These Guidelines aim to ensure that payment service providers (PSPs) have in place appropriate security measures to mitigate operational and security risks. These should include the establishment of an effective operational and security risk management framework; processes that detect, prevent and monitor potential security breaches and threats; risk assessment procedures; regular testing; and processes to raise awareness to Payment Service Users on security risks and risk-mitigating actions.
The EBA decided to further clarify and detail some terms and aspects it had proposed in the draft Guidelines. In particular, the final Guidelines clarify the meaning of proportionality and explain why the EBA is not regulating certification processes of security measures.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now