Does the EU’s PSD2 level the playing field?

Fintech companies, especially those building payments apps, can now compete with major banks in the EU, thanks to the new PSD2.
2 May 2018

Ana Botín, the most powerful woman in finance, feels the PSD2 needs to be reviewed for the digital age. Source: Flikr / World Travel & Tourism Council

The European Union (EU) seems to be hard at work trying to create new regulations to facilitate the digital economy while still protecting the interests of customers.

Later this month, the General Data Protection Regulations (GDPR) comes into effect. Being a landmark policy, it’s quite hogged the limelight on the international stage. However, there’s another new law in the EU that deserves a round of applause: the (second) Payment Services Directive, abbreviated as PSD2.

In a nutshell, PSD2 aims to secure e-payment mechanisms and expand the financial services ecosystem. The regulation covers payment service providers, demands strong authentication, and opens bank data to third parties.

Wait, what? The law “opens bank data to third parties”? Well, yes, because the European Commission (Directorate General Internal Market) feels doing so will help level the playing field for fintech companies working on building digital payment solutions.

Anyway, the bit that customers most appreciate is the fact that PSD2 demands strong authentication.

Which means, going forward, users will need to prove their identity while making payments online with something they know (a user ID for example), something they have (a token maybe), and something they are (think biometric).

However, since new entities might lack the know-how to provide that authentication, it seems like big banks will need to provide support.

“There are still a few things that need to be ironed out, but it seems clear that the new players have the right to rely on the bank’s authentication of the user. This means that the authentication procedure most probably will remain fully in the sphere of competence of the banks. Banks will need to offer strong authentication, not only to protect their own services but also indirectly to protect the new players’ services,” said Bjørn Søland, Nexus Group’s technical expert.

The opportunities PSD2 opens for fintech companies

The new regulation opens up payments to third parties, which could make debit, credit, and prepaid cards obsolete. According to Ben Rose, Insurance Director, Digital Risks, tech giants such as Amazon, for example, will be able to offer you an additional month of Prime in exchange for your bank account details and a payments infrastructure.

Likewise, companies such as Facebook will provide an easy platform for friends to pay each other money through Messenger.

PSD2 will also make beacon-based payments a reality. The technology enables shoppers to make in-store payments automatically via their mobile phone, with no specific payment action required.

The new regulation also defines payment services, namely, the payment initiation service provider (PISP) and the account information service provider (AISP).

The former is the service provider that stands between the payer and his online payment account and starts the payment to a third-party beneficiary. The latter provides a consolidated view on all payment accounts held by the user.

As a result, fintech companies can offer a variety of new solutions. For example, you could now build a single dashboard of all your investments and account balances and better analyze your spends across platforms to understand habits and choices.

The potential for fintech companies is unlimited, all with somewhat mandatory support from banks who will need to provide infrastructure and data to fintech companies.

All sounds fair. So, what’s the concern?

Well, banks don’t think it’s fair at all. Ana Botín, Executive Chairman of Santander, told the Financial Times that the EU’s Second Payments Services Directive “needs to be reviewed for the digital age. The theory is good but it needs to be fair — at the moment it’s not symmetrical.”

“We like competition, but what we like is fair competition. The value of PSD2 is everyone knows how we’re using it, but anyone with data on, say, more than 50,000 customers should have the same rules,” added Botín.

The Santander representative and her colleagues heading other large banks in the EU are not concerned about the small fintech companies, but worry about the arrival of the large digital-native companies like Google and Amazon eating into their market.

In fact, Amazon is already in talks with JPMorgan Chase to offer checking accounts to customers, according to CNBC.

Therefore, while it seems like regulators have done their bit to help foster innovation in the digital age, the future will depend on how fintech companies and banks work together and build solutions that put customers first.

It’s not as much about what PSD2 explicitly tells financial services companies as it is about the attitude of large players in the industry. There’s nothing stopping them from collaborating with small, innovative tech companies to come up with services that rival even the top technology companies considering a debut in the industry.