Payment Services Directive 2 (PSD2)
The amended PSD2 is the legal foundation to further substantiate a single market for payments in the EU. The PSD2 has the objective to increase the security of payment services, to regulate and stimulate innovative services and to further strenghten consumer protection and to harmonise the internal market.
The PSD has been expanded with two new (regulated) institutions called 'payment initiation services providers’ (PISPs) and the 'account integration service providers' (AISPs). PISPs can initiate payments on behalf of and with consent of the account holder. AISPs can access account data with consent of the account holder. A third new service is the confirmation for availability of funds that can be obtained by a third party card issuer.
1Implementation / enforcement 02/2013 - 07/2013
2Discussion / consultation 07/2013 - 11/2015
3Implementation / enforcement 11/2015 - 01/2019
4In effect 01/2019 -
The role of banks may change fundamentally with the introduction of the PSD2. Data in possession of the bank will have to be shared with other organisations. This may lead to a shift in what party controls the relationship with the customer. Apart from strategic considerations the PSD2 triggers security and privacy related topics.
Dates: official transposition date is 13 January 2018, this date was not made in the Netherlands. Transposition is expected around 1 January 2019.
Regulatory Technical Standards furthermore define a date on which security requirements and communication between diverse payment services providers needs to be in place. This is 14 September 2019, a testing environment for AISPs and PISPs needs to be in place from 14 March 2019.