WRITTEN BY SPYROS ADAMANTIADIS
Moving money around the globe has become increasingly challenging. Changes to the global banking system and the fast pace at which regulation now evolves is building on the long list of challenges that already exist in today’s financial markets.
In 2007, a new set of financial rules called the “Payments System Directive” was implemented in the EU, with the aim of providing safer and more innovative payment services within the Union. The main driver was to ensure cross-border payments were as simple, efficient and secure as ‘national’ payments within Member States.
The initial objective was to:
- Establish a single market for payments within EU.
- Lower the market barriers for new entrants with the aim of improving competition.
- Develop a platform for the Single Euro Payments Area to help drive down costs.
- Increase transparency to reduce information asymmetry and protect consumer rights.
In July 2013, the European Commission proposed a revision of the Payment Services Directive (PSD2). This was instituted on the 9th June 2015, with two new types of payment services positioned under the regulation’s umbrella. These were the Account Information Services (AIS), which offer a consolidated view of a customer’s accounts across one or more payment service providers, and the Payment Initiation Services (PIS), which allows payments to be initiated (with the user’s request) from an account held at another payment service provider. In addition, PSD2 expanded the scope of business rules, including transactions in all currencies, provided that one of the service providers is located within the European Economic Area (EEA).
The main aims of the directive are to increase access to payment processing services across the industry, as well as to customer accounts held by the banks. It recognises the markets’ requirement for payment service providers (PSPs) to access third party’s online payment services, in a regulated and secure environment.
Explaining the Payments System:
Prior to the introduction of PSD2, users would have to log into each bank individually utilising their personal details, in order to check multiple accounts. This heightened their exposure to security risks. With PSD2, an aggregated solution is used to manage the user’s multiple accounts, maintaining security by using a single security token at the point of aggregation. As a result, PSD2 not only provided safer account management for the consumer but also increased competition among FinTech companies to provide a similar solution.
Payment Initiation Services (PIS):
Transactions are currently made through a third party gateway provider e.g. Worldpay or MasterCard, who are required to withdraw the money from the user’s account in order to pay the merchant (e.g. Amazon or EBay). The premium required to conduct such a transaction is estimated at 1% of the EU GDP, which amounts to €130 billion. The implementation of PSD2 enables the seller to interact directly with the customer’s account, bypassing gateway providers and ultimately saving money.
PSD2 offers protection for the consumer against unauthorised transactions by improving security measures. All payment system providers must provide proof of compliance to predetermined security measures, to ensure safe and secure payments. The payments directive provides the framework for the evolution of payment services systems, tailored towards the consumer’s standards.
Effects of the new Payments System Directive:
One of the biggest risks is the ability to access the payment account information of third parties, with full disclosure of consumer details and a risk to data integrity. However, account servicing PSPs such as banking institutions, must solely allow approved and licenced third party PSPs to gain access to customer’s account information only when the customer provides consent. Further to this, account servicing PSPs are forbidden from discriminating against third party payments, by applying additional transaction charges or classifying them as low priority.
The revised PSD encompasses strict rules on identity authentication of payment service users. PSPs must comply with strong customer authentication procedures for electronic payments. The minimum threshold would involve two authentication factors. As a result, PSPs that do not comply with the regulation will be held accountable for any losses incurred to the sender due to identity fraud, unless it is the sender themselves who have committed such an act. In the case of any unauthorised payments, customers could be held responsible should there be clear evidence of fraudulent activity or security negligence on their part. However, if such an unauthorised transaction occurred without the payer’s authentication, as with cases of account phishing, then the payer is not held liable.
In Payment transactions, both transaction parties will be entitled to receive detailed information about any charges that are to be applied before the payment is processed, with senders receiving the total chargeable amount and payment recipients receiving breakdown of any charges relating to the transactions which would require payment.
Benefits & Drawbacks:
- The choice of consolidating all bank accounts into an aggregated one with continued security under the platform’s terms and conditions.
- Removal of any surcharging for card payments.
- Increased consumer protection against fraud with a €50 cap on any unauthorized payments
- PSPs will be obliged to adhere to certain security measures, in order to ensure safe and secure transactions.
- A selection of different internet or application interfaces tailored towards the user’s needs.
- Integration of the user’s bank account directly with the merchants provides a streamlined payment process.
- Lack of clarity of responsibility between PISPs and Account Servicing Payment Service Providers (ASPSP) in the event of loss.
- Cost efficiency compared to card interchange.
- Immediate settlement into the merchants account.
- Increased relationship between merchant and customer.
- Opportunity to establish themselves as an Account Information Service provider (AISP).
- Increase competition; third parties will be able to offer similar or completely new services to customers.
- Risk of banks being transformed into data centers for service providers.
- High costs for legacy banks to change into new system technology.
- Loss of screen time in front of consumer.
- Loss of extra fees from card transactions
The revised Payments System Directive could provide the foundations for a more transparent transaction process and an opportunity for FinTech to merge traditional banking with technological evolution. Banks are already in the process of developing their own online applications that will support the new Payment system. However, the biggest challenge lies in data integrity and how the consumer’s personal data is secured. Compliance programs are in the early stages of initiation at many institutions, with step-by-step compliance approaches being adopted. It is expected that the majority of banks will turn to external partners to facilitate the development of APIs, security layers and payment applications, as well as new business processes and product development.
In order to stay competitive, then banks must provide consumers with what they need - the ability to see all finances in one single view, accompanied by a simplified payments process. Consumers demand new payment options and the Fintech industry rightfully steps in to capitalise on this opportunity. By opening the payments market to new entrants, PSD2 enhances industry competition and promotes further Fintech innovation. Consumers win as a result of PSD2 by gaining access to a wider variety of more affordable options when transferring money. PSD will simply allow people to be paid as quickly as possible, through a simplified process and with heightened transparency. What remains to be seen is whether PSD 2 will revive retail banking or be detrimental to the banks which do not embrace change.
- Starling Bank, Boden, A. ,(2015). Explaining PSD” without TLAs is tough!
- European Commission (2016). Directive on Payment Services (PSD)
- Jiang, K (2015). What impact will Europe’s New payment services directive have on the payment industry?
- Jiang, K (2016). PSD2: Creating a fair Legal framework for payments in Europe
- Visa Europe, Temmerman, M (2015). PSD2 Position Paper: Authenticating Online Payments.
- Visa,(2016). Securing Internet Payments: The current regulatory state of play.
Skinner, C (2015). The implications of PSD2 and third party access to accounts