Security Best Practice in Payments and Banking Outside the European Union

After much debate and campaigning over recent months, the nation went to the polls yesterday and voted in favour of the United Kingdom leaving the European Union.

The result shows that many were unconvinced of the arguments to remain, not only for the UK’s future as a whole, but also for their own personal circumstances. There has also been a lot of uncertainty about what will happen to the payments industry with the UK leaving the EU, and disagreement amongst experts continues.

However, we think one thing is for certain: the UK’s exit from the EU is unlikely to signal the widely predicted doomsday for the financial services industry, including the payments sector.

What has been true since the formation of the EU, and will remain just as true after it, is the paramount importance of good corporate governance when it comes to data security. As a member of the EU, the UK was subject to EU regulations and directives on various issues including payments. The absence of a single particular law making body will not result in a legal vacuum. Rather, the void will be filled by the UK’s own legal framework. London is currently top of the Global Financial Centres Index and new regulations can be introduced to standardise the regulatory framework of the UK with the EU.

One of the most important EU regulations currently in the pipeline is the Second Payments Services Directive (PSD2), which has an implementation deadline of January 2018 for EU member states. Despite leaving the EU, the UK has an incentive to keep payments rules similar to EU ones, and hence will likely continue to implement practices adherent to such legislations.

The Single Euro Payments Area (SEPA) has also been a topic of contention. SEPA facilitates the transfer and movement of the Euro, and the UK’s membership of the body has been important for trade with the Eurozone. However, inclusion in SEPA is not contingent upon membership of the EU: Norway and Iceland are members and the UK will likely remain as one too.

The UK now has the timely and onerous task of negotiating its exit from the EU and there is still much to be discovered about our new future. For MYPINPAD, the implications of leaving the EU are taken as part of a much bigger need to address authentication and security issues globally. As such, local and cross-border security practices in payments and banking that benefit our economy and businesses remain unchanged

Regardless of the legislative body tasked with drafting payments regulation, focus must always be on offering security and transparency in payments in a competitive and innovative environment. Regulation, from whichever origin, sets a benchmark for acceptable levels of security practice to enable sustainable business activity and consumer protection. As an industry this is a minimum service level to offer customers and maintaining it is important for ensuring that we continue to accept that responsibility. As we begin our transition out of the EU, our focus on enabling security best practice across the payments and banking sectors will continue much as if we had remained.