & Fina...
Open Banking / PSD2 & GDPR Regulations and How They Are Changing Fraud & Fina...Open Banking / PSD2 & GDPR Regulations and How They Are Changing Fraud & Fina...
Open Banking / PSD2 & GDPR Regulations and How They Are Changing Fraud & Fina...
 
[Ekata] Unlocking the Potential of PSD2 SCA.pdf
[Ekata] Unlocking the Potential of PSD2 SCA.pdf[Ekata] Unlocking the Potential of PSD2 SCA.pdf
[Ekata] Unlocking the Potential of PSD2 SCA.pdf
 
PCI DSS Compliance Readiness
PCI DSS Compliance ReadinessPCI DSS Compliance Readiness
PCI DSS Compliance Readiness
 
EU regulatory agenda 2018 2019
EU regulatory agenda 2018 2019EU regulatory agenda 2018 2019
EU regulatory agenda 2018 2019
 
Prepaid Payment Regulatory Aspects
Prepaid Payment Regulatory AspectsPrepaid Payment Regulatory Aspects
Prepaid Payment Regulatory Aspects
 
FinTech Regulatory Landscape by Trystan Tether and Gabor Helembai 25 10 2016
FinTech Regulatory Landscape by Trystan Tether and Gabor Helembai 25 10 2016FinTech Regulatory Landscape by Trystan Tether and Gabor Helembai 25 10 2016
FinTech Regulatory Landscape by Trystan Tether and Gabor Helembai 25 10 2016
 

More from innov-acts-ltd

H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020
H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020
H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020
innov-acts-ltd
 
H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820
H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820
H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820
innov-acts-ltd
 
12 ai-digital-finance-overview
12 ai-digital-finance-overview12 ai-digital-finance-overview
12 ai-digital-finance-overview
innov-acts-ltd
 
10 the-finstix-data-model
10 the-finstix-data-model10 the-finstix-data-model
10 the-finstix-data-model
innov-acts-ltd
 
09 blockchain-security-information-sharing
09 blockchain-security-information-sharing09 blockchain-security-information-sharing
09 blockchain-security-information-sharing
innov-acts-ltd
 
08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sector08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sector
innov-acts-ltd
 
07 role of network effects and digital ecosystems
07 role of network effects and digital ecosystems 07 role of network effects and digital ecosystems
07 role of network effects and digital ecosystems
innov-acts-ltd
 
02 the-fin tech-revolution
02 the-fin tech-revolution02 the-fin tech-revolution
02 the-fin tech-revolution
innov-acts-ltd
 
Finsec innov-acts-open banking-london080319-4web
Finsec innov-acts-open banking-london080319-4webFinsec innov-acts-open banking-london080319-4web
Finsec innov-acts-open banking-london080319-4web
innov-acts-ltd
 

More from innov-acts-ltd (9)

H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020
H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020
H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020
 
H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820
H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820
H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820
 
12 ai-digital-finance-overview
12 ai-digital-finance-overview12 ai-digital-finance-overview
12 ai-digital-finance-overview
 
10 the-finstix-data-model
10 the-finstix-data-model10 the-finstix-data-model
10 the-finstix-data-model
 
09 blockchain-security-information-sharing
09 blockchain-security-information-sharing09 blockchain-security-information-sharing
09 blockchain-security-information-sharing
 
08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sector08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sector
 
07 role of network effects and digital ecosystems
07 role of network effects and digital ecosystems 07 role of network effects and digital ecosystems
07 role of network effects and digital ecosystems
 
02 the-fin tech-revolution
02 the-fin tech-revolution02 the-fin tech-revolution
02 the-fin tech-revolution
 
Finsec innov-acts-open banking-london080319-4web
Finsec innov-acts-open banking-london080319-4webFinsec innov-acts-open banking-london080319-4web
Finsec innov-acts-open banking-london080319-4web
 

Recently uploaded

快速办理(SMU毕业证书)南卫理公会大学毕业证毕业完成信一模一样
快速办理(SMU毕业证书)南卫理公会大学毕业证毕业完成信一模一样快速办理(SMU毕业证书)南卫理公会大学毕业证毕业完成信一模一样
快速办理(SMU毕业证书)南卫理公会大学毕业证毕业完成信一模一样
5spllj1l
 
