The revised Payment Services Directive (PSD2) will be implemented across the European Union (EU) member states in less than a year. This implementation should lead to new opportunities for start-ups and incumbents alike. Additionally, it will impact many other critical markets like the U.S. As such, it is important to understand exactly what it means.
The original version, the PSD, was established in 2007, and created a single market for payments in the European union, while establishing the Single Euro Payments Area (SEPA). SEPA establishes “a single set of tools and standards that make cross-border payments in Euro as easy as national payments.”
What Changes Were Introduced in PSD2?
One problem with PSD is that, since 2007, new FinTech players and new services have appeared, which do not fall under the scope of the original PSD legislation. As such, PSD2 should fill the gap that has appeared since PSD’s original introduction.
PSD2’s objectives are clear:
(1) make payments safer
(2) increase consumer protection
(3) foster innovation and competition
(4) ensure a level playing field for all players
In order to accomplish these objectives, PSD2 will use “XS2A” so that banks set up secure API’s (web applications) to access account services. This technological shift will allow third parties to make payments on the consumer’s’ behalf and provide them with an overview of their various payment accounts. Thus, removing the middleman.
Cybersecurity threats are a forefront concern when developing PSD2 regulations. Strong Customer Authentication (SCA) will be used to ensure high security, by ensuring that multiple sources of identification are required to validate identity (e.g. through passwords, IDs, key cards, biometric recognition, etc…).
Who Will Be Affected
PSD2’s implications will be felt globally, as any transaction where one party is based in the EU will be subject to these regulations. Credit institutions, payment institutions (defined in the original PSD), and the new class of 3rd party payment service providers (introduced in PSD2) will work together for the benefit of the Payment Service Directive users.
There are only a few steps left before PSD2 becomes official. The European Commission will publish the final Regulatory Technical Standards (RTS) on SCA and secure and common communications this summer of 2017, followed by the European Banking Authority (EBA) finalizing guidelines and other RTS to implement PSD2 throughout 2017. We should see the first effects in January, 2018 (the deadline to transpose PSD2 to other member states) in the winter of 2018. It’s time to get ready to a changing FinTech regulatory landscape.
Image courtesy of pixabay.com