“Article 5 of PSD2 Directive (EU) 2015/2366 requires all TPPs to be regulated & authorised by National Component Authorities (NCA)”
Under PSD2, Account Servicing Payment Services Providers (ASPSPs) are obliged to allow Payment Service Providers (PSPs) with the appropriate payment services authorisations to access their customer accounts and to prevent access to any organisation without these authorisations. Any failure to properly authenticate these PSPs will risk unauthorised transactions or unauthorised data sharing and later claims under PSD2, or the General Data Protection Regulation (GDPR).
PSD2 mandate the participants TPPs must register with home NCA and acquire authorisation for the desired regulated roles. Participant ASPSPs must check the TPPs authorisation before granting them access for Account or Payment resources. This model put a lot of technical complexity on ASPSPs as there are 31 NCAs with no standard interface to perform validation for TPPs. EBA also has its own register with no API access.
PRETA / Open Banking Europe
PRETA’s Open Banking Europe Directory provides a single & compliant source of standardised information about active Regulated Entities that can perform Access to Account (XS2A) services in Europe.
Banfico is official Directory Distributor for Open Banking Europe & we provide TPP Directory Service through our high available SaaS service - OBEaaS