Digital Transformation in EU Payment Legislation
The European Union (EU) has been publishing regulations on payment services gradually as part of the establishment of the European Single Payment Area and the single market aim. With the regulations made within this framework, it is aimed to ensure that the same rules apply to payment services in all EU member states, information is easily accessible, payment transactions are carried out as soon as possible, the rights of consumers are protected and diversity and competition in payment services are increased.
In this context, firstly, the EU published the Payment Services Directive (PSD1) on 13 November 2007. PSD1 was adopted by EU member states as well as Iceland, Norway and Liechtenstein, which are included in the European Economic Area. The regulation basically regulated electronic and non-cash payments, with some exceptions.
Another significant step of the EU took place in 2015. On 25 November 2015, the Second Payment Services Directive (PSD2) was adopted to improve the scope and existing rules in line with the developments in payment services. PSD2, which entered into force in January 2018, included open banking and payment order initiation services.
The latest development took place in June. On 28 June 2023, EU Commission published its highly anticipated proposals to renew PSD2. Commission published its proposals for the Third Payment Services Directive (PSD3) and Payment Services Regulation (PSR).
The PSD3 and PSR draft regulations mainly aim as follows:
- Combatting and mitigating payment fraud
- Improving consumer rights
- Further levelling the playing field between banks and non-banks
- Strengthening user protection and confidence in payments
- Improving competitiveness
- Extending the supervisory and enforcement powers of regulators.
In addition, the draft package identifies challenges for open banking practices in terms of effective and efficient access to data held by banks by account information service providers and payment initiation service providers, known as third-party providers. Moreover, in the context of consumer safeguards and fraud protection, measures have been set out under several headings, including IBAN/name verification, transaction monitoring and identity fraud liability.
The PSD3 proposal is being scrutinized by the European Council and the European Parliament. Endorsement and publication of the final version are expected towards the end of 2024 or early 2025. The draft PSR regulation states that it will enter into force 18 months after its publication and will be directly applicable. Meanwhile, Member States will have 18 months after the publication of PSD3 to transpose the relevant regulation into their national laws.
You can reach the full text of the draft PSD3 and the draft PSR here (available in EU languages).
Tagged with: Gökçe, Görkem Gökçe, Elif Aksöz, Fintech