What are PSD3 and PSR?

PSD3 and PSR are two pieces of legislation that build on the foundations laid by their predecessor, PSD2, introduced in 2018. While PSD2 opened the door to open banking, allowing third-party service providers access to customer banking data with consent, PSD3 and PSR seek to go further, refining existing rules and introducing new measures to enhance security, improve consumer rights, and foster a more competitive market.

• PSD3 (Payment Services Directive 3) is an updated directive focusing on licensing and the operation of payment service providers (PSPs), as well as stricter compliance requirements for these institutions.
• PSR (Payment Services Regulation) is a complementary regulation that provides a unified framework across the EU, making rules more consistent and easier to enforce. It addresses transparency, consumer rights, and fraud prevention, among other areas.
  

Why Do These Regulations Matter?

The financial services and payments industries have seen rapid innovation and growth in recent years, but these changes have also brought new challenges. The rise of digital payment methods, the increased reliance on data sharing, and the growth of fintech players have all contributed to a complex environment that requires updated regulations.

PSD3 and PSR aim to address these challenges in several key areas:

1. Combating Fraud and Improving Security
   PSD3 and PSR introduce stronger measures to prevent fraud, such as mandatory checks to ensure a payee’s name matches the IBAN and enhanced identity verification processes. They also encourage better sharing of fraud-related data between institutions to identify patterns and improve the overall security of the payments ecosystem.
2. Levelling the Playing Field
   The new regulations seek to further level the playing field between banks and non-bank financial institutions by allowing non-bank PSPs direct access to EU payment systems. This will foster increased competition and innovation, ensuring that new entrants can compete fairly with established players.
3. Enhancing Consumer Rights
   Consumers will benefit from enhanced rights, such as clearer rules for refunds, improved transparency around fees, and the ability to see and control who has access to their financial data through centralized dashboards. This will give consumers greater control over their information and bolster trust in the payments sector.
4. Strengthening Open Banking and Data Sharing
   Building on PSD2’s introduction of open banking, PSD3 and PSR will remove remaining obstacles, making it easier for consumers to share their financial data securely with service providers. This will pave the way for new and innovative financial products, while also ensuring that customers have full visibility and control over who accesses their data.
   

What Do You Need to Consider?

Organizations affected by PSD3 and PSR—whether they are banks, fintech companies, or other payment service providers—should start preparing for these changes now. Here are some key considerations:

1. Monitoring Timelines and Legislative Changes
   While the final texts of PSD3 and PSR are expected to be adopted by 2024, with a transition period extending to 2026, organizations should stay informed about any changes or delays in the legislative process. This will allow them to adjust their plans accordingly and ensure they remain compliant when the regulations come into force.
2. Strategic Approach to Compliance
   The regulations present not just compliance challenges but also opportunities for strategic advantage. By understanding the broader implications of the regulations and aligning with other ongoing regulatory changes like the Digital Operational Resilience Act (DORA), companies can ensure a coordinated approach across departments and develop strategies that go beyond compliance.
3. Technical and Operational Adjustments
   Organizations may need to enhance their technical infrastructure to meet the new compliance requirements. This could include upgrading systems for fraud detection, implementing more robust identity verification mechanisms, and ensuring that data-sharing practices are compliant with the new rules.
4. Collaboration and Coordination
   Preparing for PSD3 and PSR will require close collaboration between different parts of the business—legal, compliance, IT, and customer-facing teams. Effective communication and a shared understanding of the strategic benefits of these regulations will be crucial for a smooth transition.
   

Final Thoughts

PSD3 and PSR are set to reshape the EU payments sector in the coming years. By addressing emerging risks, enhancing consumer rights, and promoting a more competitive market, these regulations will play a crucial role in building a secure and innovative payments ecosystem. For organizations in the financial services and payments industries, now is the time to start preparing, ensuring that they are ready to meet the new requirements and seize the opportunities that come with this new regulatory landscape.

At HiQ, we have been involved in developing parts of the financial infrastructure and have deep expertise in helping organizations navigate complex regulatory environments. If you want to learn more or discuss how we can support your business through these changes, get in touch with us.