• Alex Reddish, Managing Director at Tribe Payments


• 19.04.2024 12:45 pm
#banking #payments

Banks, non-banks, and fintechs have roughly one year to prepare for the forthcoming Payment Services Directive (PSD3), Payment Services Regulation (PSR), and the Financial Data Access framework. (FIDA). These regulatory developments will fundamentally reshape the way these players work operate on a pan-European level, while aiming to level the playing field between banks and non-banks, in particular by giving non-bank payment service providers access to all EU payment systems.

The European Commission (EC) has revised the existing PSD2 directive and split it into two parts – a new PSD3 and a new PSR, along with a legislative proposal for a framework for Financial Data Access. The EC’s intention for PSD3 is to be much broader in scope than its predecessor, taking into account new challenges in fraud, digital payment transformation, access to payment systems, and baselines for things like Open Banking.  

Under the new PSR, Payment Initiation Service Providers (PISPs) and Account Information Service Providers (AISPs) will be allowed to build custom API interfaces that can connect directly to banks and other payment providers. But banks and payment entities will also have to disclose quarterly statistics on their API performance and availability. This is bound to spur competition in the market, galvanise better API build quality to interface with banks, and direct businesses towards the better-performing providers.

PSD2 mandated the implementation of Strong Customer Authentication (SCA) for certain transactions to reduce fraud, requiring users to provide two or more different authentication factors. PSD3 will allow consumers to use two factors from the same category, for example two passwords or two tokens. What’s more, some merchant-initiated transactions (MIT) will be exempted under PSD3, such as subscriptions. Only the first transaction requires SCA with recurring transactions exempted. Likewise, card-based mail-order and telephone transactions (MOTO) will also be exempted from SCA. 

FIDA proposes to give financial information service providers (FISPs) the right to access real-time customer data arising from nearly all financial services data, including current and savings account, credit cards, mortgages, loans, and pension accounts. By leveraging real-time transaction data from a wider range of consumer account products, fintechs and banks can produce a moving, high-definition panoramic view of an individual’s true financial circumstances – and hyper-personalise products and services to grab more market share. 

PSD3, PSR and FIDA don’t have a clear implementation deadline yet – much could hinge on the results of the forthcoming European Parliament elections, set to take place in June 2024, which could slow the passage of any pending legislation beyond 2025. Regardless, it’s vital that new regulatory frameworks don’t squeeze the ability of ecosystem players to innovate and compete, and inadvertently reduce payment choice and convenience for consumers. 

Banks, non-banks, and fintechs ensure their technology platforms and processes can adapt to the changes required. Investing in anti-fraud measures, risk monitoring, and a tech platform that can bend and flex in response to changing regulations will offer numerous opportunities for innovation, collaboration and unbeatable competitive advantages.