The introduction of the first Payment Services Directive (PSD1) played an instrumental role in shaping the landscape of digital payments within the European Union.
As we eagerly await the approval of the third payment services directive (PSD3) and the first payment services regulation (PSR) it is crucial to understand its goals and the reasons behind its development. Directives require implementation into national legislation, while regulations are immediately applicable and enforceable across the European Union without the need for national implementation.
PSD3 and PSR aim to further modernize digital payments within the European Union and to enhance the coherence of the directive implementation in the member states, building upon the foundation established by the first and the second payment services directives (PSD1 and PSD2).
In this article, we will explore the proposals for PSD3/PSR, shed light on the most important things we need to know, and delve into the potential challenges and opportunities it presents for fintech companies.
Understanding PSD3/PSR and its objectives.
The goal behind PSD1, introduced in 2007 and updated as PSD2 in 2015, was to establish a flexible legal framework for an integrated EU payments market, encouraging innovation and growth in the retail payment sector. Similarly, PSD3/PSR aims to provide a regulatory framework that nurtures innovation while addressing the evolving market dynamics.
PSD3/PSR, is set to further modernize digital payments within the European Union, expanding upon the scope of PSD2.
PSD3/PSR unveiled: The key aspects.
The rules regarding Strong Customer Authentication (SCA) have been applied since September 2019, to enhance the security of payment transactions. The introduction of SCA had a positive impact in terms of fraud prevention.
Like its predecessor, PSD3/PSR aims to strengthen user protection and confidence in payments, making digital transactions more accessible and secure for the payer.
PSD3/PSR will introduce improvements to the application of SCA, extension of IBAN verification to all credit transfers and other measures to ensure better education on fraud.
PSD3/PSR will facilitate data sharing promoting open banking and third-party access. This will enable seamless transactions and foster innovation in payment services.
Data protection and privacy concerns will be addressed in PSD3/PSR, aligning with the General Data Protection Regulation (GDPR) and enforcing stringent measures to safeguard consumer information.
The European Commission’s Retail Payments Strategy, which includes the introduction of the first payment services regulation (PSR1), plays a significant role in the development of cost-effective instant payments and EU-wide payment solutions that enhance customer journeys. PSR1 replaces a substantial part of PSD2, providing direct applicability across all member states. It aims to clarify previously unclear or ambiguous aspects of PSD2 and further strengthens the retail payments strategy. The strategy’s objectives encompass promoting cross-border European payment solutions, fostering a competitive and innovative payments market, enhancing payment infrastructure for better security, and supporting the international role of the euro
PSD3/PSR will, together with the proposed regulation regarding Instant payments, increase the innovation for cross-border payments. Furthermore, the updated directive could ensure that the legal framework encompasses all significant market players in the payments ecosystem, including technology companies.
PSD3 consultations prioritize protection against payment fraud and aim to ensure top-level consumer protection, including instant payments. The directive supports the strategy’s objective of broad adoption of the highest security standards.
PSD3/PSR aims to overcome the fragmented approaches adopted by different EU member states by creating a unified regulatory framework. The new regulations will support the Retail Payment Strategy’s goal of facilitating cheaper international payments, adopting global messaging standards, and fostering connections between payment systems in various jurisdictions.
Impact on fintech companies: Challenges and opportunities.
- New opportunities for innovation: PSD3/PSR is expected to drive further innovation in payments, lending, insurance, and other financial service areas. PSD3/PSR presents a significant opportunity for fintechs by addressing the uneven competition between banks and non-bank Payment Service Providers (PSPs), a recognized issue within PSD2. A key objective of PSR is to enhance access, whether direct or indirect, to payment systems and bank accounts for non-bank PSPs. This aims to level the playing field and create a more inclusive and competitive landscape for fintech companies. They can leverage the benefits of account-to-account payments that, according to Fintech Futures, can be up to 90% cheaper than other payment methods. A2A transactions also offer the benefit of real-time processing, allowing for instant payments and reducing the risk of credit loss and fraud.
- API Standardization: PSD3/PSR aims to introduce API standardization, creating a unified market and promoting seamless integration among various stakeholders. This standardization will facilitate interoperability and enhance the quality of services. Significant changes under PSR include the mandatory provision of a dedicated interface for open banking data access, except in exceptional cases. Additionally, the requirement for account servicing PSPs to maintain a permanent ‘fallback’ interface is removed, except in authorized exceptional circumstances. The introduction of additional requirements for dedicated interfaces covers performance and functionalities. To enhance user convenience, Account Serving Payment Service Providers (ASPSPs) must provide an open banking “dashboard” allowing users to easily manage their permissions and withdraw data access from specific open banking providers. Zimpler uses open banking APIs to streamline the payment process by accessing customers’ account information and initiating payments directly from their bank accounts. This makes standardized APIs accessible for increased efficiency.
- Regulatory compliance and licensing: Fintech companies will need to ensure compliance with the updated regulations outlined in PSD3/PSR. The directive will review the licensing process for payment institutions and third-party payment providers, ensuring appropriate entry, operation, and oversight standards.
- Data sharing and security: PSD3/PSR will address data access challenges faced by open banking providers and emphasize stringent data protection measures. Fintech companies can benefit from secure data-sharing arrangements while prioritizing consumer trust and privacy.
- Increased competition and market diversification: PSD3/PSR aims to level the playing field for non-bank payment suppliers, fostering healthy competition within the financial services market. Fintech companies will be able to expand their market share and provide innovative solutions to consumers.
The forthcoming PSD3/PSR represents a significant step forward in regulating digital payments and banking services in the European Union.
By addressing key challenges and embracing emerging opportunities, PSD3/PSR aims to enhance customer protection, facilitate cross-border payments, and promote innovation in the fintech sector.
As fintech companies navigate the evolving regulatory landscape, they must prepare for the potential impact of PSD3/PSR by prioritizing regulatory compliance, leveraging standardized APIs, and embracing data protection measures. Using a payment solution, like Zimpler, could realize these benefits faster.
With PSD3/PSR’s emphasis on secure and seamless transactions, the future of digital payments in Europe holds promising prospects for businesses and consumers.
The information contained in this post is intended for informational purposes only, and should not be relied upon for professional advice of any kind. Zimpler does not make any representation or warranty as to the completeness or accuracy of the information, and assumes no liability or responsibility that may result from reliance on such information.