As the European Commission updates the Payment Services Directive (PSD2), 2018 is set to be a game-changing year for the financial industry. Opening the door to data – if you’re an EU citizen, have economic stakes in the game, or simply a finance-freak – here’s what you should know about it.
Since the update on the Payment Services Directive (PSD2) is based on an existing directive, let’s just quickly recap what the original key piece of payments legislation entailed:
- Make electronic payments within the European Union area as easy, efficient and secure as domestic payments within a member state
- Methods of electronic payment included credit transfer, direct debit and card payments
- This directive was the legal foundation for making possible the Single Euro Payments Area (SEPA) – a European-wide initiative to standardise the way we make and process electronic payments in Euro
- Protect users of payment services
However, these rules only apply if both the payer and the payee are in the European Economic Area (EEA) and the transaction is made in euro or another member state currency e.g. pound sterling.
As the original directive as published in late 2007, it’s due an update in order to keep up to date with consumer and business trends and requirements.
Which brings us to PSD2. Here are several key changes this update would entail.
Extending the scope of regulation
PSD2 wants to apply the regulation to all payments where at least one party is in the EEA.
This obviously gives the consumers better protection for their money, and means that international transfers of money in and out of the EU would be faster.
PSD2 also introduces new security requirements for electronic payments and account access as well as new security challenges which relate to AISPs and PISPs.
Entrance of new players into the market
To promote innovation and further increase competition, PSD2 is encouraging new players to enter the payments market by mandating banks to ‘open up the bank account’ to external parties which PSD2 dubs as Third Party Players (TPP).
TPPs will either be:
- Account Information Service Provider (AISP) – connecting to bank accounts and retrieving information from them, or…
- Payment Initiation Service Provider (PISP) – external parties which can initiate transactions.
The introduction of the latter is quite radical as currently, we only have (SEPA) Credit transfers and debit cards which are both offered by the account holder’s bank.
The introduction of TPPs have wide sweeping implications for consumers because new products and services can be developed under this category. Once PSD2 goes into full effect, the threat to banks by TPP’s may be loss of fees from card-based transactions and loss of customer ownership and insight of their data.
A possible AISP could be an investment recommendation service which monitors income and spending habits of a consumer and provides personalised advice based on those patterns. Meanwhile, PISPs could be anything from Apple, Facebook or Google. Think of it as an Uber or Airbnb-type disruption to the payments sector because a third party can now have consolidated access into bank account information.
Tip of the iceberg
To make this possible, banks are obligated to provide TTPs access to their customer’s accounts via open application programming interfaces (APIs). This requirement is fostering the transformation towards a more open financial sector, also known as open banking. PSD2 provides the tipping point for API technology to break through into the financial sector and enables innovative companies to connect to financial institutions directly… previously unheard of.
Today, if you purchase from Amazon, the merchant needs to enlist a TTP, which then contacts the customer’s card scheme to then pull the payment, debiting the customer’s bank account. Once PDS2 is in full effect, and you purchase again from Amazon, instead of entering your card details, you’re simply asked whether or not you want to give the retailer access to your bank account.
And in order to stay competitive, banks are moving their efforts beyond compliance and evolving into programmable platforms that can be extended with all kinds of apps, partnered with fintech companies, and providing a wider array of digital services.
As Laurens Hamerlinck, Focus Area Specialist for ABN AMRO, puts it:
PSD2 is also the tipping point for API technology to break through into the financial sector.
One such example is ABN AMRO’s Gradefix API.
The financial institution is looking beyond-PSD2 services, as it exposes the risk and analytics capabilities of ABN AMRO via an API. Customers can now use ABN AMRO risk models as-a-service to make an analysis of their own transaction data. In anticipation of 2018, when PSD2 comes into force, consumers can use Gradefix via the Account Information Services API. This is useful information for consumers and SMEs, and for anyone with whom they do business with.
Koen Advokaat, Head of Business Development at Gradefix, points out that:
Consumers and SME’s spend tons of time proving their financial status. Based on our extensive experience with risk models, we created a service that helps corporations serve their clients better as it can be used to analyse, select, onboard and monitor them.
In laymen’s terms, Gradefix’s vision is to simplify the process of gaining insight in and proving one’s financial status. Clients can then chose whether or not to share this information with third-parties.
Revisions for a reason
The revised directive is a direct response to the progress achieved in integrating retail payments within the EU. As such, the enhancements in consumer protection, promotion of innovation, and improvement of payment services security is in high demand.
The challenge though, will be how consumers respond to these new technologies and how newcomers will meet the expectations of both consumers and European regulatory bodies.