Retail supports FCA's phased SCA implementation plan

The Financial Conduct Authority (FCA) has announced an 18-month phased implementation plan for Strong Customer Authentication (SCA) rather than enforcing the 14 September deadline – and the retail industry has welcomed the move.

Responding to Tuesday’s decision by the FCA to give the eCommerce industry of card issuers, payments firms and online retailers more time to adopt the new regulations, the British Retail Consortium (BRC) said it avoids a “payments cliff-edge”.

The European Banking Authority recently stated that more time was needed to implement SCA given the complexity of the requirements, a lack of preparedness and the potential for a significant impact on consumers. The retail and payments sectors have also been calling for additional time to prepare.

Andrew Cregan, payments policy advisor at the BRC, said: “The decision by the FCA avoids a payments cliff-edge, whereby 25-30% of eCommerce transactions made online after 14 September would have been at risk of failing as a result of the new laws.

“The 18-month, phased implementation of SCA should allow retailers and banks time to put in place the necessary technical fixes required, and minimise any disruption in online transactions.”

He added: “The BRC supports the implementation of SCA, which will strengthen the protections that customers have in their digital purchases. We are working closely with our members on this issue, however it is vital that the FCA keeps up the pressure on banks and payment service providers to deliver solutions in a time to avoid another cliff-edge in 18 months for retailers and other businesses on the front line.”

SCA is a European Union-driven regulation that impacts the way banks or payment services providers verify their customers identity and validate specific payment instructions. They are intended to limit fraud during the authentication process.

Jonathan Davidson, executive director for retail supervisions and authorisations at the FCA, remarked: “The FCA has been working with the industry to put in place stronger means of ensuring that anyone seeking to make payments is not a fraudster. 

“While these measures will reduce fraud, we want to make sure that they won’t cause material disruption to consumers themselves; so we have agreed a phased plan for their timely introduction.”

At the end of the 18-month period, beginning 14 September, the FCA expects all firms to have made the necessary changes and undertaken the required testing to apply SCA.

Jason Tooley, chief revenue officer at authentication solutions provider Veridium, said it was “disappointing to see such resistance from the financial services sector towards integrating SCA into its services”, adding it showed “an unwillingness to participate”.

“There are technologies in the market which have the potential to alleviate the challenges posed by the regulation,” he added.

“True multi-factor authentication solutions can facilitate financial services institutions enhancing consumer confidence and creating a secure experience whilst ensuring the customer has a frictionless user journey.”

Tooley continued: “Basing the digital authentication process on combining the customer’s own technology with an open biometric approach and true step-up intelligence, will allow financial institutions to meet the regulatory requirements sooner rather than later.”

What’s Hot on Essential Retail?