PSD2 will bring under regulation financial technology companies that do not enter the flow of customer funds, a development that some industry players will welcome, while others will strongly oppose. John Fernandez, PPRO Group, Jakub Grzechnik, PKO Bank and David Parker, Polymath Consulting, take a view

John Fernandez, senior legal and regulatory counsel, PPRO Group

Since the first Payment Services Directive in 2007, advancements in payment technology have continued at rapid pace. Authorising payments via mobile solutions such as Apple Pay, wearable technology or fingerprint recognition have become viable options for consumers at point of sale (POS). Similarly, in the online world, consumers are able to access services that utilise bank account information such as transaction history or their ID to simplify account switching, or to initiate payments from their bank accounts from outside of their online banking ecosystem. This latter field of innovative technology providers – known as "Payment Initiation Service Providers (PISPs)" have quietly established a niche presence within several European markets. So much so, that the European Commission has directly flagged them for inclusion within PSD2.

PISPs are largely FinTech companies that have taken the opportunity to expand in markets where traditional online forms of payment such as credit cards are not prevalent. PISPs have developed payment technologies which allow consumers to make payments online by providing their banking login credentials to a PISP in a secure manner, in order to initiate a payment from their bank account. PISPs provide a low cost manner for consumers to make payments while affording online merchants a method of payment that is secure and not subject to chargebacks. For the most part, these schemes have largely been operating outside of the sphere of direct regulation, however, PSD2 is set to change this course and bring these entities under the umbrella of financial regulated firms.

So what does this mean for these innovators?
PISPs will need to prepare themselves for an application and authorisation process with their domestic regulatory authority before being granted authorisation as a payment institution in order to offer their services. The application will include providing a programme of operations, business plans, descriptions of governance and internal controls as well as security policies. These entities will not be permitted to hold consumer funds and will need to obtain professional indemnity insurance.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

View profiles in store

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData

Submit

UK USA Afghanistan Åland Islands Albania Algeria American Samoa Andorra Angola Anguilla Antarctica Antigua and Barbuda Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia Bonaire, Sint Eustatius and Saba Bosnia and Herzegovina Botswana Bouvet Island Brazil British Indian Ocean Territory Brunei Darussalam Bulgaria Burkina Faso Burundi Cambodia Cameroon Canada Cape Verde Cayman Islands Central African Republic Chad Chile China Christmas Island Cocos Islands Colombia Comoros Congo Democratic Republic of the Congo Cook Islands Costa Rica Côte d"Ivoire Croatia Cuba Curaçao Cyprus Czech Republic Denmark Djibouti Dominica Dominican Republic Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Ethiopia Falkland Islands Faroe Islands Fiji Finland France French Guiana French Polynesia French Southern Territories Gabon Gambia Georgia Germany Ghana Gibraltar Greece Greenland Grenada Guadeloupe Guam Guatemala Guernsey Guinea Guinea-Bissau Guyana Haiti Heard Island and McDonald Islands Holy See Honduras Hong Kong Hungary Iceland India Indonesia Iran Iraq Ireland Isle of Man Israel Italy Jamaica Japan Jersey Jordan Kazakhstan Kenya Kiribati North Korea South Korea Kuwait Kyrgyzstan Lao Latvia Lebanon Lesotho Liberia Libyan Arab Jamahiriya Liechtenstein Lithuania Luxembourg Macao Macedonia, The Former Yugoslav Republic of Madagascar Malawi Malaysia Maldives Mali Malta Marshall Islands Martinique Mauritania Mauritius Mayotte Mexico Micronesia Moldova Monaco Mongolia Montenegro Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherlands New Caledonia New Zealand Nicaragua Niger Nigeria Niue Norfolk Island Northern Mariana Islands Norway Oman Pakistan Palau Palestinian Territory Panama Papua New Guinea Paraguay Peru Philippines Pitcairn Poland Portugal Puerto Rico Qatar Réunion Romania Russian Federation Rwanda Saint Helena, Ascension and Tristan da Cunha Saint Kitts and Nevis Saint Lucia Saint Pierre and Miquelon Saint Vincent and The Grenadines Samoa San Marino Sao Tome and Principe Saudi Arabia Senegal Serbia Seychelles Sierra Leone Singapore Slovakia Slovenia Solomon Islands Somalia South Africa South Georgia and The South Sandwich Islands Spain Sri Lanka Sudan Suriname Svalbard and Jan Mayen Swaziland Sweden Switzerland Syrian Arab Republic Taiwan Tajikistan Tanzania Thailand Timor-Leste Togo Tokelau Tonga Trinidad and Tobago Tunisia Turkey Turkmenistan Turks and Caicos Islands Tuvalu Uganda Ukraine United Arab Emirates US Minor Outlying Islands Uruguay Uzbekistan Vanuatu Venezuela Vietnam British Virgin Islands US Virgin Islands Wallis and Futuna Western Sahara Yemen Zambia Zimbabwe Kosovo

