The revised Payment Services Directive (PSD2) is the EU legislation which sets regulatory requirements for firms that provide payment services.
The original Payment Services Directive (PSD) was introduced in 2007 and became UK law in 2009 through the Payment Services Regulations (PSRs). Its aims were to:
- create a single market for payments in the European Union
- open up the market to new entrants
- create a platform for the Single Euro Payments Area
- protect consumers rights when making payments
PSD2 was published in the European Union's Official Journal on 23 December 2015. It aims to:
- contribute to a more integrated and efficient European payments market
- improve the level playing field for payment service providers
- promote the development and use of innovative online and mobile payments
- make payments safer and more secure
- protect consumers
- encourage lower prices for payments
PSD2 will continue to govern the authorisation and prudential requirements for payment institutions and set the conduct of business requirements for providing payment services. To find out how PSD2 affects your business, use the PSD2 Navigator.
Member States, including the UK, must implement the Directive into national law by 13 January 2018. The job of implementing some of the provisions has been delegated to the European Banking Authority (EBA). These provisions include developing regulatory technical standards (RTS) and guidelines. Some of these will not be effective until after January 2018, including the RTS on strong customer authentication and common and secure communication, which is expected to take effect from Q3 2019.
The Treasury consulted on implementing PSD2 through the Payment Services Regulations 2017 in February 2017. We issued a consultation (CP17/11) to reflect the Treasury’s new regulations in April 2017. This included proposals for guidance in our revised Approach Document, which combines the existing Payment Services and E-Money Approach Documents. It also included proposed changes to our Handbook and notifications for businesses using exclusions from regulation.
We issued a smaller follow-up consultation (CP17/22) on authorisation forms and certain reporting forms under PSD2 in July 2017.
We issued a Policy Statement in September 2017 confirming the revised Approach Document and Handbook changes following consultation feedback.
Firms affected by PSD2
PSD2 is relevant both for firms which are already authorised or registered and firms that will have to seek authorisation or registration or notify us of certain information as a result of the changes. This includes:
- All existing payment service providers (PSPs), including banks, building societies, credit card providers, money remitters and e-money issuers.
- A range of firms that are not currently required to be FCA-authorised or regulated, including firms that:
- provide services that are currently exempt from regulation because of the limited network, ‘digital download’ or commercial agent exemptions
- provide, or plan to provide, account information and/or payment initiation services