4.1.   Australia (Dima/Joseph)

n/a

4.2.   Berlin Group (Francis)

• A letter received from Bruno @ BG.
• IPR checks with OIDF Counsel needed.
• Probably a good idea to invite them to Sept. 13 Workshop in Munich prior to EIC.
• https://www.kuppingercole.com/events/eic2021
• https://www.kuppingercole.com/sessions/4592

4.3.   Brazil ()

• Chris M.: 9 profiles. Banks are picking and choosing a few of them. It will be not good for RPs.
• Clarification for the fee structure would be good.
• One fee for 9 profiles but how much weeks are allowed between profiles?
  • Joseph to investigate improvements to fees page
• PAR is recommended. (Four PAR profiles...)
  • Private Key +PAR
  • MTLS + PAR
  • Private Key + PAR +JARM
  • MTLS + PAR + JARM
• Not sure how many banks will support JARM. It’s optional in Brazil and FAPI specs
• Might lead to confusion and fragmentation

Brazil Phase 2 deadline has been extended to August 13, 2021. We still have 16 certifications to process as part of Phase 2 and expect those no later than Friday, August 6, 2021.

The phase 3 deadline has been confirmed for August 31, 2021. Phase 3 banks are required to have certification requests to the Foundation no later than Monday, August 16, 2021. We are starting to receive inquiries from Phase 3 banks. We are in the process of confirming the banks and number of certifications with the Mirow team for Phase 3.

The central bank and the Security Working Group as still considering requiring RP certifications in BR. There is strong support thus far. These certifications would not be required until later this year. CIBA is going to be required but not until Q4 2021. The exact milestones are being confirmed

• Phase two is delayed until 13th August.
• Phase three is at the end of August for 400 banks.
• RP certifications is hard.
  • Not as mature as OP testing.
  • But is recommended as it leads to less interoperability problems.
  • Need to make lessen barriers to certification.
  • Client implementation is the main difficulty.
  • Also concerned about CIBA.
• Workshop for TPPs may be needed. They are very concerned.
• Summary of RP implementation experience may be helpful.
• Certification is for a deployment, not just software.
• Awaiting confirmation for RP certification requirement before finalizing plans for RP workshop for TPPs
• Unless it’s mandated, justification for building RP tests may be lacking
• If it’s difficult, central bank may lower mandatory standards

4.4.   FDX (Don)

• Expected to adopt FAPI in the next Summit.

4.5.   MENA (Ali)

• Did a panel last week - Educate key players in the region.
• Having meeting with Mr Jeffery at DIFC to put together a program at the DIFC academy for education banks and institutions regarding standards .
• Saudis put together a fund to advance international eKYC standards

4.6.   UK (Ralph/Chris)

4.7.   Russia (Don/Dima)

• Russia: Russian Federation: Open API standards https://openbankingrussia.ru/open-api-standards/
• Live ecosystem with FAPI 1.0 I-D2.
• Some certification programme.

4.8.   Ukraina (Francis)

• The Ukrainian centralbank is looking for support to educate and introduce open banking in the Ukraine.
• Need speakers for the opennbanking conference taking palce in september 2021.

4.9.   GOFTS WG (Nat)

• Had the 3rd Meeting.
• FAPI 2.0 Attacker Model mentioned. A potential expansion of the scope was pointed out, e.g., risk metrics regarding the spoofed IP Address.