The implementation of the Payment Services Directive is
one of the most pressing issues facing Europe’s card and payments
industry. Stephen Ley, a
partner in Deloitte’s Enterprise Risk Services practice, and
Francesco Burelli, a
director in the payments team at Deloitte, set out the challenges
facing payments players.


The extent of the product and geographical
scope make the Payment Services Directive (PSD) one of the most
ambitious political objectives of the European Commission (EC) to
date. The directive was needed to support the Single Eurozone
Payments Area (SEPA) initiative, as domestic payments operate under
a very different set of rules and consumer interface standards.

In addition to SEPA, the PSD has the goal of
improving consumer choice through transparency and enhanced
competition and achieving a more efficient European payments
market. The PSD is a “maximum harmonisation” directive and was
promulgated by the European Union on 5 November 2007. It is now in
the process of being translated into domestic law by the European
countries with a deadline of 1 November 2009.

State of adoption

The member states have all chosen
different target dates for the translation into domestic law. The
UK and Bulgaria were the first two countries to adopt the PSD, in
the first quarter of 2009, and the majority of the other members
are reviewing their consultation papers.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

Denmark recently completed its adoption.
Germany, France, the Netherlands, Spain and the Czech Republic are
the countries where progress has been made more quickly compared to
the remainder of the other interested European countries. The lack
of synchronisation and implementation across countries is an
additional challenge facing cross-border payment franchises, but it
is becoming evident that even for domestic players the path to
compliance is not straightforward.

The structure of the PSD

The PSD is an extensive document
structured in four sections named ‘Titles’.

Title I of the PSD defines its scope and the
key terms of the PSD. Title II introduces the “payment institution”
and an appropriate compliance and prudential regime enabling
non-banks to directly enter the payments space with the aim of
enhancing competition between national payments markets. Title III
is focused on the information for the payer and the payee and
prescribes the information obligations that banks and service
providers will have in regards of their customers. Finally, Title
IV defines the rights and obligations for both banks and

Across all of the four PSD Titles , banks and
future payment institutions are faced with multiple challenges of
interpreting, implementing and setting up adequate controls to
reach and maintain compliance. While the interpretation is done in
most countries by working groups operating at industry level and
engaged with the regulator during the translation process, it is
still largely up to the banks to determine the economic and
operational impact the PSD will have on the individual
organisations. The interpretation of the PSD requirements drives
the implementation and addresses all the legal and operational
changes required by the regulation.

Finally, the implementation should take into
account the set-up of appropriate control procedures to ensure the
application of PSD compliant standards is kept and to facilitate
the auditing of payments operations. In the medium term the PSD
will also pose some strategic challenges to the changing
competitive landscape (e.g. likely disintermediation of banks by
non-financial services organisations and processors who will become
payment institutions in addition to new entrants).

The changing economics of the payment business
will require card issuing, acquiring and transactional banking
strategies for banks, monoline issuers, and merchant acquirers
throughout Europe to be rethought.

Complex path to

Based on the different consultation
papers and the PSD laws that have been finalised so far, it would
appear that different member states will have their own different
ways of interpreting and translating the PSD into law.

There are differences in the number of
products that are included in its product scope – e.g. for some
countries the PSD does not apply to prepaid cards while in others
they will have the same compliance obligation as other

Postal office payments in some will be
affected as much as banks compared to others where the post office
is only marginally impacted by the PSD. With regards to waivers, in
some countries there will be different payment value thresholds
where the PSD will be applied, for example.

Different countries are taking a very
different position about the actual implementation of the T+1 time
payments terms where T+1 can be either managed through the backward
setting of the value date or be interpreted as the actual clearing
and settlement date. Legislators in some countries are completely
rewriting the PSD requirements into domestic law, while others are
developing domestic legislation meant to complement the EU’s PSD
document and to be taken onboard with a dual reference

Needless to say, the process is not proving to
be straightforward given the magnitude of changes introduced to the
existing set-up of payments and to the many areas that are open to
interpretation. What is without doubt is that the PSD will require
significant changes of the payment’s rules and regulation to
reflect the numerous changes introduced by Titles III and IV.

Impact to cards

Card payments will all be impacted,
apart from small transaction, closed-loop, and stored value payment
schemes. The introduction of the right of the payer to dispute a
transaction up to 13 months post the transaction day is introducing
a number of changes to the dispute processes, with the way
transaction data is stored and handled post-transaction and the
risk of fraud exposure of issuers and acquirers.

Similarly the validity of a fraudulent
transaction authorised by PIN authentication in view of the
cardholder’s liability is going to change. Channels like ATMs are
not exempt from changes. The obligation to confirm to the payer
whenever a transaction is successful or declined will be placed on
the issuer. ATM operators will find themselves challenged with the
obligation of providing a confirmation of the currency exchange
details with each transaction.