University of North Carolina at Charlotte degree offer diploma Transcript
University of North Carolina at Charlotte degree offer diploma TranscriptUniversity of North Carolina at Charlotte degree offer diploma Transcript
University of North Carolina at Charlotte degree offer diploma Transcript
tscdzuip
 
Machine Learning in Business - A power point presentation.pptx
Machine Learning in Business - A power point presentation.pptxMachine Learning in Business - A power point presentation.pptx
Machine Learning in Business - A power point presentation.pptx
mimiroselowe
 
在线办理(GU毕业证书)美国贡萨加大学毕业证学历证书一模一样
在线办理(GU毕业证书)美国贡萨加大学毕业证学历证书一模一样在线办理(GU毕业证书)美国贡萨加大学毕业证学历证书一模一样
在线办理(GU毕业证书)美国贡萨加大学毕业证学历证书一模一样
5spllj1l
 
Enhancing Asset Quality: Strategies for Financial Institutions
Enhancing Asset Quality: Strategies for Financial InstitutionsEnhancing Asset Quality: Strategies for Financial Institutions
Enhancing Asset Quality: Strategies for Financial Institutions
shruti1menon2
 
Detailed power point presentation on compound interest and how it is calculated
Detailed power point presentation on compound interest and how it is calculatedDetailed power point presentation on compound interest and how it is calculated
Detailed power point presentation on compound interest and how it is calculated
KishanChaudhary23
 
高仿英国伦敦艺术大学毕业证(ual毕业证书)文凭证书原版一模一样
高仿英国伦敦艺术大学毕业证(ual毕业证书)文凭证书原版一模一样高仿英国伦敦艺术大学毕业证(ual毕业证书)文凭证书原版一模一样
高仿英国伦敦艺术大学毕业证(ual毕业证书)文凭证书原版一模一样
234knry
 
一比一原版美国新罕布什尔大学(unh)毕业证学历认证真实可查
一比一原版美国新罕布什尔大学(unh)毕业证学历认证真实可查一比一原版美国新罕布什尔大学(unh)毕业证学历认证真实可查
一比一原版美国新罕布什尔大学(unh)毕业证学历认证真实可查
taqyea
 
快速办理(美国Fordham毕业证书)福德汉姆大学毕业证学历证书一模一样
快速办理(美国Fordham毕业证书)福德汉姆大学毕业证学历证书一模一样快速办理(美国Fordham毕业证书)福德汉姆大学毕业证学历证书一模一样
快速办理(美国Fordham毕业证书)福德汉姆大学毕业证学历证书一模一样
5spllj1l
 
在线办理(TAMU毕业证书)美国德州农工大学毕业证PDF成绩单一模一样
在线办理(TAMU毕业证书)美国德州农工大学毕业证PDF成绩单一模一样在线办理(TAMU毕业证书)美国德州农工大学毕业证PDF成绩单一模一样
在线办理(TAMU毕业证书)美国德州农工大学毕业证PDF成绩单一模一样
5spllj1l
 
falcon-invoice-discounting-a-premier-investment-platform-for-superior-returns...
falcon-invoice-discounting-a-premier-investment-platform-for-superior-returns...falcon-invoice-discounting-a-premier-investment-platform-for-superior-returns...
falcon-invoice-discounting-a-premier-investment-platform-for-superior-returns...
Falcon Invoice Discounting
 
真实可查(nwu毕业证书)美国西北大学毕业证学位证书范本原版一模一样
真实可查(nwu毕业证书)美国西北大学毕业证学位证书范本原版一模一样真实可查(nwu毕业证书)美国西北大学毕业证学位证书范本原版一模一样
真实可查(nwu毕业证书)美国西北大学毕业证学位证书范本原版一模一样
28xo7hf
 
OAT_RI_Ep20 WeighingTheRisks_May24_Trade Wars.pptx
OAT_RI_Ep20 WeighingTheRisks_May24_Trade Wars.pptxOAT_RI_Ep20 WeighingTheRisks_May24_Trade Wars.pptx
OAT_RI_Ep20 WeighingTheRisks_May24_Trade Wars.pptx
hiddenlevers
 
快速制作美国迈阿密大学牛津分校毕业证文凭证书英文原版一模一样
快速制作美国迈阿密大学牛津分校毕业证文凭证书英文原版一模一样快速制作美国迈阿密大学牛津分校毕业证文凭证书英文原版一模一样
快速制作美国迈阿密大学牛津分校毕业证文凭证书英文原版一模一样
rlo9fxi
 
