FCA delays introduction of Strong Consumer Authentication rules

Taking its lead from the European Banking Authority, the UK's Financial Conduct Authority has confirmed a delay to the enforcement of stronger payment security standards to give firms more time to prepare.

Earlier this month, the EBA paved the way for some firms, on an "exceptional basis", to get an extension of the September deadline for new Strong Consumer Authentication (SCA) rules for e-commerce transactions. The regulations demand a two-step verification process be implemented for all online purchases over EUR30.

The rules, which are being pushed through under the the PSD2 Directive, have faced strong opposition from a market which is widely seen to not be ready for the switch.

In a statement, the FCA says that it recognises the challenges in meeting the September deadline and has been working with the industry to to implement SCA for card payments in e-commerce as soon as possible after this.

"We aim to quickly agree a plan with stakeholders across the industry that encompasses a blueprint for compliance and readiness, a timetable for achieving this, and key milestones and targets to deliver improved security of customer authentication and fraud reduction along the way," states the regulator. "We will work in close cooperation with all the industry stakeholders and other authorities, including the Payment Systems Regulator, to ensure delivery of the blueprint at pace."

Angus McFadyen, partner, Pinsent Masons says the FCA's reversal continues the regulatory recognition of the adverse impact these rules could have.

"Consumers will see a real impact on their day to day spending experience and no one is communicating with them to explain this," he says. "Equally, the regulators haven’t been able to address some of the other unintended consequences such as the possible adverse impact on the innovative overlay services, like money management apps, that law makers have been supporting.”