PSD2 is the major regulatory change facing banking stakeholders in the European Union this September. What is the impact of this legislation? How has the context changed? Why is it so important? Learn why digital payments are the business of the future for the entire banking sector in this post.

On September 14, 2019, European Directive 2015/2366 for payment services will officially enter into force in Italy. This which amends the previous directives on the subject and repeals Directive number 2007/64/EC.

The change will be remarkable for three reasons.

  1. First, compliance with the directive will require all players in the banking and financial sector to implement a series of measures. 
  2. Secondly, this directive will affect the online payments market, which now represents an important part of the economy in Europe and globally, given the high volume of digital payments that are made every day.
  3. Finally, Directive 2366/2015 will affect the sphere of privacy, cybersecurity, and the management of bank data of individual users. 

These are all very sensitive areas that are important for both the government and its citizens. But first, let’s take a step back to understand the context in which this new development is taking place.

 

PSD2 in context

The advent of the Internet and digital technologies has had a major impact in all sectors of the economy, and it has especially impacted the consumption habits of individuals. 

As a consumer, just think about how you order food or go shopping or enjoy audio and video content.  Digital transformation has revolutionized these activities from the root, changing the expectations of consumers as well as the business model. These are just a few examples of the areas affected by this revolution. On closer inspection, the digital transformation has touched many more sectors, including banking.

Banks, in fact, are facing many changes due to the pressure of digital innovations. In this sense, a clear example is Fintech, the business area dedicated to digital financial services, which is now on the rise.

This is evidenced by data from a study by KPMG, who found that fintech investments in the first half of 2018 exceed the total investments in 2017 by $38.1, reaching $57.9 billion. It is even more impressive when you consider that the 7,500 start-ups operating in fintech around the world have managed to raise as much as $110 billion between operations and investments. This testifies to both the economic importance of this sector at an international level and the interest it generated among major players, who after an initial distrust, have opened up to innovation.

This is demonstrated by the fact that in recent years there has been an increase in the number of traditional credit institutions that have not only invested, but have even purchased FinTech companies, so as to absorb their resources and know-how.

This is the case of the Spanish bank BBVA, which has shown itself to be inclined to ally itself with competitors such as Holvi or Simple, both digital banking companies that offer fast, simple, and efficient services and those that are fully online. British and Italian banks, such as Intesa San Paolo, Mediolanum, and Unicredit, are also doing the same. They have started a long-term investment program both to collaborate with some strategic digital partners and to develop their own internal digital solutions.

The changes that have affected the banking sector are not only those related to market players; they also affect consumers themselves.  It is not a mystery, in fact, that most of the daily banking operations take place through digital platforms.

According to the 2019 e-banking report from BEM Resarch based that investigates the spread of banking services via the Internet in Italy and Europe, an average of 54% of the EU area population uses digital financial services, a marked increase over previous years. Italy is also following this trend, although to a lesser extent than the other member countries: in 2017, 31% of citizens used e-banking services, an increase of two percentage points compared to 2016. In addition, another related trend helps us understand the context in which the new European discipline under analysis was approved.

The reference is to the steady increase in online payments, the value of which, according to analysts, could exceed €100 billion by 2020. By mid-2018, the most innovative digital payment solutions, including eCommerce, ePayment, Mobile Payment & Commerce, Contactless Payment and Mobile POS, were already worth more than €46 billion, accounting for 21% of total digital payments.

On the other hand, the total number of online purchases has also grown steadily in recent years. 

According to statistics reported by Eurostat on the use of e-commerce among EU citizens, the percentage of users who have made online purchases in a year has increased from 50% in 2008 to almost 70% in 2018. The youngest sections of the population – those from 25 to 54 – show the greatest growth, while  those over 55 have shown a slight decrease in the last two years. In terms of frequency, 34% of respondents made one or two online purchases in the three months before the survey, which is the same percentage as those who made three to five purchases over the internet in the previous three months. In addition, on average, users spend between €100 and €500 on online purchases.

Simply cross-referencing these two figures – the number of monthly purchases and the average spending per user – gives an idea of the value of this sector of the economy and why new action was needed to regulate the digital payments sector.

 

PSD: the regulatory starting point 

The EU had already intervened in 2010 by issuing a first European Directive on payment services (PSD), which touched on three areas:

  1. access to the payment services market.
  2. the general conditions of payment services provided by authorized bodies (banks, for example), which include the obligation of transparency and the duty of information on the part of institutions in favor of consumers, who must be fully aware of all the conditions and characteristics of the services offered, with a view to greater protection.
  3. the rights and obligations to be respected during the execution of payment services, with attention to the timing and conditions for reimbursement in the event of non-compliant execution or unauthorized payments.

