Payment services have always been an essential part of everyday life, be it in the form of a barter system or of a modern fintech architecture. Currently, there is a trend towards digitalization of financial services, which is manifested in the popularization of electronic payments. The same can be said of international law, where technology provides enough flexibility to keep up with new regulations. Needless to say, such rapid technological progress calls for new legal solutions, and so the development of the European FinTech sector is addressed by the EU Payment Services Directive 2, or PSD2. What regulations does it outline, and how does it affect the FinTech industry? These questions will comprise the scope of this article.
Definition of Payment Service Directive 2 (PSD2)
Payment Service Directive 2 (PSD2) is a decisive step taken by the European Union towards regulating innovation in the financial industry. An additional premise is to encourage customers to use online payments more often and reduce the number of cases of online fraud. The directive is intended to create conditions for the development of innovative payment systems using the Internet or mobile devices. Standardization of payment services, according to the initiators, can positively affect the chances of each representative of the FinTech industry in Europe.
The implementation dates for the new rules have been subject to change. Initially, 2016 was speculated to be the effective date of PSD2, but it was not until September 14, 2019 that the new regulations came into effect for all EU countries. Nevertheless, the echoes of this decision are still there, as the regulation was also supposed to enter the UK in March 2022.
What assumptions are included in PSD2?
The regulation enforces strong customer authentication, a higher level of security of stored data, and restricts access to customer accounts by third parties. From the first days of implementation, transactions carried out over the Internet will have to be verified with multi-factor authentication (MFA). There are exceptions to this rule, however. These are defined by another Regulatory Technical Specification (RTS) directive, which gives examples in which Payment Service Providers (PSPs) are not strictly required to authenticate the customer. These exceptions include low-value payments, duplicate transactions or payments addressed to trusted users. In the entire European Union, banks, financial institutions and payment service providers must comply with the latest regulations.
The Payment Services Directive also affects banking operations. Through the previously mentioned customer authentication, or at least secure communications. Throughout the European Union, banks, financial institutions and payment service providers are required to comply with PSD2. The directive is also intended to give impact to every financial institution to consider high-quality security for customer data. Among the most frequently mentioned tools, voice IDs appear, as well as fingerprints. PSD2 also supports online banking. Thanks to the introduced changes, customers can check all the necessary data in one place after logging in to their bank account.
PSD2 and open banking
The European regulation also affects services called open banking. This term encompasses all cases in which customer account information is made available through an API to external suppliers. As a result, customers can view all accounts from a single mobile app and commission online transfers seamlessly. Open banking API provides a better banking experience by gathering all banking products in one place, and at the same time diversifies the offer of fintech companies. PSD2, on the other hand, contributes to blurring the boundaries between the previously known competition. Sharing data using APIs is a step towards balancing the relationship between the banks, the fintech companies, and the customer base of the two. Open banking contributes to the growth of the digital economy.
What benefits does the Payment Service Directive 2 provide to individual clients and fintech firms?
The implementation of PSD2 completely changes the approach to traditional banks, especially when using financial services outside the country where your bank is based. From now on, regardless of whether you want to open an account or maybe you are applying for a loan, EU banks can have access to all the necessary data, if given your consent.
This is not the only advantage for the customer. The PSD2 directive pays special attention to consumer protection. Customers decide who can have access to their sensitive data. For any violations and violations of rights, customers from all over the EU have the possibility to address complaints to the relevant institutions. The deadline for responding to these written complaints must not exceed 15 working days.
The regulation looks equally promising from the perspective of fintech firms. The data collected can be used to personalize the offer and work on increasing consumer confidence. In addition, fintech companies can, thanks to the standardization of legal regulations, try to attract new customers from markets that have not yet been explored. Faster payments and modern security could prove to be a breakthrough for today's financial services. It is also one of the many factors that can affect competition with similar companies.
How has RWM adapted to the revised payment services directive?
In the case of Railwaymen, support for fintech projects in terms of the PSD2 directive is carried out on many levels. We use, for instance, the part of the AISP responsible for account history and transaction. We carry out this type of operation through Plaid or Tink. These platforms allow you to share user data with financial sites that you yourself have indicated as acceptable to send. Through the APIs of these platforms, we can easily monitor transactions in a customer's account, as long as we obtain their prior consent. If there are any irregularities regarding transactions, then the financial administrator takes appropriate steps to prevent any fraud. At our company, we also pay special attention to the personal information of our customers and our cooperating entities. That's why we protect them through Amazon Web Services, which has the security features to do so.
Visit our website and check out the Case Studies of our FinTech projects.