Such information is available whenever dynamic
currency conversion is applied to the transaction (subject to
cardholder’s acceptance) but otherwise will become available only
after being passed through the scheme and the issuer networks after
currency exchange rate surcharges have been applied and the
transaction is added to the cardholder’s current account

The additional obligations introduced by the
PSD extend further into the obligation to immediately restore
available balances to debit, prepaid and credit cards whenever a
transaction is refunded or a payment is made to clear any
outstanding balance.

It is easy to imagine the extent of the
implications for both the operation and economics of subprime
consumer credit lenders, whether door-to-door or cash-on-hand
instalment collections, as the monies received should result in an
immediate release of an equivalent available balance to spend on
the card. The same mechanism applies to prepaid cards whenever a
transaction is refunded or reversed at point of sale. Should
transaction errors take place, and cardholders withdraw cash at
ATMs on balances that are available by mistake, the prepaid issuers
would be exposed to fraudulent disbursements that would prove
difficult to recover.

Overall the increased risk of first-party
fraud is not the only cost that will be increasing as a consequence
to the PSD. By talking with bank issuers throughout Europe, the
prevailing view is that the PSD will raise costs and not provide in
balance revenue generating opportunities.

This would appear to be more the case for the
card industry than transactional banking where, in this case, the
widespread practice of payments fee waivers provides the
opportunity to address practices leading to substantial revenue

This is not the case in cards fees where the
waiver practices are not so common and when there are risks of
complaints and legal actions in case of borderline legitimate
application of penalties fees.

In some countries there are already lawyers
operating in the litigation space and recovering fees applied to
cardholders on a percentage of recovered charges basis; it is
likely that the PSD will increase the spread of these practices,
exposing card issuers, especially those operating in the subprime
and prime segments, to an increasing number of claims. Rewriting
and integrating contracts with cardholders’ agreements will also be

At present there are no indications of card
schemes being close to distributing revised versions of their rules
and regulations incorporating PSD changes.

Financial impacts of the

Early indications from issuer data
over a number of European countries point out that the additional
cost and reduced revenues will be in the range of €3 to €8 ($4.3 to
$11.4) per card per year. Once again, based on conversations with
debit and credit card issuers across Europe, the PSD implementation
costs per card are expected to be in the range of €9 to €35 per
card depending on the size of the issuer’s portfolio and the type
of operational set-up.

The PSD in itself does not address fees
applied to payment services but overall industry expectations are
that enforcement of greater transparency will impact consumer
behaviour as a consequence of an increased awareness of charges,
like foreign exchange surcharges, that would otherwise may have
gone unnoticed. The European banks we are talking to are expecting
that this will drive consumers, at least initially, to a different
pattern of card payments usage.

Getting ready for a new world of

Non-compliance is not an option;
however it is surprising to still find issuers and acquirers,
typically smaller organisations, who are not fully aware of or
active in developing plans despite the deadline looming closer.

The expected late translation of the PSD
compared to the actual deadline of 1 November will also add an
additional challenge given the short time gap remaining for the
implementation. It is likely there will be organisations that will
not manage to complete their compliance initiatives in time. Delays
and time slippage is expected as are subsequent changes and
adjustments post implementation deadlines throughout the

It is hoped that banks are well underway with
their compliance initiatives. Whatever the status of the
consultation with the domestic regulators, the high level impact
analysis should have been completed by now with the various
functional and product specific work-streams well under way. In any
case there are some practical steps that would be advisable
regardless of the status of the current implementation:

Participate in the
industry working groups
– requirements in many areas need
interpretation that are best addressed at industry level;

Talk to your
– technical compliance is not a factor of
competitive advantage on its own. Whatever route to compliance is
taken it is best to be aligned with the prevailing practices and to
leverage collective learnings whenever available;

Do not wait
even if the domestic translation of the PSD is not yet completed,
it is necessary to start identifying the impacted areas, aligning
functions and organising working groups and their governance,
preparing impact analysis and start developing and getting ready to
implement required changes;

Organise appropriate
quality assurance and testing
– PSD compliance is a matter
with a degree of complexity and

Do not underestimate
post-implementation requirements
– controls will need to
be built and implemented to ensure ongoing compliance and ability
to audit;

Understand the
– PSD compliance will have an impact beyond
operations and banks; issuers, acquirers and processors will need
to understand and address likely impacts to their business models,
changes in the competitive landscape and change of consumer


Francesco Burelli, Stephen Ley

From the left:

Francesco Burelli,
a director in the payments team at Deloitte.

Stephen Ley, a
partner in Deloitte’s enterprise risk services practice who
specialises in payments and retail banking.