Industry * Academia & Education Aerospace, Defense & Security Agriculture Asset Management Automotive Banking & Payments Chemicals Construction Consumer Foodservice Government, trade bodies and NGOs Health & Fitness Hospitals & Healthcare HR, Staffing & Recruitment Insurance Investment Banking Legal Services Management Consulting Marketing & Advertising Media & Publishing Medical Devices Mining Oil & Gas Packaging Pharmaceuticals Power & Utilities Private Equity Real Estate Retail Sport Technology Telecom Transportation & Logistics Travel, Tourism & Hospitality Venture Capital

Tick here to opt out of curated industry news, reports, and event updates from Electronic Payments International.

Submit and download

Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

The major positive is that these firms will have an official legal framework in which to operate. Banks will no longer be permitted to draft consumer T&Cs which forbid their customers from sharing login credentials in order to authorise payments. Nor will banks be able to shut out PISPs from accessing accounts other than for "objectively justified" reasons related to fraud or unauthorised access.

Threat or promise?
Many banks may find the increased scope of PSD2 a threat or challenge to their incumbent market position. However, on the contrary it should be viewed as an opportunity to create synergies between fintech and banking in order for financial service offerings to further evolve. Fintechs are typically smaller, more agile businesses that can act quickly to take advantage of new opportunities, and this will certainly take place. Banks should actively seek out key partnerships with fintechs in order to leverage the market opportunity they present.

From January 2016, EU regulatory authorities will have a two-year time frame in which to implement PSD2 on a domestic basis. Despite the additional compliance overheads associated with operating in the regulated sector, innovators will be brought into the regulatory spotlight and this should open many doors in terms of creating awareness within markets and improving customer uptake. Twenty four months within an existing business may seem like a long time, but forward planning and effective preparation will be key to surviving the payments evolution and transition into the regulated arena.

Jakub Grzechnik, head of mobile and internet banking, PKO Bank

We are deeply concerned about PSD2 but at the same time we are familiar with the theme of the whole retail banking revenue stream being cut up by fintechs that are taking chunks of retail banking and building their own businesses on it.

It’s just that after PSD2 the fear is we will be left only with the cost and process of brand current accounts and all the profits will be taken up by the other small fintechs.

It is a possible scenario but we are trying to create such a strong experience for the customer: an integrated, multichannel experience, that the ‘stickiness’ customers have will make it difficult for all the start-up players and all the competitors to get those profitable opportunities.

Just look back at our history. mBank is a formidable competitor but even still, PKO Bank, as an incumbent and as a traditional institution, have managed to retain our market share and remain the top bank in the country.

We are all big banks trying to create a customer experience, good enough for the customer so that the customer is too lazy to go elsewhere.

David Parker, CEO, Polymath Consulting

The real issue for many banks is that with the open API’s coming in under PSD2 many of the legacy platforms will have significant challenges delivering on the regulatory requirements for data access.

PSD2 will not marginalise card payments; any intermediary processing the payment between retailer and bank is going to have to provide the infrastructure for a lower cost than 0.2% of the transaction, or 20 basis points that is now being charged on cards. This is certainly going to be challenging!