PSR & PSD3: Safeguarding & Authentication
On 7 May 2024, the ECB published its opinion on proposed EU regulations for payment services, welcoming them while addressing areas like fraud monitoring, strong authentication, and access to payment systems.
The European Central Bank's input on the proposed Regulation and Directive addressing payment services, which sought to replace Directives 2015/2366/EU and 2009/110/EC, was made public by the Council of the European Union on May 7, 2024. The European Central Bank (ECB) has indicated its general acceptance of the proposed legislative measures and provided insights on a number of topics, such as robust client authentication, open banking, fraud monitoring, fund safeguarding, access to payment systems, and regulatory requirements. A technical working document pertaining to the ECB opinion was also made accessible.
Source
[1]
[2]
ECB Opinion on PSR & PSD3: Introduction and Legal Basis
The European Parliament and the Council have requested views from the European Central Bank (ECB) about draft regulations pertaining to payment services in the internal market. Among the recommendations were a regulation and a directive that sought to modify the current rules and guidelines pertaining to electronic money and payment services. Specific articles of the Treaty on the Functioning of the European Union, which cover areas within the ECB's purview such as monetary policy, promotion of seamless payment system operations, contribution to financial market stability, prudential supervision of credit institutions, and authorization of the issuance of euro banknotes, serve as the foundation for the ECB's authority to provide an opinion. This view was adopted by the ECB Governing Council in compliance with its procedural rules.
Assessment of Proposed Payment Services Regulations
The draft acts intended to regulate payment services in the European Union have been thoroughly evaluated by the European Central Bank (ECB). These ideas aim to safeguard consumers, encourage competition, and streamline regulatory frameworks while strengthening the market for payment services throughout the Union. The potential advantages that these policies may provide for consumers and market players are underscored by the ECB's findings, especially considering how the retail payments industry is changing:
- The European Central Bank (ECB) is in favor of the proposed acts because they will help create a payment services market throughout the Union, which will improve consumer access and internal market competition. Given the quick development of retail payment systems, these rules are thought to be essential for allowing consumers and market players to fully benefit from the internal market.
- The goals of the proposed acts are commendable as they aim to fortify user rights, counteract fraudulent activities, bolster the competitiveness of open banking services, boost enforcement and implementation throughout Member States, and broaden the reach of payment systems for non-bank payment service providers (PSPs). Furthermore, administrative simplification is expected since the proposed acts combine rules governing e-money and payment institutions, which were formerly under different laws.
- The European Central Bank (ECB) has expressed strong support for a number of specific objectives of the proposed acts, such as expanding the use of strong customer authentication, increasing the requirements for credit transfers' verification, requiring account servicing PSPs (ASPSPs) to set up dedicated data access interfaces, and harmonizing and enforcing Directive 2015/2366/EU (PSD2) through a directly applicable regulation. Moreover, there is support for the integration of licensing requirements for electronic money and payment organizations.
- It is emphasized that some of the features in the proposed regulation are in line with the recently approved Regulation (EU) 2024/886, which changes regulation 98/26/EC (Settlement Finality Directive). Interestingly, Regulation (EU) 2024/886, which reflects a similar integrative approach to the proposed laws, extends the categories of participants in systems under the Settlement Finality Directive to include payment institutions and electronic money institutions.
Payment System Oversight and Fund Safeguarding
This directive explores the duties that the European Central Bank (ECB) has with regard to the supervision of payment systems and the protection of funds in the European Union. It begins by summarising the European Central Bank's (ECB) mandate, which is closely related to its monetary policy responsibilities and is outlined in the Treaty on the Functioning of the European Union, the Statute of the European System of Central Banks, and the European Central Bank. This goal is to facilitate the seamless operation of payment systems. In order to guarantee effective and reliable clearing and payment systems both inside and outside of the Union, the European Central Bank (ECB) and National Central Banks (NCBs) are empowered to provide facilities and regulations.
