FCA confirms all UK ASPSPs must accept eIDAS Certificates
The FCA on 3 September issued an email from Andrew Laidlaw, Manager / Payments Policy Team / Consumer Distribution Department Consumer & Retail Policy Division / Strategy and Competition to ASPSPs clearly stating that ASPSPs must be able to accept eIDAS certificates on their PSD2 Open Banking APIs. He went on to say “With ASPSPs being forced to accept eIDAS certificates they need to put in place infrastructure to ensure acceptance of these from any of the 70+ eIDAS providers across Europe”.
The FCA also stated in the communication that any ASPSP “must also ensure that its interface is capable of enabling a TPP to identify itself using only its eIDAS certificate”. Although they stated that Open Banking (OB) Certificates can be used and “would not be a bar to gaining an exemption”, this would be “only if TPPs agree voluntarily to use Open Banking certificates for identification”.
The FCA also clearly advised that whilst OB Certificates can be used, ASPSPs cannot insist that TPPs use them and must enable eIDAS certificates on their APIs.
Brendan Jones, Chief Commercial Officer, Konsentus, commented, “The FCA has been very clear that eIDAS certificates can be used by TPPs to identify themselves at UK ASPSPs and that they cannot be forced to use any other forms of identification”.
+44 (0) 07437 190014
Konsentus, a RegTech company, provides Identity & Regulatory checking services for Financial Institutions (ASPSPs) so that they can comply with PSD2 Open Banking access to accounts. Issued through a SaaS based platform, the solution enables ASPSPs to provide open banking services to their customers, confident in the knowledge that they are only providing data to Third Party Providers (TPPs) who are regulated and have customers’ "explicit" consent to use their data.
Headquartered in the UK, Konsentus has created a world class solution for Financial Institutions across the European Economic Area (EEA). Delivered through best in class standards it provides clients with a cost-effective solution to help deliver their regulatory requirements.