1:1制作加拿大麦吉尔大学毕业证硕士学历证书原版一模一样
1:1制作加拿大麦吉尔大学毕业证硕士学历证书原版一模一样1:1制作加拿大麦吉尔大学毕业证硕士学历证书原版一模一样
1:1制作加拿大麦吉尔大学毕业证硕士学历证书原版一模一样
qntjwn68
 
Upanishads summary with explanations of each upnishad
Upanishads summary with explanations of each upnishadUpanishads summary with explanations of each upnishad
Upanishads summary with explanations of each upnishad
ajaykumarxoxo04
 
Money20/20 and EU Networking Event of 20/24!
Money20/20 and EU Networking Event of 20/24!Money20/20 and EU Networking Event of 20/24!
Money20/20 and EU Networking Event of 20/24!
FinTech Belgium
 
Accounting Information Systems (AIS).pptx
Accounting Information Systems (AIS).pptxAccounting Information Systems (AIS).pptx
Accounting Information Systems (AIS).pptx
TIZITAWMASRESHA
 
Dr. Alyce Su Cover Story - China's Investment Leader
Dr. Alyce Su Cover Story - China's Investment LeaderDr. Alyce Su Cover Story - China's Investment Leader
Dr. Alyce Su Cover Story - China's Investment Leader
msthrill
 
Economic Risk Factor Update: June 2024 [SlideShare]
Economic Risk Factor Update: June 2024 [SlideShare]Economic Risk Factor Update: June 2024 [SlideShare]
Economic Risk Factor Update: June 2024 [SlideShare]
Commonwealth
 

Recently uploaded (20)

快速办理(SMU毕业证书)南卫理公会大学毕业证毕业完成信一模一样
快速办理(SMU毕业证书)南卫理公会大学毕业证毕业完成信一模一样快速办理(SMU毕业证书)南卫理公会大学毕业证毕业完成信一模一样
快速办理(SMU毕业证书)南卫理公会大学毕业证毕业完成信一模一样
 
University of North Carolina at Charlotte degree offer diploma Transcript
University of North Carolina at Charlotte degree offer diploma TranscriptUniversity of North Carolina at Charlotte degree offer diploma Transcript
University of North Carolina at Charlotte degree offer diploma Transcript
 
Machine Learning in Business - A power point presentation.pptx
Machine Learning in Business - A power point presentation.pptxMachine Learning in Business - A power point presentation.pptx
Machine Learning in Business - A power point presentation.pptx
 
在线办理(GU毕业证书)美国贡萨加大学毕业证学历证书一模一样
在线办理(GU毕业证书)美国贡萨加大学毕业证学历证书一模一样在线办理(GU毕业证书)美国贡萨加大学毕业证学历证书一模一样
在线办理(GU毕业证书)美国贡萨加大学毕业证学历证书一模一样
 
Enhancing Asset Quality: Strategies for Financial Institutions
Enhancing Asset Quality: Strategies for Financial InstitutionsEnhancing Asset Quality: Strategies for Financial Institutions
Enhancing Asset Quality: Strategies for Financial Institutions
 
Detailed power point presentation on compound interest and how it is calculated
Detailed power point presentation on compound interest and how it is calculatedDetailed power point presentation on compound interest and how it is calculated
Detailed power point presentation on compound interest and how it is calculated
 
高仿英国伦敦艺术大学毕业证(ual毕业证书)文凭证书原版一模一样
高仿英国伦敦艺术大学毕业证(ual毕业证书)文凭证书原版一模一样高仿英国伦敦艺术大学毕业证(ual毕业证书)文凭证书原版一模一样
高仿英国伦敦艺术大学毕业证(ual毕业证书)文凭证书原版一模一样
 
一比一原版美国新罕布什尔大学(unh)毕业证学历认证真实可查
一比一原版美国新罕布什尔大学(unh)毕业证学历认证真实可查一比一原版美国新罕布什尔大学(unh)毕业证学历认证真实可查
一比一原版美国新罕布什尔大学(unh)毕业证学历认证真实可查
 
快速办理(美国Fordham毕业证书)福德汉姆大学毕业证学历证书一模一样
快速办理(美国Fordham毕业证书)福德汉姆大学毕业证学历证书一模一样快速办理(美国Fordham毕业证书)福德汉姆大学毕业证学历证书一模一样
快速办理(美国Fordham毕业证书)福德汉姆大学毕业证学历证书一模一样
 
