The ESBG, together with eight other associations representing the EU payment sector, has written to the European Data Protection Board, the European Commission and the European Banking Authority about the EDPB Guidelines 06/2020 on the interplay between the reviewed Payment Services Directive (PSD2) and the General Data Protection Regulator(GDPR).
The letter highlights that while the payments sector remains fully committed to ensuring the protection of EU citizen’s data- including within the framework of PSD2 – there are concerns that the enforcement of the Guidelines will lead to an outcome that is not in line with PSD2 objectives. In the end, this would hinder innovation and competition in payments.
Although the final Guidelines help in clarifying certain aspects of the interplay, our letter emphasises and reiterates common concerns:
- Provisions on data minimization create uncertainties and are potentially in conflict with PSD2;
- There is lack of coherence with the Regulatory Technical Standards on Strong Customer Authentication and Common and Secure Communication (RTS on SCA & CSC);
- Financial transaction data should not be considered as special category of personal data (SCPD). As such, if financial transaction data is not processed in order to infer SCPD, Article 9(1) GDPR should not apply.
- There are resulting concerns that national Data Protection Authorities could start taking a differentiated approach to the interpretation of the provisions, resulting in fragmentation across the EU and adding to a growing trend when it comes to GDPR implementation.
Overall, the EU payments industry welcomes further discussion between all relevant institutions and stakeholders in the GDPR-PSD2 ecosystem to address these challenges and to provide legal certainty for all actors to enable them to meet their obligations and continue to provide top-tier services for their customers.
related
IASB Exposure Draft (ED) on Financial Instruments with Characteristics of Equity
On 29 November 2023, the International Accounting Standards Board (IASB) proposed amendments in an Exposure Draft to tackle challenges in financial reporting for instruments with both
ESBG’s response to the EFRAG Comment Letter on Financial Instruments with Characteristics of Equity
On 29 November 2023, the International Accounting Standards Board (IASB) proposed amendments in an Exposure Draft to tackle
ESBG advocates for increased clarity and streamlining of supervisory reporting requirements
On 14 March, ESBG submitted its response to the European Banking Authority (EBA) consultation on ITS amending Commission Implementation Regulation (EU) 2021/451 regarding supervisory reporting
WSBI-ESBG advocates for robust implementation of the BCBS Pillar 3 framework for climate-related financial risks
On 14 March, WSBI-ESBG submitted its response to the Basel Committee on Banking Supervision (BCBS) consultation on its Pillar 3 disclosure framework for climate-related financial risks
ESBG stresses the need for consistency and clarity in its Response to the SFDR Review Consultation
ESBG submitted its response to the European Commission’s consultation on the SFDR review, aiming to enhance transparency in sustainability-related disclosures within the financial services sector
ESBG response to the EBA’s consultation on Guidelines on preventing the abuse of funds and certain crypto-assets transfers for ML/TF
The guidelines on the “travel rule” delineate the actions that Payment Service Providers (PSPs), Intermediary PSPs
ESBG responds to the SRB consultation on the future MREL policy
The European Savings and Retail Banking Group (ESBG) submitted its response to the consultation launched by the Single Resolution Board (SRB) in December 2023 on the future of the Minimum Requirement for own funds
ESBG’s response to the Commission’s consultation on the GDPR
The primary EU legislation ensuring the fundamental right to data protection is the General Data Protection Regulation
Joint statement calling for clear distinction between AI and credit scoring in AI Act
On 11 January 2024, a joint industry statement was issued by ESBG, together with the Association of Consumer Credit Information Suppliers (ACCIS)
ESBG advocates for harmonized reporting as part of the Common Data Dictionary
On 29 November, ESBG responded to the European Commission’s invitation for feedback on the Common Data Dictionary (CDD), a significant