The new EU directive on payment services - PSD2

Will PSD2 revolutionise the financial sector?

In response to the continued progress of technological innovations, and aimed at creating a safe and harmonised market of electronic payments within the EU, the European Parliament and the Council has adopted a new directive 2015/2366 on payment services in the internal market (PSD2 or the Revised Payment Services Directive). It is hoped that this will increase consumer protection and awareness, enhance competition in the market, as well as facilitate the introduction of innovation in the financial services sector.

The term financial and payment services is generally seen as representing a bank and its services. However, PSD2 might change this concept. PSD2 envisages that more companies offering certain payment services now regulated under PSD2, primarily IT companies, will enter the market. It is expected that such new players in the payment services market will provide Account Information Services, thanks to which customers will be able to view a complete overview of their financial situation as they will have information on their accounts in various banks all in one place, and Payment Initiation Services, which will allow customers to pay for their online purchases through simple payment orders while providing comfort to businesses that the payment for the goods or services has been initiated.

This entry of new players in the payment services market primarily aims to enhance competition, and brings with it not only new commercial opportunities but also new challenges, especially for the banks. PSD2 will, for example, oblige the banks to allow such new players in the payment services market access to the banks' customers' data through the so-called Application Programming Interface.

PSD2 will also introduce strict security requirements for electronic services and protection of financial data, transparency of the conditions for providing the payment services information, and new rights and obligations for the users and payment services providers. The majority of these new obligations will enter into force in the EU Member States at the beginning of 2018.

The exceptions include the obligations relating to payment services security, so-called Strong Customer Authentication and the technical details on how the payment services providers should provide the third parties/new players with access to the credit institutions services in the area of payment accounts (Access to Account). These provisions are expected to be in place by the end of 2019.

PSD2 will be transposed into the Slovak legal order through the amendment of the Payment Services Act, effective as of 13 January 2018. It is important to note that the National Bank of Slovakia will be able to impose penalties of up to EUR 600,000 upon the payment institution for failing to comply with the Payment Services Act.

The PSD2 regulation leaves a lot of unclear and unanswered questions, be it in relation to the implementation of the new General Data Protection Regulation (GDPR), or to the enforceability of the conditions agreed between a bank and a customer as against the new players in the market, as well as many other questions.

It is not only banks that should duly prepare for PSD2, as PSD2 may also affect your company's operations too. 

Bird & Bird's Bratislava office has a team of experienced local lawyers who are ready to provide you with complex legal advice in this respect, including:

• Analysis and review of the nature of the products and services offered by your company in the context of PSD2 and the amended Payment Services Act, including review of your company's existing processes and identifying any existing legal risks.
• Clarification of the rights and obligations arising from PSD2 and the amended Payment Services Act for your company, including setting up, reviewing or preparing your company's internal documents.
• Compliance review of the existing set-up and internal regulations in your company with PSD2 and the amended Payment Services Act.
• Summary of the requirements needed for your company to enter the payment services market in light of PSD2 and the amended Payment Services Act.

Should you wish to receive more detailed information on any of the above, please contact us.

For more information please visit our Payments page