Are you going to the APIStrat Conference in Nashville, or the API City Conference in Seattle?

The Role of European Banking Authority (EBA) When It Comes To PSD2

As part of my continued effort to break down the Payment Services Directive 2 (PSD2) in Europe, and develop my awareness of how the regulations are intended, as well as the reality on the ground within the industry, I am working to map out all of the players involved. This post is about understanding the role of the European Banking Authority (EBA), and clearly understanding when and where they come into the conversation.

First, what is the European Banking Authority (EBA)? They are the regulatory agency for the European Union, who is in charge of conducting stress tests on European banks and increasing transparency in the European financial system and identifying weaknesses in banks’ capital structures. When it comes to PSD2, their role is to:

  • develop a publicly accessible central register of authorised payment institutions, which shall be kept up to date by the national authorities
  • assist in resolving disputes between national authorities
  • develop regulatory technical standards on strong customer authentication and secure communication channels with which all payment service providers must comply
  • develop cooperation and information exchange between supervisory authorities

The catalyst for this post was because I was looking for the “central register of authorized payment institutions”, and could not find it. Something that will be critical to this effort working, and evolving. I’m also on the hunt for more details regarding how they will be addressing authentication for all 3rd party API access, which will also be something that makes or breaks this effort. And, of course, as the API Evangelist I’m looking to help anyone in the position of helping “develop cooperation and information exchange”–it is what I do.

When it comes to PSD2, I have gotten to know the API definition (OpenAPI), and I am making my way through the actual set of laws, but I’m still working to understand who all the players are. I’ll keep profiling every type participant in the PSD2 theater that is unfolding across Europe in 2018, until each of the actors makes sense in my head, and I can speak to all of them intelligently. Then I’m hoping to compare notes with my research regarding banking in the United States, and see how it all looks. I’ll be spending next week in France talking with bankers about PSD2, and giving a talk on API governance at this level. So for now, I’m going to be all about EU banking, but I’m engaged in several conversations here in the states with major banks as well, which will all make for some great financial API storytelling over the next couple of months.