在线办理(TAMU毕业证书)美国德州农工大学毕业证PDF成绩单一模一样
在线办理(TAMU毕业证书)美国德州农工大学毕业证PDF成绩单一模一样在线办理(TAMU毕业证书)美国德州农工大学毕业证PDF成绩单一模一样
在线办理(TAMU毕业证书)美国德州农工大学毕业证PDF成绩单一模一样
 
falcon-invoice-discounting-a-premier-investment-platform-for-superior-returns...
falcon-invoice-discounting-a-premier-investment-platform-for-superior-returns...falcon-invoice-discounting-a-premier-investment-platform-for-superior-returns...
falcon-invoice-discounting-a-premier-investment-platform-for-superior-returns...
 
真实可查(nwu毕业证书)美国西北大学毕业证学位证书范本原版一模一样
真实可查(nwu毕业证书)美国西北大学毕业证学位证书范本原版一模一样真实可查(nwu毕业证书)美国西北大学毕业证学位证书范本原版一模一样
真实可查(nwu毕业证书)美国西北大学毕业证学位证书范本原版一模一样
 
OAT_RI_Ep20 WeighingTheRisks_May24_Trade Wars.pptx
OAT_RI_Ep20 WeighingTheRisks_May24_Trade Wars.pptxOAT_RI_Ep20 WeighingTheRisks_May24_Trade Wars.pptx
OAT_RI_Ep20 WeighingTheRisks_May24_Trade Wars.pptx
 
快速制作美国迈阿密大学牛津分校毕业证文凭证书英文原版一模一样
快速制作美国迈阿密大学牛津分校毕业证文凭证书英文原版一模一样快速制作美国迈阿密大学牛津分校毕业证文凭证书英文原版一模一样
快速制作美国迈阿密大学牛津分校毕业证文凭证书英文原版一模一样
 
1:1制作加拿大麦吉尔大学毕业证硕士学历证书原版一模一样
1:1制作加拿大麦吉尔大学毕业证硕士学历证书原版一模一样1:1制作加拿大麦吉尔大学毕业证硕士学历证书原版一模一样
1:1制作加拿大麦吉尔大学毕业证硕士学历证书原版一模一样
 
Upanishads summary with explanations of each upnishad
Upanishads summary with explanations of each upnishadUpanishads summary with explanations of each upnishad
Upanishads summary with explanations of each upnishad
 
Money20/20 and EU Networking Event of 20/24!
Money20/20 and EU Networking Event of 20/24!Money20/20 and EU Networking Event of 20/24!
Money20/20 and EU Networking Event of 20/24!
 
Accounting Information Systems (AIS).pptx
Accounting Information Systems (AIS).pptxAccounting Information Systems (AIS).pptx
Accounting Information Systems (AIS).pptx
 
Dr. Alyce Su Cover Story - China's Investment Leader
Dr. Alyce Su Cover Story - China's Investment LeaderDr. Alyce Su Cover Story - China's Investment Leader
Dr. Alyce Su Cover Story - China's Investment Leader
 
Economic Risk Factor Update: June 2024 [SlideShare]
Economic Risk Factor Update: June 2024 [SlideShare]Economic Risk Factor Update: June 2024 [SlideShare]
Economic Risk Factor Update: June 2024 [SlideShare]
 

