Payment Services Directive (PSD2)
Table of Contents
Chapter I – SUBJECT MATTER, SCOPE AND DEFINITIONS
Chapter II – PAYMENT SERVICE PROVIDERS
Chapter III – TRANSPARENCY OF CONDITIONS AND INFORMATION REQUIREMENTS FOR PAYMENT SERVICES
Chapter IV – RIGHTS AND OBLIGATIONS IN RELATION TO THE PROVISION AND USE OF PAYMENT SERVICES
Chapter V – DELEGATED ACTS AND REGULATORY TECHNICAL STANDARDS
Chapter VI – FINAL PROVISIONS
Recitals (113)
Annexes
Recital 91
(91) Payment service providers are responsible for security measures. Those measures need to be proportionate to the security risks concerned. Payment service providers should establish a framework to mitigate risks and maintain effective incident management procedures. A regular reporting mechanism should be established, to ensure that payment service providers provide the competent authorities, on a regular basis, with an updated assessment of their security risks and the measures that they have taken in response to those risks. Furthermore, in order to ensure that damage to users, other payment service providers or payment systems, such as a substantial disruption of a payment system, is kept to a minimum, it is essential that payment service providers be required to report major security incidents without undue delay to the competent authorities. A coordination role by EBA should be established.