Skip to content
Revolutionize Your Financial Journey with Smart Finance

Future Coverage of PSD3 and PSR: Outlining Inclusion and Exclusions

Fintech companies, traders, cryptocurrency service providers, and ATM operators are now subject to stricter regulations, as outlined by Peter Frey. This development carries implications for each respective sector.

 and  Administrator
3 min read
Future Coverage of PSD3 and PSR: Detailing Inclusion and Exemptions
Future Coverage of PSD3 and PSR: Detailing Inclusion and Exemptions

Future Coverage of PSD3 and PSR: Outlining Inclusion and Exclusions

In the ever-evolving world of finance, two significant pieces of legislation, PSD3 (Revised Payment Services Directive) and the Payment Services Regulation (PSR), are set to reshape the landscape for various payment market participants. These regulations, which primarily affect banks, financial service providers, and payment service providers, impose new and extended obligations related to technical, organizational, fraud prevention, liability, and infrastructure requirements.

For fintech companies, especially those offering payment initiation and account information services, the tightened regulatory frameworks require clear contractual terms around strong customer authentication (SCA), API access, data security, and breach notifications. These firms must ensure compliance with obligations for safeguarding customer funds and transparent consumer disclosures, critical for electronic money institutions (EMIs). Fintechs handling electronic money tokens (EMTs) will face strengthened consumer protection rules, with specific safeguards and custody requirements under MiCA and PSD3/PSR, clarifying the interplay with existing PSD2 provisions.

Merchants offering payment and installment credit services, such as buy now pay later (BNPL), encounter differing rules. BNPL providers now need Financial Conduct Authority (FCA) authorization and must conduct affordability checks, while merchant-provided installment credit remains exempt, potentially creating competitive imbalances.

Crypto service providers (CASPs) that offer custody and transfer of electronic money tokens are incorporated under this regime, with PSD3/PSR enhancing consumer protections and delineating safeguarding responsibilities distinct from PSD2. The European Banking Authority (EBA) advises caution in enforcement to avoid conflicting requirements between MiCA and PSD2 frameworks.

ATM operators and other payment infrastructure providers will be impacted through enhanced accountability for fraud prevention, liability, and operational resilience demands. Regulators emphasize active enforcement of governance, third-party risk management, incident response, and operational resilience to maintain consumer trust and market stability.

In summary, PSD3 and PSR extend the regulatory perimeter and deepen compliance demands for a broad range of payment market participants:

  • Banks and traditional payment service providers face strengthened technical, organizational, and liability standards.
  • Fintechs must comply with stricter authentication, API access agreements, and safeguarding rules.
  • Merchants offering credit services see new regulatory contrasts.
  • Crypto service providers gain clearer, stricter consumer protections and operational guidelines.
  • ATM operators and infrastructures fall under enhanced risk and operational resilience requirements.

E-money tokens will be considered regulated e-money and fall under PSD3/PSR in the future. The topic of cashback remains largely the same, while certain exceptions remain in place, such as for commercial agents or closed payment systems like fuel cards or vouchers. Independent ATM operators will now be subject to a new registration requirement.

Dana Wondra, a consultant and project manager at GOLT Coaching and Senior Manager Marketing at Payment & Banking, played a key role in public relations for the Olympic Training Center Berlin e.V. and organized various Olympic campaigns. She started working at Payment & Banking in August 2023. The corporate exception is retained, but with an extension: in the future, certain external corporate payments will be covered, which is particularly relevant for payment factories. A new exception for cash withdrawal in retail without prior purchase - up to 150 euros - has been introduced.

The catalog of payment services remains largely unchanged, but providers of electronic communication services can also fall under PSR, particularly in relation to obligations regarding fraud prevention. The topic of liability rules, protective mechanisms against fraud, and security responsibilities redistribution will be discussed in the next episode.

[1] European Banking Authority (EBA) [2] Financial Conduct Authority (FCA) [3] Markets in Crypto Assets (MiCA) [4] Electronic Money Institutions (EMIs)

  • The regulatory overhaul under PSD3 and PSR extends obligations for fintech companies, particularly those offering payment initiation and account information services, requiring adherence to stricter strong customer authentication, API access, data security, and breach notifications, as well as safeguarding customer funds and transparent consumer disclosures.
  • In the evolving landscape of banking and finance, technology plays a crucial role in ensuring that these new regulations are not only adhered to but also implemented effectively, facilitating smooth transactions and maintaining market stability.

Read also:

    Related

    Latest