*** is progressing with its Electronic Money Institution (EMI) licence with the Central Bank of YYYY.
Below is a query received from the Institution:
13.1(h) A detailed risk assessment in relation to its payment services, including fraud:
a. Please provide verification of the progress of the gap analysis the firm is undertaking against ISO 27001.
Would you be able to advise if we conduct a risk assessment specifically of payment services to ID the gaps this may suffice for the Institution? Or is there another process we could do?