The revised Payment Services Directive (PSD2) is an important step towards a Digital Single Market in Europe. Directive 2015/2366 was published in the Official Journal of the EU on 23 December 2015 and entered into force in January 2016. It came into effect on 13 January 2018.
The main aims of the PSD2 are to:
-contribute to a further integrated and efficient European payments market,
-improve the level playing field for payment service providers (including new players),
-ensure a high level of consumer protection and of payments security,
-encourage lower prices for payments, and
-facilitate the emergence of common technical standards and interoperability.
PSD2 widens the scope of the original rules and covers new services and market operators. It also places an additional layer of obligations on Payment Service Providers. The Directive focuses on ensuring regulatory and consumer protection measures apply to all forms of payment transactions, including internet and mobile payments, whilst ensuring a level playing field throughout the EU. Key changes include:
-Extension of scope to transactions - conduct of business rules to payment transactions will be extended but apply on a tiered system;
-Extension of scope to third party payment providers hitherto unregulated - opening the EU payment market for companies offering consumer or business-oriented payment services based on the access to information about the payment account - introducing the new so called "payment initiation services providers" (PISP) and "account information services providers" (AISP);
-Introduction of strict security requirements for the initiation and processing of electronic payments and the protection of consumers' financial data which will include “strong customer authentication”;
-Enhancing consumers’ rights in numerous areas, including reducing the liability for non-authorised payments, introducing an unconditional refund right for direct debits in euro;
-Independent ATM operators (i.e. those who provide services to multiple card issuers) are required to provide customers with the information on any withdrawal charges in accordance with PSD2;
-Prohibition of surcharging whether the payment instrument is used in shops or online; and
-The transaction threshold for a PSP categorised as a "small payment institution" is reduced from an average payment transaction turnover per month of < €3 million to < €1 million. Therefore, some existing PSPs may no longer be categorised as small payment institutions and will be fully subject to PSD2.
Key to achieving the objective of the PSD2 of enhancing consumer protection, promoting innovation and improving the security of payment services across the European Union are the Regulatory Technical Standards for strong customer authentication and common and secure open standards of communication. These requirements have application from 14 September 2019 and are given force by Regulation (EU) 2018/389.
See also Topic on Interchange Fees Regulation - IFR.