The financial industry in Europe is once again undergoing a major transformation. On June 28, 2023, the European Commission published a proposal for the new PSD3 (Payment Services Directive 3) and the accompanying PSR (Payment Services Regulation), marking the next phase in the evolution of payment services within the European Union. These new guidelines represent an upgrade to the existing PSD2 framework, introducing significant changes that will impact banks, fintech companies, payment service providers (PSPs), and consumers.
What exactly does PSD3 bring, and how will it shape the future of payments? If you are involved in finance, technology, or regulation, this is a topic you cannot afford to ignore.
Why Is PSD3 Coming?
Although PSD2 laid the foundation for open banking, enabling third parties to access banking data via APIs, practical implementation has revealed several shortcomings:
- API standards were not unified, making integrations difficult.
- Banks often imposed technical barriers to restrict data access.
- The need for stronger consumer protection emerged due to rising fraud and cyber threats.
- The roles and responsibilities of AISPs (Account Information Service Providers) and PISPs (Payment Initiation Service Providers) were not clearly defined.
PSD3 aims to address these shortcomings and further stimulate innovation in the digital payments sector.
Key Changes Brought by PSD3
PSD3 and PSR introduce five major changes that will significantly impact the entire industry.
Enhanced Security and Consumer Protection
One of the primary objectives of PSD3 is to reduce financial fraud and increase consumer trust. Strong Customer Authentication (SCA), introduced with PSD2, is becoming even more stringent. Expected changes include:
- More advanced authentication mechanisms (biometric verification, AI-powered detection of suspicious activities).
- Enhanced real-time transaction monitoring, especially for online and card payments.
- Faster processing of consumer complaints in cases of fraud, with stricter obligations for financial institutions.
Open Banking 2.0
PSD3 introduces a new, improved model of open banking, making it more accessible and standardized. Key developments include:
- Mandatory high-quality APIs that facilitate seamless data exchange between banks, financial institutions, and third parties.
- Greater consumer control over financial data, including the ability to quickly revoke access to applications using their information.
Strengthening Consumer Rights
The financial ecosystem is becoming more transparent. Consumers will benefit from:
- Better protection against fraud, with faster claim resolution processes.
- Clearer information on fees, reducing hidden costs in digital payments.
- Stronger oversight of banks and fintech companies, requiring them to ensure fair and transparent service conditions.
Regulation of Payment Initiation Service Providers (PISP) and Account Information Service Providers (AISP)
Currently, PISP and AISP operate within a legal framework that often leaves gray areas. PSD3 places them under stricter regulatory supervision, which:
- Increases consumer trust in third-party services.
- Defines clear responsibilities in cases of incorrect transactions or data misuse.
Combatting Financial Crime
PSD3 further tightens regulations in the fight against money laundering (AML) and terrorism financing, introducing:
Mandatory data-sharing on fraud cases between financial institutions.
Stricter user verification for account openings and payments.
Advanced AI-driven systems to detect suspicious transactions.
How to Prepare for PSD3?
Given these significant changes, financial institutions and payment service providers should start preparing now to ensure compliance with the new regulations.
Analyze Existing Systems
Assess how PSD3 changes will impact your business and identify necessary adjustments.
Improve Open Banking APIs
If you are already working with PSD2 APIs, ensure they comply with upcoming PSD3 requirements.
Strengthen Security Mechanisms
Implement enhanced authentication methods and fraud protection measures.
Prepare for New Reporting Obligations
PSD3 introduces more detailed reporting requirements—ensure your data structures are ready.
Stay Updated on Regulatory Changes and Collaborate with Experts
Engaging legal and technical consultants can significantly reduce the risk of non-compliance and potential penalties.
Conclusion
PSD3 represents a significant step forward in the regulation of payment services, aiming to enhance security, strengthen consumer protection, and drive innovation. While it introduces certain challenges, it also creates numerous opportunities for banks and fintech companies that adapt in time.
Are you ready for PSD3? If you need assistance in analyzing how this regulation will impact your business, feel free to contact us and find out how to best prepare.
