OB-1.1.7
AISPs and PISPs must establish comprehensive procedures for monitoring, handling and following up on security and fraud incidents and related
a) organisational measures and tools for the prevention of such incidents;
b) details of the individual(s) and bodies responsible for assisting customers in cases of the incidents and technical issues and/or claim management;
c) reporting lines in cases of such incidents;
d) the contact point for customers , including a name and email address;
e) the procedures for the reporting of incidents, including the communication of these reports to internal or external bodies, including notification of major incidents to national competent authorities; and
f) the monitoring tools used and the follow-up measures and procedures in place to mitigate security and fraud risks.
Added: December 2018