Financial Services Regulation |  Aug 25, 2015

MFSA issues Rules on Security of Internet Payments of Credit, Payment and Electronic Money Institutions

The rules establish a set of minimum requirements in the field of security internet payments, in line with the Payment Services Directive (Directive 2007/64/EC). A number of requirements for payment services, together with obligations of payment service providers are introduced.

These rules apply to:

  1. Credit Institutions licensed in terms of the Banking Act;
  2. Payment Institutions licensed in terms of the Financial Institutions Act in order to undertake Activity 4 and/or Activity 10 in the first Schedule to the said Act; and

Rule FIR/04 is to be read in tandem with the EBA Guidelines and came into force on the 7th of August 2015.

The guidelines tackle in particular:

  • Incident monitoring and reporting
  • Risk control and mitigation
  • Initial customer identification and information
  • Strong customer authentication
  • Login attempts, session time out and validity of authentication
  • Customer awareness, education and communication

The rules can be accessed here.

For further information about how GVZH Advocates can help you with your Financial Services requirements kindly contact us here.

Print this Page