ESBG (European Savings and Retail Banking Group)
Rue Marie-Thérèse, 11 - B-1000 Brussels
EU Transparency Register ID 8765978796-80
Published on website: 9 October 2020
>> See entire consultation response (.pdf)
Find below the first part of the consultation response, with a link below the entire response.
The European Savings and Retail Banking Group (ESBG) welcomes the objective to facilitate the cross-border use of electronic identification based on eIDAS, a fundamental requirement to build the Digital Single Market. ESBG believes that an optimal implementation of e-ID solutions in Europe can only be reached by directly involving the relevant industries, ensuring the participation of the private sector at par with the public sector. However, ESBG Members would not see the need for EU regulators to develop a dedicated e-ID scheme for the financial sector.
ESBG considers the current regulatory, supervisory, and technological fragmentation of cross-border electronic identities (e-ID) across member states as very disadvantageous for the EU, both in terms of operational and regulatory requirements. Additionally, the identification requirements of European consumers in digital channels differ vastly between member states, especially due to the different interpretation, implementation, and application of for instance AML-requirements and PSD2 by both legislators and supervisors. This has created a fragmented and ineffective market environment across the EU, with consequences on European citizens and corporations.
eIDAS Regulation is generally a more effective tool than actions taken at national level, when it comes to regulating trust services. Therefore, eIDAS Regulation should not be repealed. Rather, the scope of the eIDAS Regulation should be extended to provide a level playing field for the private economic actors operating in the field of electronic identification. Policymaker would improve the implementation of eIDAS Regulation by:
introducing new private sector digital identity trust services for identification, authentication and provision of attributes;
introducing an obligation for the public sector to recognise attributes, credentials, and attestations issued in electronic form by trust service providers and public authorities registered as authoritative sources.
The current availability and offer of electronic trust services in the EU is not sufficient. Additional trust services should be regulated at EU level, such as electronic identification and authentication, and provision of trusted attributes linked to a verified identity (e.g. proof-of-age, credentials, KYC). The use of electronic trust services is currently limited by factors such as lack of awareness, lack of availability of relevant services, accessibility barriers for persons with disabilities, lack of harmonisation of different legal requirement in different countries, absence of technical compatibility between services using timestamps and seals.
At the same time, it is important to build on already existing knowledge and best practices, rather than requiring the development of new solutions from scratch. For instance, in some parts of Europe, already existing efficient solutions and well established routines at a national level should be protected and taken into account by the regulator.
In order to improve the implementation of the eIDAS Regulation, ESBG would recommend that:
The public sector should accept e-signature equal in all governmental processes as equal to written signature
The provision of interoperable e-identity tools will boost cross-border transactions, paving the road for a Single Digital Market in the EU. High acceptance rates and technical neutrality will be key in determining the success of European e-IDs. ESBG members believe that, in order to enhance a full cross-border use of electronic identification, the following limiting factors should be overcome: the lack of availability of relevant public services, and the accessibility barriers to the service for persons with disabilities.
Therefore, ESBG members believe that it is important for the EU to empower its financial institutions with the abilities to identify customers through digital means. In fact, by leveraging all the verified data they already manage, banks have already proven to be reliable e-ID providers for a wide variety of purposes including for government purposes. If banks could offer e-ID schemes to access banking services online or act as identity provider for others as part of a federation of identity providers or under a scheme, for instance where required by their customers or by a public authority this could further strengthen the internal market through increased cross-border mobility.
ESBG would support an EUid solution, subject to the following necessary conditions:
EUid respects the actual eIDAS levels of assurance;
EUid is not mandatory;
EUid is not exclusive.
>> See rest of consultation response in the full document(.pdf)