Summary of the PSD3 Proposal

The European Commission emphasises the need to update the PSD2 liability framework in response to the increasingly sophisticated types of fraud which are being utilised. The requirement for Strong Customer Authentication (SCA) has been efficient in preventing crime over the past years, but it needs updating to be effective with evolving and increasingly sophisticated methods used to commit financial crime. As such, PSD3 proposes several new anti-fraud measures for payment service providers operating within the EU:

• IBAN and name-matching verification services for all credit transfers for instant payments in Euro,

• Exchange of fraud-related information between Payment Service Providers (PSPs) through authorised digital platforms,

• Stronger monitoring of transaction data,

• Responsibility for educating consumers and employees on payments fraud to increase their awareness,

• Expansion of customers' rights to refunds in defined cases,

• Simpler application for SCA.

The European Commission noted a demand for improvement of ‘Consumer rights and information’. This includes:

• Transparency for ATM charges – PSPs will need to inform consumers about any charges for payment services,

• Increased clarity on Credit Transfers and money remittances (transfers from EU to third countries),

• Transparency for payment account statements – PSPs will be obligated to include the information to explicitly recognise the payee.

PSD2 was the first regulation to introduce open banking rules by enforcing clarification to the previously unregulated environment. Current open banking regulations lay under Regulatory Technical Standards (RTS), which is a part of PSD2, and will be moved to Payment System Regulator (PSR). PSD3 is proposing further expansion of changes with the aim of increasing Open Banking competitiveness, availability and interoperability:

• Proposal on Financial Data Access (FIDA) which explains how customers’ financial information may be shared, accessed and used,

• Requirements for payment account providers and banks to provide customers with access to dashboards where they can decide whether to give access to their data,

• Account Servicing Payment Providers (ASPPs) will not need to permanently keep fall-back interface in most cases. ASPPs will be required to provide customers with an interface enabling clients to manage Open Banking provider’s access to data,

• Support growth and innovation of Open Banking firms by creation of a framework which provides regulatory clarity, simplifying the rules for those firms when sharing data,

• Set minimum standards and requirements of application programming interfaces (APIs) for banking industry,

• Removing obstacles faced by Account Information Service Providers (AISPs) and Payment Initiation Service Providers (PISPs) when accessing dedicated data interfaces, by defining new requirements for retrieving those interfaces.

E-money institutions (EMIs) and Payment institutions (PIs) who are in competition with banks have significantly evolved in recent years but often are not able to compete on a level playing field with banks. They are required to obtain a licence by opening an account with a commercial bank, but often face refusal from the bank's side. Non-banks also face friction since the existing Settlement Finality Directive does not allow EMIs and PIs access to payment systems. Key proposed changes include:

• Bank will have to provide an explanation on access refusal for PIs, with the possibility for them to appeal to a national authority,

• Payment institutions will be able to directly access EU’s payment systems including central bank and four-party card schemes after adjustments made to Settlement Finality Directive (SFD),

• Creating a framework for financial data access as currently clients of open banking firms cannot control who accesses their data The regulation is needed to propose a secured access to customers data across different financial services, giving clients and organisations an effective tool to manage utilisation of their information.