In the area of Interest Rate Risk in the Banking Book (IRRBB) newly introduced reporting schemes for significant institutions (and a few less significant institutions) will be added to the existing reporting.Read more
Q&A – Secure business payment procedures and protocols
Published: 28 August 2019
What does DNB expect from payment service providers that use dedicated secure business payment authentication procedures and protocols under the exemption from applying strong customer authentication?
Payment service providers can be exempted from applying strong customer authentication pursuant to Article 17 of Commission Delegated Regulation (EU) 2018/389 (RTS SCA CSC). The decision to opt for exemption is at the institution's discretion and subject to specific requirements. The security level of the authentication procedure or protocol the institution wishes to use instead must in any event be equivalent to the level described in Directive (EU) 2015/2366.
Institutions wishing to opt for exemption pursuant to Article 17 must first in advance submit the following information to DNB:
- A statement that the dedicated payment authentication procedure or protocol is only available to non-consumer payers
- A description of the relevant authentication procedure or protocol, including at least the following:
- A description of the authentication procedure for payers (including any multiple authentication procedures and the underlying process with compensatory measures)
- A risk analysis and security measures to prevent unauthorised payments, the level of which must be equivalent to the level described in Directive (EU) 2015/2366
- A step-by-step description of the actions required to make a payment, from the payer’s perspective
We will assess the effectiveness of the authentication procedure as part of our regular supervision of the institution.
To further support the assessment of the article 17 exemption, the institution is required to submit the attached form. This form serves to further specify the abovementioned bullet points. This form, including all supporting documentation and –information is to be submitted to the regular contact person (supervisor) of the institution at DNB.
Supervisory authority De Nederlandsche Bank (DNB) is submitting a new anti-money laundering approach to financial institutions and other stakeholders as part of a public consultation. In a policy document presented today [...]Read more
DNB publishes an approach to manage climate and environmental risk for Financial Market Infrastructures
The purpose of the good practices for Dutch Financial Market Infrastructures (FMIs) is to provide non-binding guidance on how an FMI can organise its processes and procedures to manage climate and environmental risks.Read more
On 31 May 2023, we announced an increase in the countercyclical capital buffer (CCyB) to 2%. Accordingly, banks with loans outstanding in the Netherlands must comply with this requirement by 31 May 2024. Since this announcement the risk environment has not changed substantially.Read more