PSD2 Regulatory Technical Standards (RTS)
Table of Contents
Chapter I – GENERAL PROVISIONS
Chapter II – SECURITY MEASURES FOR THE APPLICATION OF STRONG CUSTOMER AUTHENTICATION
Chapter III – EXEMPTIONS FROM STRONG CUSTOMER AUTHENTICATION
Chapter IV – CONFIDENTIALITY AND INTEGRITY OF THE PAYMENT SERVICE USERS' PERSONALISED SECURITY CREDENTIALS
Chapter V – COMMON AND SECURE OPEN STANDARDS OF COMMUNICATION
Chapter VI – FINAL PROVISIONS
Recitals (30)
Annexes
Chapter III – EXEMPTIONS FROM STRONG CUSTOMER AUTHENTICATION
Article 21
Monitoring
1. In order to make use of the exemptions set out in Articles 10 to 18, payment service providers shall record and monitor the following data for each type of payment transactions, with a breakdown for both remote and non-remote payment transactions, at least on a quarterly basis:
(a) the total value of unauthorised or fraudulent payment transactions in accordance with Article 64(2) of Payment Services Directive (PSD2), the total value of all payment transactions and the resulting fraud rate, including a breakdown of payment transactions initiated through strong customer authentication and under each of the exemptions;
(b) the average transaction value, including a breakdown of payment transactions initiated through strong customer authentication and under each of the exemptions;
(c) the number of payment transactions where each of the exemptions was applied and their percentage in respect of the total number of payment transactions.
2. Payment service providers shall make the results of the monitoring in accordance with paragraph 1 available to competent authorities and to EBA, with prior notification to the relevant competent authority(ies), upon their request.