04 regulations-impact-on-finance-sector

  • 1. 1H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY INNOV-ACTS, Limited H2020 FINSEC Project The FINSEC project is co-funded from the European Union’s Horizon 2020 programme under grant Agreement No 786727 Regulation in the Financial Sector and its Impact on Financial Technologies 15/11/2019
  • 2. 2H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Objectives ▪ Learn about most widely used regulations in the financial sector ▪ Understand the objectives of each of the regulations ▪ Explore the scope of regulations ▪ Realize its impact for financial technologies Goal Regulations relevant to the financial sector
  • 3. 3H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Introduction ▪ Different requirements for financial security ▪ Plethora of different regulations, standards and directives ▪ National, regional or global level ▪ Frame the way in which financial infrastructures acquire, handle, store, communicate and process information ▪ Frame the way in which financial infrastructures acquire, handle, store, communicate and process information ▪ Fulfil limitations, extend or complement existing regulations or standards ❖Standardization landscape for the financial sector is evolving at a very fast pace
  • 4. 4H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Regulations relevant to the financial sector
  • 5. 5H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY List of regulations to be addressed ▪ Markets in Financial Instruments Directive II – MiFiD II ▪ Payments Services Directive (PSD 2) - Directive 2015/2366 ▪ PSD2 - Regulatory Technical Standards (RTS) ▪ PCI DSS and PCI 3DS ▪ National regulatory bodies ▪ German supervisor authority (BaFIN) ▪ European Banking Authority III ▪ Regulation for insurance security ▪ European Central Bank (ECB) cyber incident reporting regime
  • 6. 6H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Markets in Financial Instruments Directive II – MiFiD II  Content  Application area ▪ Europe-wide ▪ Regulating the operation of financial markets in the European Union ▪ Framework of trading venues/structures in which financial instruments are traded ▪ Regulating the operation of trading venues/structures, looking to processes, systems and governance measures adopted by market participants and to their future supervision. Characteristics ▪ Markets in Financial Instruments Directive (“MiFID”) ▪ Regulation on Markets in Financial Instruments and Amending Regulation (“MiFIR”) Details  Focus  Objective
  • 7. 7H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY  Scope  Impact on financial sector Characteristics ▪ Safer, sounder, more transparent and more responsible financial system ▪ Enhances algorithmic trading activities: it introduces trading controls for algorithmic trading activities, leads to much increased speed of trading ▪ Investment firms enforced to have in place systems and risk controls such that they could effectively prevent trading that may contribute to a disorderly market or involve market abuse ▪ Enforces brokers to increase the information reported → Traders gain extended transparency ▪ Mandates the testing of algorithms used for algorithmic trading and addition of enhanced tags to precisely identify the origins of an order Details  Impact on financial technologies Markets in Financial Instruments Directive II – MiFiD II
  • 8. 8H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Payments Services Directive (PSD 2) - Directive 2015/2366  Content  Application area ▪ Europe-wide? ▪ Enhance innovation potential, competition and efficiency in electronic markets ▪ Offer consumers more and better choice in the EU retail payment market ▪ Introduce higher security standards for online payments Characteristics ▪ Revised Payment Services Directive (PSD2) Details  Focus  Objective
  • 9. 9H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY  Scope  Impact on financial sector Characteristics ▪ Changes with respect to the range of transactions, the scope of stakeholders, liability and information and security assessment ▪ Extend the EU’s regulatory framework on transactions ▪ Enhance the Payment Service Provider (PSP) with an additional category: ▪ Third-Party Service Providers (TPSPs) ▪ Account Information Service Providers (AISPs) ▪ Payment Information Service Providers (PISPs) ▪ Financial institutions to fulfil account information and payment initiation requests by providing TPSPs with the necessary information via Application Programming Interfaces (APIs)—given that they will be authorised by the payer Details Payments Services Directive (PSD 2) - Directive 2015/2366
  • 10. 10H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY  Impact on financial sector (cont.) Characteristics ▪ Payers to gain additional protection for the case of any incorrectly executed payments ▪ Payments will need to be processed through “strong customer authentication” ▪ Unlikely for information related to the payer to be retained for any other purposes than completing the payment ▪ Financial institutions to ensure their compliance with additional information and technology requirements ▪ Set up APIs such that it will encapsulate specific monetised services, existing margins, and simplified and optimised infrastructure ▪ Strong customer authentication Details  Impact on financial technologies Payments Services Directive (PSD 2) - Directive 2015/2366
  • 11. 11H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Payments Services Directive (PSD 2) - Directive 2015/2366 Characteristics ▪ Ensure compliance with additional information and technology requirements ▪ Set up APIs such that it will encapsulate specific monetised services, existing margins, and simplified and optimised infrastructure ▪ Strong customer authentication ▪ Third Party Service Providers (TPSPs) perspective : Set up risk and control frameworks, comply with all relevant reporting obligations, and perform AML and KYC controls Details  Impact on financial technologies (cont.)
