Retail payment systems are ever-evolving and becoming increasingly digital and real-time around the world. However, Europe has sometimes been seen as needing to catch up in terms of payment system modernisation. Taking the example of instant payments, for instance, only 14% of all retail payments were instant as of Q1 2023, way behind other markets in the world.
To remove friction to adoption and accelerate the development of better systems, the European Commission has regularly implemented payment directives. And in June 2023, it released its first proposal for the third Payment Services Directive (PSD3). In this article, we will explore the key elements of this release at the time of publication. But first, some context about PSD3.
Proposed by the European Commission, the Payment Services Directives aim to set out regulations for retail payments within the EU, domestically and across borders.
The last official directive was the second Payment Services Directive (PSD2) adopted in the EU in 2015. Building upon the first Payment Services Directive (PSD1) adopted in 2007, which aimed to create an integrated EU payments market, PSD2 aimed to address barriers to new payment services, enhance consumer protection and security, promote competition, and ensure a level playing field for different payment providers. Among others, it introduced the European version of open banking as well as new payment institutions statuses like AIS (Account Information Service) and PIS (Payment Initiation Service).
As part of its Retail Payments Strategy outlined in 2020, the European Commission was required to evaluate PSD2 in 2022, focusing on areas such as costs and access to payment systems. The evaluation process included input from the European Banking Authority (EBA), public consultations, and a report from an independent consultant.
This consultation led to the June 2023’s PSD3 proposal.
While all the specifics are not yet available, the commission released a detailed Q&A as part of the proposal which helps uncover the main themes it is looking to address:
Continuing to level the playing field between banks and non-bank PSPs by allowing non-bank payment service providers access to all EU payment systems, with appropriate safeguards, and securing those providers' rights to a bank account. In addition to commercial banks, central banks will also be allowed to provide account services to non-bank PSPs, at their discretion. The UK and certain EU markets like Sweden have already taken the steps to open their payments systems to PSPs, and it has driven a tremendous amount of innovation. The commission is hoping that SEPA could follow suit.
Increase fight against payment fraud by enabling payment service providers to share fraud-related information between themselves and introduce a long-awaited confirmation of payee for all SEPA credit transfers (not just SEPA instant credit transfers). This is something the UK and Netherlands have had in place for a while, and it works well.
Improve consumer rights in cases, for example, where their funds are temporarily blocked, or when the information on account statements and charges is not clear and transparent.
Fixing open banking by removing the current operational frictions of PSD2 APIs and improving customers’ control over their payment data to make it more granular.
Strengthen harmonisation and enforcement, for example, by giving Member States 6 months to transpose in their national law certain of the above measures. Lack of harmonisation was a critical issue identified in the roll-out of PSD2, especially in regard to open banking APIs.
It is still early days. Legislation is expected to be passed by June 2024, and then each EU / EEA country will be given a deadline to transpose it into national law.
If we look at historical precedents, it took PSD2 around five years to replace PSD1. Firstly, European countries had two years to transpose PSD2 into national legislation after it had been passed at the EC level. This is likely to be accelerated to 6 months for PSD3. Then PSPs had another two years (extended to three) from transposition to fully comply with PSD2.
While the European Commission has shown intent on fast roll-out across all EU markets (especially when transposing into law), PSD3 is likely to be in effect before 2025 at the earliest.