The regulatory Ripple Effect: Fraud Management in the Wake of PSD3, PSR and FIDA

02 / 10 / 2023

Five years post-PSD2, the European Commission (EC) is once again setting the stage for a shift in the financial ecosystem with its latest legislative package—comprising the Third Payment Services Directive (PSD3), Payment Systems Regulation (PSR), and Financial Data Access (FIDA).

Introduction

Five years post-PSD2, the European Commission (EC) is once again setting the stage for a shift in the financial ecosystem with its latest legislative package—comprising the Third Payment Services Directive (PSD3), Payment Systems Regulation (PSR), and Financial Data Access (FIDA).

As the world increasingly embraces digital financial transactions, the European Commission has doubled down on its efforts to create a more secure and consumer-friendly financial ecosystem.

While these new regulations are designed to boost consumer protection and foster innovation, they will also have an impact on payments fraud management. Let's look into what these changes mean for Payment Service Providers (PSPs), fraud service providers, and consumers.


PSD3: A Reinforced Shield Against Payment Fraud

PSD3 is not just a revision; it's a renaissance in consumer protection and fraud mitigation. PSD3 encourages Payment Institutions (PIs) to voluntarily share information related to fraud, creating a collaborative environment for combating criminal activity.


Stronger Consumer Protections

In addition to enhanced information sharing, PSD3 extends refund rights for consumers who fall victims to fraud in cases of spoofing scams, where fraudsters impersonate employees of PIs. This shift towards consumer-centricity requires stronger fraud controls and detection mechanisms from PIs.


PSR: The Game-Changer in Anti-Fraud Strategies

By mandating free-of-charge IBAN and payee name verification services, PSR will force PSPs to rethink their anti-fraud strategies and budget allocations. With this regulation, the European Union aims to enhance the security of credit transfers, making it increasingly difficult for fraudsters to exploit the system.


New Horizons in Liability

Technical service providers who fail to support Strong Customer Authentication (SCA) will now bear financial liability, raising the stakes in the compliance and anti-fraud game.


FIDA: The New Frontier in Open Finance

The legislative proposals create a GDPR-compliant legal framework for PIs to voluntarily share fraud-related data. This is expected to enhance collective efforts to combat financial crime but will also pressure PIs to actively participate in such data-sharing initiatives, contingent on multi-party information sharing frameworks that necessitate a specialised IT platform. 


Navigating the Regulatory Maze: A Q&A

  • PSD3 replaces PSD2 and offers a renewed focus on user protection and fraud prevention. By allowing voluntary communication and data sharing among PIs, PSD3 paves the way for more robust and collaborative fraud detection mechanisms.

  • PSR mandates free IBAN and payee name verification services. PSPs will need to reconsider their existing anti-fraud strategies to comply with these new requirements.

  • FIDA establishes clear rights and obligations for customer data sharing, covering a wide range of financial products beyond payment accounts. This opens the door for more advanced fraud detection techniques that leverage data from multiple financial products.

  • Failure to support SCA now may come with financial repercussions for technical service providers, making their role in compliance and fraud prevention more critical than ever.

Final Thoughts

The wave of regulatory changes from the EC will reshape the fraud management landscape. While these legislative measures aim to enhance consumer protection and encourage innovation, they also present new challenges that financial institutions must navigate carefully. Early compliance and strategic planning will be key to successfully adapting to this new regulatory environment. As always, vigilance and adaptability will be the watchwords in this ever-evolving battle against financial fraud.

Let's embrace these changes as stepping stones towards a safer and more efficient financial ecosystem. After all, the future is digital, and it's coming faster than we think.

While PSD3 brings about a more open financial ecosystem, it doesn't compromise on security. By mandating stronger anti-fraud measures and encouraging inter-industry cooperation, PSD3 is setting the stage for a safer, more secure digital finance landscape.

From a compliance perspective, the industry should view PSD3 not as a hurdle but as an opportunity to fortify their fraud prevention mechanisms. The new directive opens up avenues for innovation in fraud detection and prevention, making it an exciting time for PSPs, fraud service providers, and even customers.

As always, we will continue to adapt and innovate, ensuring that our solutions are not just compliant but also at the forefront of technology. PSD3 isn't just a new rulebook—it's the future of digital finance. And we, at Worldline, are ready for it. Discover more on our Fraud prevention and detection solutions.


Glossary:

Payment Services Directive X (PSDX): Directive aiming at regulating payment services and payment service providers in the European Union.

Payment Services Regulation (PSR): Regulation resulting of the revision of PSD2 and dealing with the rules and obligations around payments.

Regulatory Technical Standards (RTS) : technical definitions and specifications, brought by an European Supervisory Authority, on top of a legislation.

Financial Data Access (FIDA): Framework establishing rights and obligations to manager customer data sharing in the financial sector.

 

João Courinha

Product Manager Fraud Management & Issuing Processing

Find out more