Breaking down the PSD3/PSR package: Highlights from our presentation at ABBL’s Payments Cluster
In the realm of EU payment frameworks, the Payment Services Directives (PSD) have played a pivotal role in fostering an integrated payments market. During the ABBL Payments Cluster on 4 March, Finologee offered insights into the upcoming PSD3/PSR package. Mallorie Ribet, Finologee’s Head of Product Strategy and Bank Engagement, shared expertise on these amendments, providing clarity for in-scope entities amidst regulatory shifts.
The evolution of EU payment frameworks began in 2007 with the introduction of PSD1, marking a pivotal moment in shaping integrated payments. Subsequent progressions led to the implementation of PSD2, introducing new layers of consumer protection and security. Now, with the emergence of PSD3, the journey continues, “emphasising gradual evolution rather than radical change”, according to Mallorie Ribet.
PSD3 specifically aims to bolster measures against payment fraud, expand access to EU payment systems for non-bank Payment Service Providers (PSPs), promote open banking initiatives, and empower national competent authorities with stronger enforcement capabilities. This latest iteration, replacing PSD2, introduces a dual framework consisting of both a directive and a regulation. Notably, the Payment Services Regulation (PSR) carries direct applicability within the EU, reducing ambiguity and ensuring consistent interpretation across member states.
Mallorie elucidated the key amendments brought forth by PSD3:
- Access-to-accounts: Mandatory dedicated interfaces for Third-Party Providers (TPPs) and the removal of the fallback interface requirement, replacing it with “secured screen scraping” in case of unavailability.
- Strong customer authentication (SCA): Applied by Account Information Service Providers (AISPs) on the first occasion of data access and every 180 days thereafter. PSPs are mandated to offer authentication methods suitable for individuals with disabilities and the elderly.
- Permissions dashboard: Account providers are required to establish dashboards enabling customers to monitor, withdraw, or re-establish permissions granted to TPPs.
- Verification of payee (VoP): Expanded to all EU credit transfers in any currency, extending the scope of IBAN name checks introduced in 2022.
PSD3 marks a shift in EU payment regulations, prioritising continuity over radical change in technical implementations. Rather than revolutionising the landscape, it builds upon the foundations laid by PSD1 and PSD2. Notably, it expands the scope of instant payments to include additional entities, requiring a focused approach to setup and integration.
Alignment with the latest recommendations from the European Banking Federation (EBF) is crucial, particularly regarding IBAN-name checks, open banking initiatives, and compliance with the Financial Instrument Directive and Regulation (FIDA).
Mallorie Ribet, Head of Product Strategy & Bank Engagement, Finologee: “IBAN-name check provisions should align fully with the future Instant Payments Regulation to avoid any discrepancies in legal obligations.”
As the PSD3/PSR package unfolds, stakeholders must navigate its complexities with a sharp eye on compliance, operational efficiency and alignment with evolving regulatory standards. Given the nuanced changes introduced by PSD3, adaptation and alignment with industry best practices will be critical.
Mallorie Ribet, Finologee: “Success in this transition relies on stakeholders’ ability to seamlessly integrate new requirements into existing systems and processes, ensuring a smooth transition to this new phase of EU payment regulations.”
