What is Payment Services Directive (PSD)?
Payment Services Directive (PSD) is an European Union Directive, which provides a framework withinwhich all the payment service providers must operate. PSD went into force in December 2007 and was completely adopted by EU in 2009. The underlying purpose of PSD was to foster pan-European competition from non-banking financial institutions and promote innovation and security in the payments industry in the European Union. On the consumer end, PSD aimed at providing them with faster payments, refund rights and more transparency in payments.
What is Payment Services Directive 2 (PSD2) and how will it affect banks and credit unions?
Payment Services Directive 2 (PSD2) is a new directive which aims at replacing the Payment Services Directive (PSD) of 2009. It was first outlined by the EU Commission in 2013. PSD2 makes certain provisions in PSD clearer and emphasizes on opening up the payments industry for third party businesses and non-banks. It also focusses on reducing barriers to entry for cards and internet payments and encourages payments innovation in mobile.
PSD2 directs banks and credit unions to give open access to its customer data and account information to licensed third party businesses with customers’ explicit consent. On the other hand, customers also have a right to be provided with information that properly informs them about "the extent of this access”. Under PSD2 terminology, this provision is called Third Party Payment (TPP) service provision. The ‘Access to Accounts’ (XS2A) rule under PSD2 will mandate banks to facilitate access via API to their customer accounts and provide account information to third party apps with a customer’s explicit consent.
PSD2 also addresses the liability problem involved in late payments or incorrect payment processing when multiple payment service providers (PSPs) or financial institutions are involved. The liability provision says that such liabilities be broadly shared by PSPs based on payer's instructions and those receiving payments on behalf of payees, with each PSP liable for problems with their part of the transaction.
There is a lot of buzz around PSD2 in European banks and credit unions, partly because they will now be forced to share their customer data and partly because they may face stronger competition in the payments space. As PSD2 promotes competition and innovation in the financial technology industry, banks and credit unions may be concerned about the next steps they should take. Implementation of PSD2 is expected in a couple of years, which means sometime in 2017. Banks in EU and international banks will have to start thinking about how to go about with launching the APIs by ensuring data security. PSD2 and Access to Accounts (XS2A) are not just regulations or compliances. They will open gates to innovation especially when banking and FinTech APIs are on the rise.
It is interesting to note that this seems to be the first regulation of its kind to streamline access to new players who are looking to offer financial services using information that has traditionally been closely guarded by banks. That the EU would go as far as to specify the use of “APIs” in its directive is a sign of how technology-centric innovation is rapidly transforming how the banks are being forced to evolve their business practices.