PSD3 regulation has not been officially introduced or implemented yet, but it is expected to build upon the existing PSD2 regulations . PSD2 already requires financial firms to provide access to their customer's accounts through open banking and enhance security through strong customer authentication (SCA) . If PSD3 were to be introduced, it might further impact financial firms by potentially enforcing more stringent data protection and privacy measures, enhancing consumer rights, and fostering innovation in the payments industry . Additionally, it could impose stricter standards for account access and third-party providers (TPPs) in the European Union . As of now, it is crucial for financial firms to stay updated on any regulatory changes to be prepared for future requirements and adaptations.
Payment Services Directives: the evolution
The European Commission (EC) is presently crafting the 3rd Payment Services Directive (PSD3), a key piece of legislation aimed at governing the operations of electronic payments and the banking environment across the European Economic Area (EEA). Taking a leaf out of the book of its predecessor, PSD3 is expected to fortify the stipulations related to Strong Customer Authentication (SCA) and open banking norms. The ultimate objective of PSD3 is to streamline digital transactions for consumers, providing them with a secure environment to engage with banks and merchants. Interestingly, the jurisdiction of PSD3 is limited to electronic transactions, which includes payments and online/mobile banking, excluding cash payments or bank checks.
From PSD2 to PSD3
The shift from PSD2 to PSD3 is a part of the European Commission's strategy to regularly review and enhance retail payment strategies. This consistent revision helps the legislation stay abreast of the evolving consumer needs, technological advancements, and the digital landscape. The journey from PSD1 to PSD2, and now to PSD3, demonstrates a continuous effort to improve the regulations governing digital payments in the European Union's single market. PSD3 is expected to follow a similar trajectory, potentially extending its reach compared to its predecessor, PSD2. Throughout the consultation process for PSD3, a myriad of questions surfaced that may hint at potential updates or revisions. These queries address a wide range of topics, from current open banking requirements and SCA methods, to changes in contactless payment limits and disclosure of currency conversion costs.
The consultation process for PSD3 comprised three separate initiatives: a public consultation, a targeted discussion on PSD2's technical aspects, and a focused discourse on open finance. These consultations will inform the creation of PSD3, anticipated to be released in early to mid-2023.
Companies and financial institutions dealing with electronic payments will be mandated to align with PSD3 once it becomes law. However, the timeline for this is still uncertain. Penalties for non-compliance may echo those of PSD2, including fines and potential license revocation.
The enforcement of these penalties would fall under the jurisdiction of the competent authority in the home Member State of the company in question. Additionally, PSD3 is poised to amplify the efforts against fraud in financial transactions by introducing measures to safeguard consumers and organizations at various levels, thereby strengthening national and regional economies. As PSD3 evolves, companies will be notifying their partners about crucial developments, equipping them to adapt effectively to the changes.
Grand Answer: Your AI Partner
Designed to support compliance officers, legal counsels, and other professionals responsible for adhering to regulatory standards, Grand Answer aims to facilitate an efficient and straightforward compliance process.
Grand is live 🎈, check out our GPT4 powered GRC Platform