EBA states that PSD2 eIDAS certificates used to secure comms for open banking in EU and UK will be revoked for UK providers from 1 Jan 2021 unless new agreement. https://eba.europa.eu/eba-calls-financial-institutions-finalise-preparations-end-transitional-arrangements-between-eu-and
1/4
1/4
This is an extension to the ‘no deal’ planning undertaken earlier in the withdrawal process. This is the current position.
FCA guidance has been to use eIDAS certificates to authenticate third party providers to ‘banks’ and vice versa.
2/4
FCA guidance has been to use eIDAS certificates to authenticate third party providers to ‘banks’ and vice versa.
2/4
Implication is that not only will UK providers not be able to access EU/EEA accounts, as expected, but also no authentication within the UK.
Workarounds with other certificates could be created, but need to be made clear now.
3/4
Workarounds with other certificates could be created, but need to be made clear now.
3/4
Of course, any agreement to continue status quo will avoid this:
- extension to transition period
- financial services agreement (within trade agreement or not)
4/4
- extension to transition period
- financial services agreement (within trade agreement or not)
4/4
Note:
The requirement to use eIDAS certificates is law in the U.K. (SCA-RTS regulation). FCA guidance follows this law.
FCA note: https://www.ukfinance.org.uk/news-and-insight/blogs/what-do-firms-need-know-about-eidas
The requirement to use eIDAS certificates is law in the U.K. (SCA-RTS regulation). FCA guidance follows this law.
FCA note: https://www.ukfinance.org.uk/news-and-insight/blogs/what-do-firms-need-know-about-eidas