The European
Banking Authority has just reminded firms to get ready for the end of
cross-border activity between the EU and UK. Among other things, for Open Banking this means:
“account information service providers (AISPs) and payment initiation service providers (PISPs) registered/authorised in the UK will no longer be entitled to access customers’ payment accounts held at the EU payment service providers and their PSD2 eIDAS certificates under Article 34 of the Commission Delegated Regulation (EU) 2018/389 [the eIDAS Regulation] will be revoked.”
However, as
explained by the UK's Information Commissioner, a version of the eIDAS Regulation will take
effect in UK law after 1 January 2020 (by virtue of the snappily titled Electronic Identification and Trust Services for Electronic Transactions (Amendment etc.) (EU Exit) Regulations 2019/89).
This means UK law will continue to recognise EU
registered qualified trust service providers, with the intention that UK-based
organisations can continue to use EU-based trust services as well as UK-based
trust providers. The approved trust providers that appear in the eIDAS trusted
list for the UK immediately before the end of the transition period will remain on the list for the new UK scheme after transition ends. But the certificates issued under the UK scheme - or by EU service providers to UK-based firms - will not be recognised in the
EU (or EEA).
Of course, it's a practical/commercial issue as to whether EU-based trust service providers will continue
issuing certificates to UK firms after Brexit transtion ends…