Regulators in Malta have told banks to ensure third-party providers operating under the revised Payment Services Directive (PSD2) cannot access data beyond what is necessary to carry out the service they are conducting.
Under PSD2, banks should allow third-party providers (TPPs) access to customers’ accounts through a dedicated interface for the purpose of initiating a payment or compiling account data.
The Central Bank of Malta and the country’s Office of the Information and Data Protection Commissioner on Monday put banks on notice that they should police what data is being used by the TPPs that are accessing their accounts.
Request a Free Trial
As a trusted source of regulatory intelligence for the global payments industry, we enable organisations to manage the growing volume and velocity of regulatory risk with confidence, empowering more informed and effective decision making, in an efficient and cost-effective way.Take a Trial