Advice on the secure design and operation of regulated payment systems including:
- Supporting the Generation of critical operational documents to support the authorisation process (Information Security Policy, Business Continuity/Disaster Recovery Plans, Business Impact Analysis).
- Providing advice on the effective supervision of the delivery of Critical IT Services outsourced to external/intragroup outsourcers (Production Network Hosting, Security Engineering, Network Monitoring/Operations).
- Supporting the generation of compliance assessment/monitoring frameworks to assess the compliance of Agents/Distributors of regulated PSPs with applicable cybersecurity requirements.
- Providing advice on the design of customer authentication and transaction authorisation processes to align with applicable regulatory standards (e.g. CDR 2018/389)
- Advising Account Servicing Payment Service Providers (ASPSPs) on the development and implementation of payment account access interfaces that meet the Common and Secure Communication (CSC) criteria in CDR 2018/389.
- Assisting ASPSPs to apply/receive an Exemption from the Contingency Mechanism requirement detailed in Art. 33(6) of CDR 2018/389.