General Question on the Berlin Group NextGenPSD2 XS2A Framework.

Is there an APSPS Directory of the productive systems or is it planned to be provided such a directory on this portal?

No, NISP won’t provide an ASPSP Directory of the ASPSPs’ productive systems.

What Root Certificates are used and accepted by ASPSPs?

The Root Certificates NISP provides on their website are supported by the participating banks, i.e. NISP members confirmed to support the published certificates no later than 5 days after the publication on the NISP portal.

In case of errors in the testing procedure, who’s responsibility is it to fix it?

In case of an error, the TPP should contact the ASPSP and report the issue.

It is in the common responsibility of the TPP and the ASPSP to fix it and should be solved bilaterally. However, in case of escalation, the National Competent Authority can be informed.

How to deal with ASPSPs abroad? Is there any difference in how to treat national and foreign ASPSPs?

All ASPSP are treated equally by the PSD2. However, there exist some country-specific requirements in the specification of PSD2-services. TPPs need a ‘passporting’ registration for the right to act as a TPP in the respective role and country.

How to deal with ASPSPs claiming to use the XS2A interface but in fact do not?

An ASPSP is free to use a proprietary interface. He is obligated to provide the corresponding information and documents to TPPs. This includes in particular a specification of the implemented interface and a testing facility. In case of reasonable doubts that the used interfaces is compliant to the XS2A specification, a TPP can contact the National Competent Authority.

How to handle ASPSPs using different interfaces, e.g. different versions of the XS2A interface?

It is the TPP’s responsibility to provide a functionality that is able to handle various versions of the XS2A interface or any other interface used by ASPSPs. ASPSPs are obligated to provide the required information on their interface.