How will PSD3 impact European Open Banking?

by | Jul 19, 2023

On June 28, 2023, the European Commission released the draft of the third Payments Service Directive (PSD3) along with the new Payment Service Regulations (PSR1). Since then, the digital banking industry is expecting to face exciting developments in payments and open banking in the upcoming years.

PSD3 draft is a new package of measures to address more effectively the latest challenges and requirements in the industry. It covers consumer protection, monitoring of non-bank payment service providers (PSPs), and open banking, among other aspects.

Let’s take a moment to make a quick overview of the existing regulations. 

 

2007

The European Commission establishes the first Payment Services Directive (PSD1), to lay the basis for a more interconnected payment system in Europe.
2010s

New cybersecurity risks and regulatory challenges arise, like payment fraud or the collection, storage, and transmission of personal and financial data in digital payment transactions.
2015

To address these concerns, the European Commission publishes PSD2.
2018

The European Commission updates PSD2 with the aim of continuing to increase the overall security of the payment landscape across the European Union.
Thus, PSD2 laid the basis for a regulatory framework, providing stability by covering the following aspects:

  • Better security measures for electronic payments thanks to a significant improvement of Strong Customer Authentication (SCA)
  • Harmonization of the regulations regarding payment services across the European Union, promoting interfaces standardization through APIs
  • Facilitate Open Banking by allowing the exchange of customer account information

There have been many positive points and progress since its application, especially regarding fraud prevention. Numbers speak for themselves:

Card payments using SCA-authentication show up a 70-80% lower level of fraud than those without1

PSD3: a more Secure and Accessible Open Banking

The latest package of proposals aim to take Open Banking services to new heights. Its main goals are to ensure a fair competition, promote innovation in the financial sector and put data security at the very center.

The overall proposal is based on six larger areas:

  • Fraud prevention
  • Consumer rights
  • Payment systems accessibility
  • Open banking enforcement
  • Cash availability
  • Regulation consistency

Some of the Most Impactful Measures (to be approved)

  • Extended access to “financial data” instead of just “payments account data”.
  • Banks will need to provide clear information to their customers of who can see and manage their data, as well as allowing them to easily authorize or revoke access.
  • Central banks will be able to provide data access, payment systems, and account services at banks for Payment Service Providers.
  • Strengthen transaction monitoring and combating payment fraud.
  • Strong Customer Authentication (SCA) optimization, in order to ensure user protection and experience. The implementation will be done through standardized APIs and the use of sophisticated authentication technology.

With these measures, Open Banking services across the European Union will become more accessible and secure for customers. But also for companies and third parties involved. And inevitably it will mean a significant transformation for payment systems as we know them.

→ Open Banking solutions like Strands product suite can facilitate the secure exchange of data and enable financial institutions to offer innovative and personalized financial services to their customers. To do so, we offer secure and standardized technical interfaces to banks and financial institutions.

When is PSD3 coming into Effect?

Good things come to those who wait.

The PSD3/PSR final file is not expected to be finished before the summer of 2024, which will probably suffer enhancements until Q1 2025, and enforcement until mid-2026. External circumstances, like the European elections, may affect this process, extending the resolution of the final regulation. And then, companies will have a considerable period of time to implement it.

The PSD3 implementation is expected to last between 3 and 5 years from now (2023) until its full completion.
What we know for sure is that most financial institutions will need to prepare for the anticipated regulatory changes. As PSD3 is set to receive approval, it’s time to start working on the definition and implementation of solutions that align with the objectives outlined in the draft.

PSD3: Final Thoughts

If you’ve read until here, you know that the implementation of PSD3 will mean a huge change to the landscape for all the European Union markets, providing high harmonization and security to the industry.

PSD3, as it happened with PSD1 and PSD2, will promote a healthy competition between banks and financial institutions. Which may also provoke an influence in other markets worldwide to achieve the same levels of quality, data security and fraud prevention.

As it is a complex ecosystem, a regulatory framework is essential to ensure that our data will be safe and that no one is going to operate fraudulently with it. At the end, it’s about how companies and financial institutions interact with data (and who owns this data), and try to prevent any damage to their customers.

Open finance solutions like Strands play a decisive role for banks and financial institutions. They assist in implementing innovative measures and data treatment into their platforms making sure they meet market regulations.

If you have concerns on how PSD3 will impact your institution processes, don’t hesitate to ask our financial experts whenever you need.

 

1 Report from the Commission on the review of Directive 2015/2366/EU of the European Parliament and of the Council on payment services in the internal market: https://finance.ec.europa.eu/system/files/2023-06/230628-report-payment-services-directive-review_en.pdf

Related Fintech Pulse