The Digital Operational Resilience Act (DORA) creates an EU legal framework "on the operational resilience of digital systems of the financial sector". DORA combines existing regulations on security measures, reporting and verification of outsourcing, but expands and deepens them in selected places. Through DORA, third-party ICT providers become the object of supervision, just like banks and insurance companies. As a comprehensive set of rules for information security, DORA will have an impact in the three dimensions of organisation, regulation and IT in financial companies comparable to that of the GDPR in the protection of personal data.

In May, the EU Competition Commission found that access to Apple's NFC interface could have been unlawfully restricted. A compulsion to open the NFC interface could trigger far-reaching market movements in mobile finance. Unimpressed by this, Apple is launching its next finance product with an integrated BNPL solution and is entering the credit business - with its own licence and operational processing. Banks should not assume that the regulator alone will solve this challenge for them, but use the opportunity to reflect on their own positioning between cooperation and competition with xPays.

At the same time as the Banking Authority IT Requirements (BAIT), the German Federal Financial Supervisory Authority has also updated the Payment Services Authority IT Requirements for Payment and E-Money Institutions (ZAIT). The following blog post deals with the changes to the various requirements and analyses the differences between BAIT and ZAIT. It can be said at the outset that, in comparison, six chapters have remained the same in terms of content, five chapters have changed in part and the changes in the area of "outsourcing" have changed significantly. Furthermore, ZAIT introduces more fine-grained specifications, a framework with target formulations and the freedom of implementation with appropriate measures increasingly becomes a catalogue of measures.

Instant Payments (IP) are about to become a reality in Switzerland, and as such, will be quickly accepted and expected by customers as the new normal. Simultaneously, IP readiness will require comprehensive adaptations and adjustments in existing processes as well as IT landscapes of banks, thereby limiting the implementation effort from “a lot” to “a whole lot”. The need for Swiss banks to take action and decide on an implementation strategy for Instant Payments is imminent. Our payments experts Tatsiana Bychkouskaya, Tobias Krück, Fabian Meyer and Kenneth Chu Sam explain in their latest blogpost „Swiss Instant Payments – burden or opportunity for banks?“, how Swiss banks can leverage these complex adaptations as an opportunity to gain strategic edge.

The growth of e-commerce and non-cash POS payments has increased significantly, benefitting card organizations in particular.

RTP offers an opportunity to reorder the balance of power: embedded in an E2E payment instrument, it could offer advantages for end-customers, merchants and banks - especially in terms of costs and convenience.

In addition to the chicken-and-egg dilemma of adoption, there are further challenges that make players hesitant about product development.

These could be resolved in the short term, provided the measures proclaimed in the EU Retail Payment Strategy are implemented. Could this be the missing piece of the puzzle for SEPA-based retail payments?