Furthermore, Regulation (EU) No 795/2014, which covers both large-value and retail payment systems, enables the ECB to carry out its supervisory mission. It does this by putting financial market infrastructure concepts into practice. Based on a framework for retail payment systems, it is responsible for managing both non-systemic and systemic payment systems. Furthermore, as a crucial component of payment systems, payment instruments are included by the Eurosystem's oversight policy, demonstrating its all-encompassing approach to monitoring payment activities.
Overall, this section highlights the ECB's dedication to policing payment systems to guarantee their smooth functioning, effectiveness, and soundness. It also highlights the ECB's responsibility in preserving the security of money and the integrity of the financial market infrastructure.
Fraud Monitoring, Authentication, and Open Banking: Regulatory Changes
The second part of the directive discusses significant regulatory changes related to fraud monitoring and reporting, strong customer authentication, open banking, the European Banking Authority's (EBA) temporary intervention powers, and regulatory and regulatory technical standards (RTS) on authentication, communication, and transaction monitoring mechanisms. These changes are crucial for bolstering the security, efficiency, and accessibility of payment services within the European Union.
Main regulatory changes:
- Fraud Monitoring and Reporting: The focus is on efforts to keep an eye out for instances of payment fraud. The payee is suggested to be included in transaction monitoring systems, and payment service providers (PSPs) are required to be notified of transactions that are initiated by the payee. Furthermore, additional requirements for PSP data exchange after fraudulent payment transactions are supported.
- Strong Customer Authentication: Proposed amendments would make clearer the conditions for strong customer authentication, guaranteeing that PSPs use a minimum of two independent components from distinct categories when implementing strong customer authentication. In addition, vulnerable individuals' needs for accessibility are taken into account.
- Open Banking: We applaud efforts to lower market uncertainty about data access barriers, and we suggest revising pre-registration clauses for dashboard purposes and creating a draft RTS on data access by payment initiation service (PIS) and account information service (AIS) providers in close collaboration with the European Central Bank.
- EBA's Temporary Intervention Powers: The proposed regulation confers temporary intervention powers on the EBA, enabling it to prohibit or restrict specific types or features of payment services or instruments. The European Central Bank (ECB) recommends amending the law to mandate consultation with the ECB on any proposed action because of its supervision authority.
- RTS on Authentication, Communication, and Transaction Monitoring techniques: The EBA is responsible for creating a draft RTS covering a number of topics, such as common and secure open standards of communication, robust customer authentication, and technical specifications for transaction monitoring techniques. To guarantee efficient supervision and collaboration in the payment and fraud sectors, the ECB advises defining the parameters of the draft RTS and creating them in close collaboration with the ECB.
These regulation modifications are in line with larger initiatives to fortify consumer protection and foster innovation in the financial industry, with the goal of improving the efficiency, security, and accessibility of payment services inside the European Union.
Regulatory Frameworks for Foreign Exchange and Cash Management
The proposed regulatory changes regarding foreign currency management, cash availability at retail locations, independent ATM deployers (IADs), cash-in-transit businesses (CITs), and cash management companies (CMCs) are covered in the last section of the directive. By standardizing currency conversion fees for credit transfers and money remittances, the proposed legislation seeks to bring them into compliance with euro foreign exchange reference rates.
However, questions about how these rates might be abused for transactional purposes have been highlighted, leading to recommendations to swap them out for suitable foreign exchange benchmark rates. The draft guideline suggests a EUR 50 cap per withdrawal transaction and exempts cash provision services without a purchase from regulation when it comes to cash availability at retail locations. Nonetheless, questions surface about the significance of the selected threshold and the requirement for regulatory regime clarity.
Certain restrictions may not apply to Independent ATM deployers (IADs), although increased control is advised to guarantee adherence to pertinent protocols. On the other hand, there have been calls for clarification to preserve the exemption for the professional physical movement of banknotes and coins because the proposed acts do not specifically exclude CITs from their purview.
The overall goal of these suggested changes is to improve cash handling and foreign exchange management's efficiency, security, and transparency while resolving any potential issues and guaranteeing that regulatory frameworks are clear.