The Revised Payment Services Directive (PSD2) is the EU legislation to regulate firms that provide payment services.
The original Payment Services Directive (PSD) was introduced in 2007 and became UK law in 2009 through the Payment Services Regulations (PSRs). Its aims were to:
- create a single market for payments in the European Union
- open up the market to new entrants
- create a platform for the Single Euro Payments Area
- protect consumers rights when making payments
PSD2 was published in the European Union's Official Journal on 23 December 2015. It aims to:
- contribute to a more integrated and efficient European payments market
- improve the level playing field for payment service providers
- promote the development and use of innovative online and mobile payments
- make payments safer and more secure
- protect consumers
- encourage lower prices for payments
PSD2 will continue to govern the authorisation and prudential requirements for payment institutions and set the conduct of business rules for providing payment services.
Member States, including the UK, will have to implement the Directive into national law by 13 January 2018. The job of implementing some of the provisions has been delegated to the European Banking Authority (EBA). These provisions include developing regulatory technical standards (RTS) and guidelines. Some of these will come into force after January 2018, including the RTS on strong customer authentication, which is expected to come into force in the autumn of 2018.
The Treasury consulted on implementing regulations to update the PSRs in February 2017. We issued a consultation to reflect the Treasury’s new regulations in April 2017. This includes proposals for guidance in our revised Approach Document, which combines the existing Payment Services and E-Money Approach Documents. We are also consulting on changes to our Handbook and notifications for businesses using exclusions from regulation.
Firms affected by PSD2
PSD2 is relevant both for firms which are already authorised and firms that will have to seek authorisation or to notify us of certain information as a result of the changes. This includes:
- All existing payment service providers (PSPs), including banks, building societies, credit card providers, money remitters and e-money issuers.
- Providers of ‘payment accounts’ which are accessible online. These are accounts held in a payment service user’s name which are used to make payments, including current accounts, e-money accounts and credit card accounts. Firms providing these accounts will be required to give access to their customers’ accounts to providers of account initiation and/or payment initiation services, with the customer’s consent.
- A range of firms that are not currently required to be FCA-authorised or regulated, including firms that:
- provide services that are currently exempt from regulation because of the limited network, ‘digital download’ or commercial agent exemptions
- provide, or plan to provide, account information and/or payment initiation services