These three areas of intervention have been key to pursuing the main objectives of this legislation:

  • to support the creation of a single market for payments within the European Union that breaks down legal barriers between the various Member States by ensuring a single and coherent legal framework;
  • to increase competition between the different operators in the various national markets on a substantially level playing field;
  • to increase transparency between providers and users;
  • to standardize the conditions under which different payment services were provided.

In concrete terms, this has resulted in a series of measures that have had a major impact on how banks and other credit institutions manage payments.

For example, the PSD has made payments faster by identifying tight and pre-arranged deadlines. In general, the directive stipulated that payments without currency conversion ordered by the paying customer must be made within one working day following receipt of the order or, if the payment order was made on a non-operational day for the bank or beyond a cut-off time, the order should be considered received on the next following working day.

In this way, transactions were made faster and more fluid for all users anywhere in Europe. Still, on the subject of charges and timing, the Directive prohibited the backdating of the debit value date. 

This means that the bank must receive payment orders from the client for which the date of availability of funds to the beneficiary is predetermined, in a time that allows the same to make payment within the desired deadlines, as in the case of bank transfers for the payment of wages.

As far as greater transparency is concerned, on the other hand, not only has the exact unique identifier of the beneficiary customer been adopted (IBAN for wage transfers) as a necessary condition for Italian banks to accept payment orders, but the Directive has also provided that for the various payment services, at least one free reporting method is offered once a month.

In this way, the customer can know the details of the operations being carried out and without having to pay additional fees.

Likewise, the PSD sets equally precise and stringent deadlines for communication by the bank or other institution offering payment services in the event of non-execution of the order, which must be transmitted precisely and in a timely manner. 

It must reach the customer within the specified time limit for the execution of payment and must include reasons for refusal, indicating the possible actions that the customer can take as a result. And, always with a view to maximum transparency, this communication can only be charged on condition that it is previously and clearly contracted.

 

Enter PSD2

It is in this legislative vein and especially in this context of an expanding market that the second European Directive on payments arrives. What is new about PSD2?

In general, it must be said that this represents a complete harmonization of the European market and, unlike with PSD, the conditions of transparency and information requirements in PSD2 are extended to all transactions carried out by payment service providers operating and residing within the European Union.

This is a necessary condition for the “open banking” model that seems to be the guideline of the legislator.

The other great innovation introduced by the Directive is that of giving the possibility to all current online accountholders to carry out the various payment operations or to access banking reports using third-party software.

This means that banks and financial institutions will no longer have a monopoly when it comes to digital payments; instead, they will have to open themselves to collaboration with digital partners.

Moreover, this will push traditional players in the payments market to adopt innovative procedures and solutions (implementing, for example, blockchain technologies) to interact with these third parties and remain competitive in terms of the services offered. In other words, it will be necessary for them to further accelerate the process of digital transformation activated in recent years.

Obviously, all of these changes, which will have a disruptive effect, may also involve some critical issues in terms of user security and privacy. For this reason, the European legislator has made a number of new provisions aimed at guaranteeing greater security for all users.

In particular, the Directive provides for the establishment of a Central Electronic Registry aimed at strengthening the transparency of the operation of authorized payment institutions, held at the European Banking Authority, where all information concerning the subjects registered in individual national registers will flow.

In addition, PSD2 also provides for the introduction of Strong Customer Authentication (SCA), which will replace the current SD3 protection system, providing more complex password systems and fully customization by the user.

 

PSD versus PSD2

This brief overview of some of the main legislative developments in the field of digital payments shows that the shape of the payments market is changing radically.

These recent changes acknowledge that an integrated system is inevitable, one where traditional players and innovators can and must work together to ensure the best service to the consumer.

At the same time, the European Directive shows that it is willing to tackle a problem that has become increasingly important in today’s interconnected world, namely the management and security of data online. In this sense, the legislator is looking for an intermediate solution, identifying new centers of responsibility and trying to make operations traceable without compromising the speed and efficiency of processes.

Finally, this legislative evolution demonstrates another interesting aspect: the technological transformation has dramatically accelerated the ageing of laws that are increasingly being overtaken by the changes. 

In less than 10 years, PSD exposed that existing measures for effective and safe communication between consumer and user and the initiatives to unify the market with unitary requirements were no longer sufficient. 

This was why action had to be taken, and the action poses a double challenge. On the one hand, Member States must be ready by September, and, on the other hand, the players in the sector will face an increasingly challenging market not only in terms of competition but also compliance.

 

The digitalization of processes, products, and services in banks’ digital strategies must go hand in hand with an increasing focus on customers and their needs and expectations, even in the banking sector. Find out all trends to know in 2019, download the infographic:

New call-to-action