incident reporting

  • CASP Digital Operational Resilience: ESMA’s Custody CSA

    On 8 July 2026 the European Securities and Markets Authority launched a Common Supervisory Action on crypto-asset service providers, aimed squarely at one activity: custody. The exercise assesses the maturity of CASP digital operational resilience frameworks for custody services, and national competent authorities will run it on a risk-based sample of authorised CASPs from the…

  • PSD2 Reporting Requirements for Payment Institutions: Complete Practitioner Guide

    Last updated: March 2026 Introduction PSD2 reporting is not optional – payment institutions face multiple overlapping reporting obligations including statistical, prudential, fraud, incident, and complaint reporting, each with distinct deadlines, data sources, and regulatory recipients. Payment Services Directive 2 (Directive (EU) 2015/2366) fundamentally reshaped how payment institutions, e-money institutions (EMIs), account information service providers (AISPs),…