The European Banking Authority (EBA) launched a consultation on its Draft Guidelines on security measures for operational and security risks under the revised Payment Services Directive (PSD2). Under PSD2 payment service providers (PSPs) have to set up a framework with suitable mitigation measures and control mechanisms to manage operational and security risks resulting from the payment services they provide. In its Draft Guidelines, EBA specifies the details of these requirements.