by Sebastian Mattern
September 12, 2018
The Payment Services Directive 2 (PSD2) is a pan-European regulation that came into force in January 2018 and opened the payment transaction market to new providers. The regulation states that banks must disclose customer data (with the customer’s permission) to third party providers (TPPs) and create new system accesses in the form of an API or a user interface. This access would then allow a customer to access their bank accounts via the TPP.
In the past, TPPs were only partially regulated. PSD2 aims to protect customers and create a more secure environment when they interact with TPPs. The European Banking Authority (EBA) considers the following to be the key goals to PSD2: ensuring safety, promoting competition, protecting the end customer, promoting innovation and, in our opinion, the most important principle, to improve customer experience with new systems and to ensure a competitive level playing field.
From our experience working on a number of projects, Orbium has identified four main challenges that banks’ may face when complying with PSD2:
PSD2 is just the beginning of Open Banking. The more we think about where it could go next, the more challenging it becomes. For example, the next regulation could be that banks must also give access to their security accounts via an API. From the bank’s perspective, the worst-case scenario would be if they become a mere processor for payments and security transactions.
For banks, it is important to define the future business model to develop a successful design and technical connection to the core banking system, the online banking system, or other systems to be prepared for future extensions of Open Banking.
The decisive question is whether a bank wants to passively comply with the guidelines of PSD2 or actively benefit from the regulation. Our recommendation is that banks look beyond just the minimum implementation and take the opportunity to evaluate their strategy and their desired market position to come up with a more sophisticated appropriate approach to PSD2.