2026-01-01

Consolidated version of EBA amending Guidelines on ICT and security risk management

The European Banking Authority issued consolidated guidelines amending the original ICT and security risk management framework to specifically address payment service user relationship management under PSD2. These measures require payment service providers to establish processes that enhance user awareness of security risks, provide assistance and guidance, and keep users informed about security updates and anomalies. Additionally, providers must enable users to adjust spending limits, disable specific functionalities, and receive alerts on transaction attempts to detect fraudulent or malicious account use.

European Union

European Banking Authority

Show thumbnailShow full textSourceAdd to collection

Show thumbnail