In a bid to limit the risk of disruption to open banking services after Brexit, fhe FCA is to permit UK-based third-party providers (TPPs) to use an alternative to eIDAS certificates to access customer account information from account providers, or initiate payments.
The FCA's intervention comes after the European Banking Authority (EBA) announced that eIDAS certificates of UK Third-Party Providers (TPPs) will be revoked when the transition period ends on 31 December 2020.
EIDAS certificates are required for TPPs to identify themselves to account providers and allow firms to interact and share customer account information online. Under the Strong Customer Authentication Regulatory Technical Standards (SCA-RTS), they are the only accepted identification standard permitted between providers of open banking services in the EU.
Under the FCA's proposals, UK-based banks will need to make technical changes to their systems to enable TPPs to continue accessing customer account information, by accepting an alternative certificate and informing TPPs "as soon as possible" which certificates they will accept
"Firms must review the changes immediately and implement any necessary changes as soon as possible,Q" states the FCA. "Acknowledging the challenges faced by the industry, the FCA will provide a transition period until the end of June 2021 for complying with our rules."