UK

Council of the EU adopts MLD5

The Council of the EU has announced that it has formally adopted the proposed Fifth Money Laundering Directive (MLD5), amending the Fourth Anti Money Laundering Directive (Directive (EU) 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing). Amendments introduce: broader access to information on beneficial ownership of companies and trusts; a lower threshold for identifying the holders of prepaid cards; enhanced due diligence requirements for providers and custodians of virtual currencies; improved cooperation between financial intelligence units; and more stringent checks on transactions involving high-risk third countries.

Council of the EU, 14 May 2018

HMRC's card transaction disclosure programme

HMRC has updated its guidance on the card transaction disclosure programme, which extended the credit card sales campaign, launched in 2014, to include businesses accepting payment by cash, online or telephone, as well as by debit and credit cards.

HMRC, 14 May 2018

Views sought on proposals to regulate new data protection laws

The Information Commissioner’s Office (ICO) has launched a consultation to gather the views of stakeholders and the public on the way it plans to regulate new data protection laws. There were eight weeks to comment on the ICO’s Draft Regulatory Action Policywhich has been updated to include enhanced powers set out in the Data Protection Bill currently going through Parliament, and gives direction and focus to the organisations it regulates.

ICO, 8 May 2018

Joint guidelines on customer protection against risks from screen scraping

UK Finance has worked alongside industry bodies to produce a set of voluntary guidelines increasing customer protection against 'screen scraping', a method of accessing customer data or initiating payments on a customer's behalf. The guidelines encourage market players to work towards using the open banking application programming interface (API) standards as the basis on which secure API access to other payment accounts is provided in future.

UK Finance, 8 May 2018

CPMI Proposes Strategy to Reduce the Risk of Wholesale Payments Fraud

CPMI have published a paper on the strategy for reducing the risk of wholesale payments fraud related to endpoint security. The strategy paper defines ‘endpoint’ as a point in place and time at which payment instruction information is exchanged between two parties in the wholesale payment ecosystem, such as between a payment system and a messaging network, and highlights that wholesale payments fraud is becoming increasingly sophisticated. Endpoint security is built upon measures taken with respect to endpoint hardware, software, physical access, logical access, organisation and processes, and requires a holistic and co-ordinated approach.

CPMI, 8 May 2018