The European Banking Authority (EBA) published today its final Guidelines on fraud reporting under the revised Payment Services Directive (PSD2). These Guidelines, which the EBA developed in close cooperation with the European Central Bank (ECB) and which are addressed to payment service providers and competent authorities, are aimed at contributing to the objective of PSD2 of enhancing the security of retail payments in the EU.
These Guidelines require payment service providers across the 28 EU Member States to collect and report data on payment transactions and fraudulent payment transactions using a consistent methodology, definitions and data breakdowns.
Having assessed the responses received to the consultation paper (CP) it had published in August 2017, the EBA decided to make a number of changes to the Guidelines and related annexes. In particular, the final Guidelines now no longer require quarterly reporting of high-level data and a more detailed set of data on a yearly basis, but the reporting of a uniform set of data on a semi-annual basis instead.
The geographical scope of the data, too, has been reduced in size and complexity compared to the draft Guidelines that had been proposed in the CP, as the Guidelines do no longer require country-by-country data breakdowns and there is now a uniform geographical breakdown (instead of three different ones). In addition, fraudulent transactions where the payer is the fraudster are no longer within the scope of the Guidelines.
Furthermore, jointly with the ECB, the EBA has made particular efforts further to align the Guidelines with related reporting requirements, in particular with the ECB Regulation on payment statistics (ECB/2013/43).