To supplement the PSD2, the European Banking Authority has drawn up a set of regulatory technical standards (RTS) establishing common and secure open standards of communication, which were officially published as the Commission Delegated Regulation (EU) 2018/389 of 27 November 2017. These standards are directly applicable in all Member States from 14 September 2019 onwards, with both AISPs and PISPs having to apply the rules of access to payment accounts in full.

According to the regulatory technical standards, each ASPSP with payment accounts that are accessible online should offer at least one access interface enabling secure communication with AISPs and PISPs. 

For that purpose, each ASPSP may decide whether to develop a dedicated interface, such as an Application Programming Interface (API), or to allow the use of the existing interface for the identification and communication with its payment service users, i.e. the user’s interface (homebanking or app, for instance).

Should the ASPSP opt for a dedicated interface, it may be exempted from the provision of a fallback mechanism if the dedicated interface complies with all the required conditions.

Exemption from the fallback mechanism

Banco de Portugal may exempt ASPSPs from the obligation to set up such a fallback mechanism, provided that dedicated interfaces meet all of the following conditions:

1. their levels of service, availability and performance are similar to those of the customers’ interface; 
2. they have been designed and tested to the satisfaction of the AISPs and PISPs; 
3. they have been widely used for at least 3 months by AISPs and PISPs; 
4. any problem brought forward by AISPs and PISPs has been resolved without undue delay.

In the event that the exempted dedicated interfaces fail to comply with the required conditions, the granted exemptions mat be revoked.

On 4 December 2018 the EBA published the Guidelines on the conditions to benefit from an exemption from the contingency mechanism under Article 33(6) of Regulation (EU) 2018/389, detailing the conditions that ASPSPs must meet in order to be exempted from the obligation to set up a fallback mechanism in place according to the RTS.

Prior to granting exemptions Banco de Portugal must consult the EBA to ensure a consistent application of the assessment criteria by all national competent authorities.

Portuguese ASPSPs that wish to benefit from the exemption must send their application to Banco de Portugal in a timely manner. For that purpose, ASPSPs must fill in the following forms (in Portuguese only):

1. Assessment of communication interfaces;
2. Assessment of dedicated communication interfaces on the conditions to benefit from an exemption from the contingency mechanism.

ASPSPs whose dedicated interfaces are exempted from setting up the contingency mechanism by Banco de Portugal, under the terms of Article 33(6) of Commission Delegated Regulation (EU) 2018/389, are listed here.

The EBA has published on its website a set of questions and answers on the PSD2 as well as several clarifications provided by the EBA working group on APIs under PSD2.