The European Banking Authority (EBA) published its final Guidelines on the conditions that account servicing payment service providers (ASPSPs) must meet in order to be exempted from the obligation to implement the fallback mechanism under the Regulation (EU) 2018/389 on strong customer authentication and common and secure communication (RTS on SCA&CSC). The Guidelines aim at providing clarity to ASPSPs and national competent authorities (CAs) regarding the elements that should be considered for the purpose of an exemption and at ensuring a consistent application of the conditions for an exemption across the 28 EU Member States.

The final Guidelines aim at specifying the conditions set out in Article 33(6) of the RTS, which must be met in order to be exempted from the obligation to implement the fallback mechanism. 

In particular, as regards the involvement of TPPs in the exemption process, the EBA clarified that, for the purpose of the exemption, ASPSPs will need to show TPPs' involvement in the design and testing of their dedicated interfaces. Furthermore, the final Guidelines clarify that ASPSPs shall publish data on the availability and performance of their interfaces in a way that enables TPPs and payment service users (PSUs) to compare the daily availability and performance of the dedicated interface with those of the interfaces made available by the ASPSP to its own PSUs.

The EBA acknowledges that the timelines for meeting the conditions for an exemption are tight and, therefore, strongly encourages ASPSPs to start testing, to launch their production interfaces and to engage with their CA as soon as possible before the September 2019 deadline. While acknowledging that these Guidelines cannot address all issues that may possibly arise during the assessment process, both the EBA and CAs remain committed to continue supporting the industry to meet the timelines set by RTS.