The much vaunted revised Payment Services Directive (PSD2) entered into force in January, and after years of hard work, the question no one in Brussels wants to face is: is it already out of date?
Given the disruption that has shaken the industry since the first document’s introduction in 2007 - advances in internet, the boom in mobile, the innovations in card payments - there was no question it had to be updated.
The wheels of Brussels move slowly, but its dealings with an industry constantly looking for a faster solution has left it trailing in dust and throwing up more questions than it answers. The Commission set out to bring new payment methods into scope, foster competition between banks and new FinTech providers, and to provide clarity to what is a disjointed and often siloed market.
However, the two-year implementation period looks set to be riddled with the same discontent that sullied PSD2`s gestation. The banks are still furious that third party payment providers (TPPs) will be handed access to bank customers through their own back-end infrastructure.
Data breaches and security incidents have gone to the top of the agenda across the world, and new EU legislation has struck fear into the heart of financial services with the reality of fines based on turnover. Bank robbers no longer walk into branches with guns; as we saw with the recent attempted USD 1 billion Bank Bangladesh heist or the Kaspersky hack, they use computers and technology. Allowing strangers into the back end is a disaster waiting to happen, the European Banking Federation, a lobby group which represents the continents largest lenders, has claimed.
On the FinTech side, all is not particularly rosy in some of the smaller states either. In areas such as Austria the banks have already laid out their stalls that previously unregulated payment providers or those relying on exemptions can count on big compliance bills. For Austria read Spain, Czech Republic, Poland and many others. Clarity on rules often means it is easier to spot who will be picking up the bill and paying for the improvements.
The EU cannot seem to win even when it tries to break down barriers and create a platform where anyone in Europe can start a payments business and make money anywhere.
One of the most appealing jurisdictions for passporting across the EU, the UK, has expressed concerns that its powers as a host state would be weakened.
For payment institutions operating in multiple jurisdictions under PSD2’s passporting regime, the UK’s Financial Conduct Authority has said regulators in the host country can take emergency action over “a serious threat to the collective interests of the payment service users”.
While the document has been approved, a new regulator which entered into existence in 2011, the European Banking Authority, still has 18 months of work to do ensuring the technical standards for passporting and customer authentication are complete.
Brussels is pushing as hard as it can, but in the last few months paying by voice and by motor vehicle have emerged as new ways to send money from one area to another. These are fantastic boundary-pushing innovations that we surely could not have predicted a few years ago, but will also bring new risks and show explicitly that trying to regulate payments is like nailing jelly to a wall.
We may not see a fully-fledged all-singing all-dancing complete version of PSD2 until 2018, and who knows what we will be paying with by that time?
If there are to be revisions, and given how this article hasnt even touched on such delicate issues as terrorist financing, there has to be, the industry cannot, will not, wait 11 years for PSD3.
About Mark Taylor
Mark Taylor is the News Editor for PaymentsCompliance. Marks regulatory coverage of the payments industry touches on a wide variety of subjects from cryptocurrency, international sanctions and anti-money laundering laws to innovation and emerging markets. He has been part of three award-winning editorial teams in regional newspapers across the UK.
About PaymentsCompliance
PaymentsCompliance is part of ComplianceOnline, the leading provider of regulatory and business intelligence for the gambling, payments and blockchain industries. We specialise in providing high level and independent news, analysis, data, eLearning and research through our primary services GamblingCompliance, PaymentsCompliance and BlockchainBriefing.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now