On 12 January 2016, the revised Payment Services Directive (EU) 2015/2366 - or PSD2 - came into force in the European Union, and went into effect on 13 January 2018. Several parts of this regulation impact merchants globally. One of the most important objectives of the new Directive is related to customer protection through 2 rules: user consent and Strong Customer Authentication. Another main reason for the huge attention it is attracting is the introduction of two new Third Party Provider (TPP) roles in the banking ecosystem: Payment Initiation Service Providers (PISP) and Account Information Service Providers (AISP).
We know from our recent discussions with a wide range of market players that many merchants feel uncertain about what they need to do to prepare for the PSD2 and about whom they can turn to for strategic, as well as technical, assistance. This article sheds some light on possible opportunities and encompasses preliminary questions that merchants need to consider as soon as possible to turn this regulation and compliance into opportunities for their business. So what are the key elements of the PSD2 for merchants?
Innovation beyond regulation
To the surprise of a great many Europeans, who used to believe that the EU system was far too bureaucratic to ever take the lead in innovation, the PSD2 has turned out to be more disruptive than any actors could have expected from any Fintech startup.
Clearly, the new Directive, conceived by the European Commission and adopted by the European Parliament and the Council of The European Union, did not come out of thin air. The PSD2 is an enhancement and further development of the PSD, which was adopted by the EU in 2007. In a press release on 8 October 2015, the Commissioner of Competition, Margrethe Vestager, said:
”We have already used EU competition rules to ensure that new and innovative players can compete for digital payment services alongside banks and other traditional providers. Today’s vote by the Parliament builds on this by providing a legislative framework to facilitate the entry of such new players and ensure they provide secure and efficient payment services. The new Directive will greatly benefit European consumers by making it easier to shop online and enabling new services to enter the market to manage their bank accounts, for example to keep track of their spending on different accounts.”
The most important news
The main reason for updating the PSD1 was the massive development and growth within the retail payment market and the related digital technologies – such as mobile payments - since the first directive in 2007. The development has “given rise to significant challenges from a regulatory perspective. Significant areas of the payments market, in particular card, internet and mobile payments, remain fragmented along national borders.” This fragmentation, in combination with rapid technological advancement (resulting in many new products and solutions which fall outside the scope of the old Directive) had, according to the EU Commission, led to “legal uncertainty, potential security risks in the payment chain and a lack of consumer protection in certain areas.” The Commission’s conclusion was that the PSD1 framework was no longer adequate and an update was necessary to take the next steps towards full integration across the EU:
“The continued development of an integrated internal market for safe electronic payments is crucial in order to support the growth of the Union economy and to ensure that consumers, merchants and companies enjoy choice and transparency of payment services to benefit fully from the internal market.”
Focus on Access to Account and Payment Initiation Services (PIS)
The most talked about, and most important, innovation in the new Directive is that banks are required to provide access to payment accounts to Third Party Providers (TPPs) – on the condition that the TPPs have received permission from the bank customers owning said accounts.
This new requirement is stated in the Directive’s Article 66 for Payment Initiation Services (PIS) and Article 67 for Account Information Services (AIS):
Article 66: “Rules on access to payment account in the case of payment initiation services. 1. Member States shall ensure that a payer has the right to make use of a payment initiation service provider to obtain payment services as referred to in point (7) of Annex I.”
Article 67: “Rules on access to and use of payment account information in the case of account information services. 1. Member States shall ensure that a payment service user has the right to make use of services enabling access to account information as referred to in point (8) of Annex I.”
Following these articles, Payment Initiator Service Providers have the capability to initiate SCT (SEPA Credit Transfer) – and Instant Payments in the future - from the consumers’ bank accounts and with their agreement, which means that when connected to a merchant, Payment Initiator Service Providers will give the opportunity to merchants to be paid by SCT in the continuity of a consumer journey, without any break between purchase and payment and with no risk of error (amounts and payment references being automatically provided for the initiation of the Credit Transfer).
Relying on Worldline’s strong expertise in payments, merchants can benefit from a better grasp of the complexity and opportunities introduced by the PSD2 at different levels to continue to enhance the shopping experience.