  • 12. 12H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY PSD2 - Regulatory Technical Standards (RTS)  Content Characteristics ▪ Regulatory technical standards (RTS) on the basis of the draft submitted by the European Banking Authority (EBA) ▪ RTS for strong customer authentication (SCA) and secure open standards of communication (CSC) are the basis for the implementation of PSD2 ▪ Safer and more innovative electronic payments ▪ RTS formulate specific security measures to ensure the effective and secure communication between relevant actors Details  Focus  Objective
  • 13. 13H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY PSD2 - Regulatory Technical Standards (RTS)  SCA Characteristics ▪ Requires that the customer’s identity is verified using at least two mechanisms of the: ▪ knowledge (i.e., something that only the user knows e.g., Password) ▪ possession (i.e. something only the user possesses, e.g., a card, mobile phone) ▪ inheritance (i.e. something the user is, e.g., biometric) ▪ Regulates the way the customer’s account is shared between the ASPSP and the AISP or PISP ▪ Secure communication channel will be established to provide access to the payment account ▪ RTS requires customers to provide their explicit consent to the AISP or PISP to share their payment account details or initiate a payment transaction Details  CSC
  • 14. 14H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY PSD2 - Regulatory Technical Standards (RTS)  Impact on financial technologies Characteristics ▪ Payment services providers (PSPs) need to ensure that their technology and infrastructure provides customers with the ability to identify themselves using more than one authentication mechanism ▪ To achieving SCC: ▪ Option #1: to create an API that will provide identical level of availability and performance as the customer’s online interface and it will also enable the provider to also offer a payment initiation of account information services without any obstacle. ▪ Option #2: Offer an adaptation of the customer’s online banking interface. Adaptation of the customer’s payment account, accessed using personalized security credentials by the TPP such that it can be adjusted to desired interface. Details
  • 15. 15H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY PCI DSS and PCI 3DS  Content  Application area ▪ Worldwide ▪ To secure card payments ▪ Ensure that ‘cardholder data’ as the full Primary Account Number (PAN) and other card information (e.g. Cardholder name, expiration date, CVCs etc.) are protected ▪ Prevent unauthorized transactions where the “Card is not Presented” and protect the merchant from fraud Characteristics ▪ Payment Card Industry Data Security Standard (PCI DSS) issued by the Payment Card Industry Security Standards Council ▪ Three-Domain Secure (3DS) is a messaging protocol that enables consumers to authenticate themselves with their card issuer when making e-commerce purchases Details  Objective  Focus
  • 16. 16H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Characteristics ▪ PCI DSS ▪ very specific to the payment card sector ▪ relevant to the payment functions of business systems ▪ Compliance of PCI DSS is imposed by Credit card processors to card issuers and merchant banks ▪ Introduces requirements, including: ▪ establishment of an effective operational and security risk management framework ▪ processes that detect, prevent and monitor potential security breaches and threats ▪ risk assessment procedures ▪ regular testing ▪ processes that raise awareness to Payment Service Users on security risks and risk-mitigating actions Details  Scope PCI DSS and PCI 3DS
  • 17. 17H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY  Impact on financial technologies Characteristics ▪ Protection expected from cyber-physical threats ▪ Requires the establishment that any physical access to data or systems that house cardholder data are protected Details PCI DSS and PCI 3DS
  • 18. 18H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY National regulatory bodies – German supervisor authority (BaFIN)  Content  Geographical area ▪ Germany ▪ Introduces supervisory requirements for IT in financial institutions (BAIT) ▪ BAIT : ▪ encapsulates requirements lead to the secure design of IT systems and of the associated processes and IT governance ▪ contains interpretation of the legal regulations according to German Banking Act and the Minimum Requirements for Risk Management : ▪ appropriate technical and organisational equipment of IT systems for information security and adequate contingency planning ▪ BaFin is the (German) acronym for the Federal Financial Supervisory Authority in Germany  Focus  Objective
  • 19. 19H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY European Banking Authority III  About  Geographical area ▪ Europe-wide ▪ Regulation (EU) No 1093/2010 establishing the EBA requires that competent authorities and financial institutions make every effort to comply with the EBA guidelines and recommendations (Article 16) ▪ To maintain financial stability in the EU and to safeguard the integrity, efficiency and orderly functioning of the banking sector ▪ Efficient and effective supervisory practices across the EU and ensure uniform application of Union law ▪ Regulatory guidelines and recommendations Characteristics ▪ Independent EU Authority which works to ensure effective and consistent prudential regulation and supervision across the European banking sector Details  Objective  Focus
  • 20. 20H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY European Banking Authority III  Scope Characteristics ▪ Article 9(2) of the EBA's Founding Regulation mandates the Authority to monitor new and existing financial activities ▪ Obligation extends to all areas of the EBA's competence, including the field of activities of credit institutions, financial conglomerates, investment firms, payment institutions, and electronic money institutions Details