Anyone selling or buying in the European Union (EU) or the European Economic Area (EEA), needs to be aware of a revision to the Payment Services Directive, which is coming into force on 14 September 2019. This revised Directive is intended to increase protection against online fraud for anyone buying or selling goods and services within the EU or EEA.
The Payment Services Directive is an EU Directive, administered by the European Commission to regulate payment services and payment service providers throughout the European Union and European Economic Area. The Directive's purpose was, and still is, to increase pan-European competition and participation in the payments industry also from non-banks, and to provide a level playing field by harmonizing consumer protection and the rights and obligations for payment providers and users.
Firms affected by PSD2
PSD2 is relevant both for firms which are already authorised or registered and firms that will have to seek authorisation or registration or notify the FCA of certain information as a result of the changes. This includes all existing payment service providers (PSPs), including banks, building societies, credit card providers, money remitters and e-money issuers.
Why is PSD2 important?
PSD2 is an important step towards a Digital Single Market in Europe, which aims to make the EU’s single market fit for the digital age. The new measures will also ensure that all PSPs active in the EU are subject to supervision and appropriate rules. There will be wide-reaching implications for a range of parties including banks, other PSPs, FinTechs and customers.
What changes does PSD2 make?
PSD2 will set out a common legal framework for businesses and consumers when making and receiving payments within the European Economic Area (EEA) – which comprises the 28 European Union Member States plus Norway, Iceland and Liechtenstein – and outside the EEA.
The PSD2 text makes it clear that customers have a right to use what are termed Payment Initiation Service Providers (PISPs) and Account Information Service Providers (AISPs) where the payment account is accessible online and where they have given their explicit consent. These changes reflect the market growth in e-commerce activities and use of internet and mobile payments as well as the rise of new technological developments and a trend towards customers having relationships with multiple account providers. This will make internet and mobile payments easier and help customers to manage their accounts and make better comparisons of deals.
What are the timelines?
PSD2 must be transposed into national law by Member States by 13 January 2018, which means that most of the legal provisions will apply from that date. The 14 September 2019 is the date on which the legislation becomes effective in the UK.
However, PSD2 empowers the European Banking Authority (EBA) to develop several guidelines and technical standards, including a mandate (under Article 98) to deliver regulatory technical standards (RTS) on strong customer authentication and secure communication, implementation of which will run to a different timetable.
Where is UK Finance involved?
PSD2 is a major piece of legislation for the UK and it is important that it is considered alongside all the other regulatory and strategic initiatives in play. Many of the requirements and changes in the evolving landscape interrelate. The result needs to be an efficient, competitive and safe payments market for customers and PSPs alike. UK Finance is well placed to support the industry as it embarks on the implementation of PSD2.
Background to Open Banking
In August 2016, the Competition and Markets Authority (CMA) published the final report for its retail banking Market Investigation. The CMA has set out a package of remedies aimed at increasing innovation and improving competition.
This included a requirement for the nine largest current account providers to make available to authorised third parties:
•Standardised product and reference data (by 31 March 2017);
•With customer consent, secure access to specific current accounts in order to read the transaction data and initiate payments (by January 2018).
This information will be shared through an open Application Programming Interface (API) framework which will prioritise customer protection. The Open Banking Implementation Entity will develop API Standards allowing two different pieces of software from different financial institutions to interact and exchange data.
What is Open Banking?
The introduction of ‘open banking’ in the UK will transform banking as we know it. Customers will have the option to share information about how they operate their bank account with organisations that will work to deliver an enhanced banking experience. For example, by offering comparison and switching services to help customers identify the best financial products for them.