The FCA said: "Without intervention, TPPs in the UK will no longer be able to access their customer’s account data held with ASPSPs in accordance with UK law after the transition period ends … To avoid disruption to open banking services, we are proposing to change the regulatory requirements to allow for the use of an alternative form of identification."
According to the FCA, eIDAS certificates will still be valid under UK law following the expiration of the implementation period and it will therefore remain open to EU-based PISPs or AISPs to rely on them for identification purposes. On the alternative form of identification it intends to allow too, the regulator said it does not intend to be prescriptive about the specific form of identification that can be used, but it said any alternative identification solution would need to "meet certain criteria".
"It should be a digital certificate issued upon identification and verification of the payment service provider’s identity," the FCA said. "The certificate should be amended if that identity information changes and revoked where that information is unverifiable or the TPP is no longer authorised for its activities. Further, we will require ASPSPs to verify the authorisation status of the TPP, in a way that would not create any obstacles to TPP access, and to satisfy itself of the suitability of the independent third party issuing the certificate. We will also require ASPSPs to specify publicly which additional means of identification it accepts to ensure TPPs are aware."
"We propose that the certificate must include identity information as well as information on the competent authority the TPP is authorised or registered with, and the corresponding registration (FRN) number. We are not proposing to prescribe which alternative certificate should be used, or to specify further detailed attributes for certificates. In so doing, we hope to minimise the potential for disruption to existing market practice, and maximise the options available for ASPSPs and TPPs," it said.