PSD2 XS2A adoption – what are the implications for banks?

With the Revised Payment Service Directive (PSD2) entering into force on 12 January 2016 it is now official: providing payment account access (XS2A) to third party providers (TPPs) will be a requirement for European banks as of 13 January 2018. The exact security requirements for XS2A will heavily depend on the Regulatory Technical Standards (RTS), on strong customer authentication and secure communication channels that the European Banking Authority (EBA) will need to deliver. As these RTS will not be published before January 2017, many aspects regarding XS2A implementation are still unclear.

In this short blog we will cover the basics of XS2A and shed more light on this rather complex matter.

So, here’s what we know

Banks (account servicing PSPs under PSD2) will need to ‘open up’ two types of services: payment initiation services (PIS) and account information services (AIS). Both services require account holder consent and apply to all consumer and business payment accounts that are accessible online.

This opening up will enable two types of licensed TPPs to enter the market: payment initiation service providers (PISPs) and account information service providers (AISPs). To obtain a license, these service providers will need to meet less stringent requirements, than e.g. the current payment institution licensees.

For PIS and AIS no contract between a TPP and a bank should be required. In case of disputes over unauthorised transactions where a PISP is involved, the bank remains the first point of contact for the account holder.

Implications for banks

Regardless of the exact content of the RTS, we can already see the following implications for banks.

From January 2018, banks will find TPPs offering new services to banks’ account holding customers. Since these services build on the AIS and PIS offered by the bank, these services are very likely to overlap with today’s bank services. This may have implications for the way in which a customer sees and interacts with its bank.

This is most visible for AIS on the account holder – bank relationship, where a TPP could replace existing internet and mobile banking apps. Obvious examples of services in this domain are aggregation services (where account information of multiple bank accounts, held in different banks, is aggregated into one comprehensive view) and account balance services.

For PIS a bank may experience more direct impact on its business model as TPPs can directly compete on product and price with existing payment services offered by banks. TPPs do not require a contract, which seems to imply they are not subject to direct charges from the bank.

The implications for PIS are most visible in the ‘acquiring’ or ‘creditor bank’ domain of a bank, where payment services are offered to merchants and banks will, thus, face more competition. This competitive pressure adds to disruption in the ‘issuing’ or ‘debtor bank’ domain, where interchange-based revenue from both cards and alternative payments might be at risk.

Advice to banks

For banks to effectively operate amongst FinTech and bigtech challengers in the PSD2 era, it should know exactly what it wants to be to its customers. Banks need to determine a strategic value chain position that fits the bank’s capabilities and ambitions. This is key to being relevant to customers in the future.

About Vincent Jansen

Vincent Jansen (1974) is Principal at Innopay. He is a passionate collaborative innovator and has extensive experience creating networked products in complex, multi-stakeholder environments. Since 2003 he is active in the field of online payments, since 2008 in digital identity. He has contributed as a consultant and an architect to the creation of payment products like iDEAL (NL) and MyBank (EU) and digital identity products like eHerkenning and Idensys (NL government) and iDIN (NL banks). Vincent is part of Innopay’s management team and heads the payments practice.

About Mounaim Cortet

Mounaim Cortet is a senior strategy consultant at Innopay, working on strategic and innovation challenges in payments and digital identity. He supports business executives to develop new insights that enable them to (re-)define their business (model) and operational strategy to compete in the digital era. He was the project manager and lead-author for the Payments working group of Shopping2020, and he is currently involved as expert consultant and facilitator of the Open Transaction Alliance (OTA), i.e. a cross industry initiative working on the strategic implications of PSD2 ‘access to account’ (XS2A).

About Innopay

Innopay is an independent consulting company, specialised in online payments, digital identity and e-business. We help our clients, including financial institutions, governments and corporates, to develop the compelling strategies and digital services for consumers and companies that are key for successful competition in a rapidly digitising world.