Hold on to your payment pants! PSD3 and PSR are on the way!
The European Commission has proposed new legislation aimed at modernising the payments and financial sector in the digital age. The package, which was announced on 28 June 2023, includes proposals to revise the Payment Services Directive. In a nutshell, PSD2 is evolving into PSD3 and PSR (Payment Services Regulation). Considering electronic payments in the EU reached a value of 240 trillion EUR in 2021, this is a big deal!
Why PSD3 and PSR?
The evolution from PSD2 was always going to happen. The pace of change in digital finance means the objectives set out in 2015’s PSD2 were always going to become outdated with the need for review.
The main objectives of PSD3 and PSR are to combat payment fraud, improve consumer rights, level the playing field between banks and non-banks (ie, increase competition), enhance open banking, and strengthen harmonisation and enforcement.
Additionally, a legislative proposal for a framework for Financial Data Access seeks to establish clear rights and obligations for managing customer data sharing in the financial sector. This would provide customers with control over their data and enable them to receive innovative and personalised financial products and services.
These proposals aim to improve consumer protection, competition, and trust while adapting the EU’s financial sector to the ongoing digital transformation.
PSD3 consultation process and main conclusions
PSD3 emerges out of a consultation period on the progress and developing issues around PSD2. The consultations lasted from May to August 2022, and included EU individuals, businesses, business associations, and public authorities to ensure a well-rounded basis for change.
This process led to an impact assessment that highlighted several main flaws of PSD2:
- consumers continue to be at risk of fraud and lack confidence in payment systems
- open banking is not operating perfectly
- EU Member States’ supervisors have powers and obligations that are inconsistent
- banks and non-bank PSPs continue to operate on an uneven playing field.
And, in turn, the new directive proposes logical responses to these issues:
- decrease the chance of fraud and increase consumer confidence in payment systems
- improve how open banking works
- create a regulation that enhance enforcement mechanisms and make them consistent
- level out the playing field for non-bank PSPs.
What are some main takeaways from the proposal?
Not only will PSD3 come into play, the proposal also includes PSR, an EU-wide regulation that would give more teeth and consistency to some of the bold ideas from PSD2 that didn’t quite stick the landing via the 2015 directive.
Reminder: for those not completely familiar with how the EU operates:
- a directive includes objectives for which each member country must create their own laws, leading to a patchwork of approaches to fulfil the directive’s main aims
- a regulation is a pan-EU law that immediately goes into effect and affects each member country the same way.
PSD3 mainly focuses on the supervision of payment institutions and licensing, bringing together e-money and payment services regimes, and safeguarding. Meanwhile, PSR focuses on, amongst other areas, fraud prevention and Open Banking.
Let’s explore some of the main potential outcomes of PSD3 and PSR.
Harmonising and enforcing
The new regulation would cover most payment rules. This is a big change – putting the payment rules into PSR would give them immediate and direct effect upon passage. Removing this from the directive leads to a harmonised approach rather than as many approaches and timelines as countries. The proposal also sets out to strengthen penalties and implementation.
Consumer rights at the forefront
Consumer rights will be increased. The goal is to improve transparency for account statements and ATM charges, and fortified rights with temporary fund blocks. These advances should enhance trust, loyalty, and customer satisfaction. Refund rights are also extended.
Payments fraud prevention
Not so fast, wise guys! A secure haven for transactions should emerge. The cunning spectre of payment fraud will be challenged more rigorously – and consistently! By pooling fraud intel among financial institutions, the proposal better equips players to thwart the craftiest deceptions. This will bolster the trust that customers want, need and deserve from payments services. Some examples include extended refund rights for fraud victims, stronger customer authentication, aligning and checking IBAN numbers.
Open banking, take two
Open banking undergoes refinement in PSD3. PSD2 was a huge step toward levelling the playing field between traditional banking and new financial services. Customers are placed first and foremost: their control over payment data will strengthen. The renewal period for consent will be extended to 180 days from the previous 90 – this should add some stability for companies venturing into open banking.
The great equaliser
The playing field levels (again, in theory)! When you don’t quite get it right the first time, you try again. ‘Levelling the playing field’ is one of those buzzwords in this space and it was a main goal of PSD2. But, more work needs to be done. The proposal opens the gates for non-bank Payment Service Providers to offer innovative services. It will be fascinating to see how PSPs innovate as they digest and create in the context of PSD3.
Increased access to data
Diverse types of financial data become accessible to regulated entities and the newly-born Financial Information Service Providers (FISP). The idea here is to expand on the concept behind Open Banking. This means open and shared data-driven finance for all in-scope financial services.
Financial information data access (FIDA) would include info around mortgages, savings, investments, pension schemes, non-life insurance, and some data around a company’s creditworthiness assessment. Data holders (financial institutions) will be obliged to share with data users (other financial institutions and FinTechs). Customers will have the possibility without obligation to securely share their data with data users to gain access to new products and services.
When will PSD3 and PSR take effect?
Patience, friends and colleagues! None of this will happen overnight. The usual EU processes will kick in – so review by the European Parliament and Council. Subsequently, member states will likely have 18 months to review, which is common. So, the fastest track might be late 2025, and more realistically PSD3 and PSR will come into effect in 2026.
Find out more about the Payment Services Directive
Here are some links you might find useful and informative – straight from the horse’s mouth:
- the European Commission’s press release
- the EC’s full proposal for the new directive
- The EU’s payment services information page, including PSD2 and PSD
- the EC’s retail payments strategy
PSD3, PSR and Terms.Tech
Terms.Tech will continue to monitor PSD3 and PSR developments. We’re itching to see how the new directive and regulation take shape. And, how they will enhance our ability to deliver B2B payments solutions that help our customers grow their businesses.
Meanwhile, Terms.Tech offers up-to-date, customisable B2B payments solutions across all the EEA and Switzerland – in line with PSD2, of course! These include delayed payment terms (Buy Now, Pay Later), bank transfers, and card payments. Get in touch with our experts to see how Terms.Tech can work for your business.