The review of PSD2 is currently taking place with some delay. With this review, various market participants are being asked for their feedback on the question of which adjustments should be made to the PSD2 in the course of a possible revision. On 23 June 2022, the European Banking Authority (EBA) submitted its comments to the European Commission in the form of an opinion. On a total of 126 pages, the EBA lists a large number of issues that have come to its attention in connection with the PSD2. For some issues, the EBA also proposes solutions. Some of these proposals are quite challenging. But read for yourself:
Scope of PSD2
The EBA proposes a change to the catalogue of payment services. For example, the money remittance business should be more clearly distinguished from other payment services. Issuing and acquiring business are to be separated into two different offences, whereas other payment services are to be combined. With regard to the exemptions contained in Article 3 of the PSD2, the EBA makes comments in particular with regard to the commercial agent exemption, which is extremely relevant for different industries, and the exceptions for limited networks and limited ranges (LNE). Finally, the EBA welcomes a potential merger of the PSD2 with the 2nd Electronic Money Directive (EMD2), which is also expected by many market participants.
Authorisation and Supervision of Payment Service Providers
Besides some technical changes with regard to the EBA register and passporting, the EBA proposes changes with regard to capital requirements for payment service providers. Presumably in the context of the Wirecard scandal, the EBA’s proposals include additional requirements for the liquidity management of payment service providers as well as rules on the wind-down of important payment service providers. Furthermore, the EBA recognises the problem currently existing in Germany and other member states that the process of applying for a license often takes a very long time.
Liability of Payment Service Providers
In the case of failure to apply strong customer authentication (SCA), EBA would like to clarify the distribution of liability between the payment service providers involved. In addition, some undefined legal terms (e.g. “fraudulent action” and “gross negligence”) should be specified.
Implementation of the SCA
With regard to the necessity to carry out the SCA, currently existing ambiguities (better definition of unclear terms, integration of third party service providers, application of exemptions) are to be eliminated. The adjustment of the rules for payment transactions initiated by the merchant suggested by the EBA could be highly relevant. In particular, it remains to be seen whether an SCA will be required more often in future for obtaining SEPA direct debit mandates.
Open Banking / Open Finance
As expected, the EBA is dealing quite intensively with account information and payment initiation services (AIS and PIS). Here, the EBA would like to take up the idea of a standardised API. In addition, account-holding payment service providers are to be obliged to provide the providers of AIS and PIS with significantly more information than they do today. For example, the name of the account holder and other data (e.g. on standing orders and investments) should also be transmitted. This could result in considerable potential for providers of KID and ZAD with regard to new products.
Further topics
The EBA’s further comments relate in particular to the problem that payment service providers are having increasing difficulties in obtaining and retaining (trust) accounts. In addition, also due to the delayed introduction of the SCA, the EBA suggests that in a revised PSD more requirements are placed on non-regulated entities (e.g. technical service providers and card schemes).
On the way to PSD3?
The EBA’s opinion provides rather clear indications of the directions in which the supervisory authorities are thinking. I find it particularly remarkable that the EBA addresses almost all the problem points that we also see with regard to PSD2. Due to the large number of comments and the depth of detail in the explanations alone, the European Commission will not be able to avoid dealing with this intensively. At the same time, the number of people who doubt that there will be a PSD3 in the foreseeable future has probably become smaller as a result of the EBA’s comments.
Cover picture: Copyright © PayTechLaw
