New requirements through PSD2
With the Payment Service Directive 2, your institution is faced with a multitude of new requirements. In part, the new requirements may already be covered under other regulatory requirements, in part they are completely new. In part, the requirements are precisely formulated, in part there is significant room for interpretation. Risk analyses, contingency plans, protection needs assessments, and legal requirements for the third-party data interface to be implemented. PSD2 requires that your processes for maintaining IT security in operations be documented. Only in this way can you meet the requirements of the auditors and pass special audits by the supervisory authorities.
Synchronous documentation
You have probably already created many of the required documents as part of pre-existing supervisory responsibilities. The task now is to synchronize this documentation with regard to the requirements of PSD2, identify any existing documentation gaps, and close them. SRC’s consultants are happy to support you with proven process models, templates and the creation of the documents to be supplemented.
Security and clarity
In addition to the security of being prepared for special audits by the regulatory authorities, you will gain clarity for your dealings with third-party service providers and for the alignment of your business models with regard to the risks and opportunities of Payment Service Directive 2.
