The General Data Protection Regulation (GDPR) is all the rage. It’s the hottest legislation on the privacy block, but it’s not the only one. While everyone was sleeping on whether or not they could comply with the GDPR, they slept on PSD2 — the European Union’s Payment Services Directive 2. Here’s what you need to know.
The revised Directive on Payment Services was adopted by the European Parliament in 2015 and went into force on January 13, 2016. What you didn’t realize is that all EU member states were required to adopt it as of January 13, 2018 — five months before the implementation of GDPR. While the GDPR carries heavy penalties, it’s important to realize that PSD2 carries the same penalties for lack of compliance and/or complaints — four percent of your annual turnover or $20 million, whichever is highest.
[bctt tweet=”While the GDPR carries heavy penalties, it’s important to realize that PSD2 carries the same penalties for lack of compliance and/or complaints.” username=”AOTMP”]
Complaint mechanisms are largely the same and are attributed to the data protection authorities.
Why the shift and why should I care?
Worldwide payment systems have been outdated in their technologies for quite some time. A simple look into the infrastructure in the U.S. being chipless less than five years ago is a good look at the pervasive systematic issues among the world’s lackluster payment and data privacy compliance networks.
As of September 2019, PSD2’s EBA Security and Authorization RTS goes into force. This means changes for any business that processes payments online.
How do I become compliant?
Compliance with PSD2 is a simple task if you have qualified professionals that can assist you. In many cases, your accounting firm and/or lawyer can help.
In this blog series, Privacy Matters, we will provide you with tips for compliance, why PSD2 compliance is necessary, and challenges that you should expect your business to face as the framework is implemented worldwide.
This post was written in conjunction with the AOTMP® Efficiency First® Framework’s Risk Management module.
Efficiency First® Framework v3.0 is the standard for measuring telecom, mobility, and IT management Center of Excellence maturity. It defines a comprehensive set of strategic performance measures, tactical diagnostic measures, and best practice principles used to optimize Center of Excellence business value. Enterprise organizations adopt the Framework and vendors align solutions to Framework principles.