CBPII Access Dashboard & Revocation
CEG Checklist Requirements 1
Access Dashboard ASPSPs must provide PSUs with Access Dashboard. The ASPSP Access Dashboard must display all Confirmation of Funds access authorisations provided to each CBPII. Thus, for each PSU account there must be a corresponding explicit consent entry for each CBPII that has been granted CoF access to the account by the PSU. The Access Dashboard must also describe for each authorisation: The status of the authorisation e.g. Active/Inactive. The ongoing nature of the access or when the CBPII access to the account will expire. The date the CoF access was granted by the PSU.
CX Considerations 2
CoF Access History For each CBPII having CoF access, ASPSPs should display the PSUs account details including account name, sort code, account number and expiration date and time. ASPSPs must also provide PSUs with the ability to request all the CoF access history (CoF requests and responses) under a specific CBPII. This must include the identity of the CBPII who made the request, and the response (Y/N) given. ASPSPs should provide this functionality via the Access Dashboard. Note: While OBIE recommends the use of the Access Dashboard for provision of CoF Access History to the PSU, it is in the domain of each ASPSP to consider alternative options to meet their regulatory requirements for the provision of the COF access history. The COF history could also include the following: The date the Confirmation of Funds request has been received by the ASPSP. The unique reference of the CoF request. The amount in relation on the CoF request. Please note that in case ASPSPs are unable to provide a response to a CoF request to the CBPII, a reason should be provided in the history entry for this CoF request.
CEG Checklist Requirements 3
ASPSPS must allow PSUs to revoke the CoF access for each CBPII to a specific PSU account. ASPSPs must advise PSUs that they should contact the associated CBPII to fully understand the potential implications of doing so.
CEG Checklist Requirements 4
Revocation Request ASPSPs must allow PSUs to confirm that they want to revoke CoF access of their account to a specific CBPII. ASPSPs should inform PSUs that once CoF access is revoked, the CBPII will no longer be able to check the availability of funds in their account. This may cause their CBPII transactions to be declined. ASPSPs must advise PSUs that they should contact the associated CBPII to inform them of the cancellation of CoF access to their account and/or fully understand the potential implications of doing so. ASPSPs must give equal prominence to the choices of continuing or cancelling the CBPII CoF access.
CX Considerations 5
ASPSPs should confirm to PSUs that CoF access to their account has been cancelled.