Versions

 

OB-1.1.7

AISPs and PISPs must establish comprehensive procedures for monitoring, handling and following up on security and fraud incidents and related customer complaints including but not limited to the following:

a) organisational measures and tools for the prevention of such incidents;
b) details of the individual(s) and bodies responsible for assisting customers in cases of the incidents and technical issues and/or claim management;
c) reporting lines in cases of such incidents;
d) the contact point for customers, including a name and email address;
e) the procedures for the reporting of incidents, including the communication of these reports to internal or external bodies, including notification of major incidents to national competent authorities; and
f) the monitoring tools used and the follow-up measures and procedures in place to mitigate security and fraud risks.
Added: December 2018