The new European Payment Services Directive, also known as PSD2, has replaced the first Directive on the regulation of payment services in the internal market and sets strict rules on the security and handling of data by financial service providers.
Among the obligations based on the duty to simplify, speed up and improve open communication with customers and strong customer authentication is the audit of security measures. All payment service providers have this obligation.
The audit of security methods must be carried out by an independent auditor at a frequency similar to that of a financial audit. There are additional obligations in case the exemption from the application of the SCA is applied based on the TRA. In this case, the methodology must be audited in the first year and at least once every three years thereafter.
Our services include:
- Preliminary audit and recommendations
- Internal audit of security compliance with PSD2 regulations
- External audit of transactional risks - TRA audit
- External audit of security measures
- Consultancy and support