The current state of affairs within the payment sector in Europe is in serious need of change. According to a press release issued by European Parliament, the existing European Union (EU) payment services market is highly fragmented and expensive, costing more than 1% of EU GDP, or $147 billion annually.
In July 2013, the European Commission proposed a revision to its existing Payment Services Directive that would have a wider scope to cover the new payment service providers (PSPs) created by financial technology (fintech) companies. With the new Directive, known as PSD2, the Commission aims to give consumers greater protection and build a more competitive, innovative, and secure payment services market.
What are the key changes in PSD2?
Opening the market to competition
One of the biggest changes that could positively affect European consumers is the opening of access to payment account information to third parties. This means that account servicing PSPs, such as financial institutions, must allow approved and licensed third parties PSPs to have access to their customers’ account information when the customer has given explicit consent. Account servicing PSPs would also be forbidden from discriminating measures against third-party payments, such as adding surcharges or giving them lower priority.
Liability for issues with payments
Another important change is how liability for problems with payments is handled. Responsibility for correct and timely fund transfers rests solely on the shoulders of PSPs. In the case of unauthorized payments, payers could be held liable if there is clear evidence of fraud or negligence on their part. However, if the fraudulent payment occurred without the payer’s knowledge – for example, account hacking or stolen mobile device – then the payer is not held responsible.
Full disclosure of payment charges
Payment senders and recipients will both be entitled to receiving detailed information about any charges that are to be applied to their respective transactions before the payment is processed. This means that senders will be provided with a total of the charges along with a breakdown of the amounts, and recipients will be informed of any charges that they must pay related to the transaction.
Most significantly, PSD2 calls for considerably tougher rules on verifying the identities of payment service users. PSPs will be expected to apply “strong customer authentication” for senders who initiate electronic payments. Based on the definition given in the Directive, this means that two-factor authentication will be the minimum standard. Unless the senders themselves have committed fraud, PSPs that do not comply with this requirement will be responsible for any losses due to identity fraud.
“When it comes to strong customer authentication, Trulioo is the first line of defense,” said Stephen Ufford, Founder and CEO of Trulioo. “Our identity verification service allows payment providers to instantly verify a sender’s identity to ensure that they comply with due diligence requirements.”
How has been the response been to PSD2?
Although PSD2 has been generally welcomed in principle by PSPs within the EU, it is not without reservations. Visa Europe, representing over 3,700 European banks and payment providers, expressed concerns about the Directive. It said that telecommunications providers should not be exempt from PSD2 regulations, especially because of their role with mobile payments.
Because PSD2 will not fully come into force until 2018/2019, the European Banking Authority (EBA) has issued its own guidelines as an interim measure to follow in the meantime. EU countries were expected to provide a final response on whether or not they would comply with the guidelines by February 2015. Three countries, the United Kingdom, Slovakia, and Estonia, have refused to comply with the guidelines. The Financial Conduct Authority (FCA), which represents the UK on such matters, said that it cannot comply because it lacks the power to require PSPs within the country to follow the EBA guidelines.
It is worth noting that many of the measures introduced in PSD2 are not unprecedented. In the United States, the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank) was enacted in 2010 as a result of the financial crisis that occurred in 2008. In particular, Section 1073 of Dodd-Frank relates to remittances, setting requirements for liability limits, fee disclosure, and consumer protection.
In an interview about global mass payments, Kerry Agiasotis, President of Western Union Business Solutions, addressed the current difficulties faced by PSPs.
“Moving money around the world is becoming increasingly challenging. If you think about global banking systems and the fast pace at which regulation is changing, this is building onto problems that already exist,” Agiasotis said.
People want choice. By opening the payments market to greater competition and encouraging further fintech innovation, consumers win as a result of PSD2 by having a wider variety of more affordable options for transferring money.
“Choice means that people can get paid. When you look at different industries they have different relationships with payees, some are very concerned about the global payment experience,” said Peter Burridge, President and Chief Commercial Officer at Hyperwallet. “The options we provide, receiver choice, and allowing people to get paid as quickly as possible with transparency, are key.”
As EU member countries prepare new legislation that will implement the rules of PSD2 into their own national laws over the next two years, the PSP landscape will continue to evolve in Europe. In the end, PSD2 will be beneficial to both consumers and the payment provider sector, as greater fee transparency, greater fintech innovation, and market competition become the standard in the EU.
What opportunities do you see for European Payment Service Providers with the implementation of PSD2?