Mazars logo Mazars logo Mazars logo Mazars Financial Services blog

PSD2 supersedes PSD1 on 13 January 2018: comply with the minimum requirements or embrace the future?

PSD2 will supersede PSD1 on 13 January 2018, retaining key benefits from PSD1 such as increased competition with facilitated market entrance for regulated non-bank players, improved economies of scale, enhanced transparency, but also incorporating technological innovation, enhancements and protection into law. This will ensure that a competitive playing field continues to develop, without exposing individuals, consumers or businesses to undue risks. In the UK, the FCA will have primary responsibility under PSD2 for monitoring compliance and enforcement, whilst the Payment Systems Regulator (PSR) will be responsible for legal provisions relating to access to payment services.

Key changes introduced by PSD2 and impacts

The introduction of PSD2 requires financial institutions’ IT architectures to be open, pluggable and flexible. Financial institutions need to step away from closed legacy systems to more open standards and software.
Overall the key changes are as follows:
• Greater information provision.
• A new market for innovators who want to use existing bank and payment
infrastructure.
• Significant operational changes for all Payment Service Providers (PSPs).

Key considerations for payment institutions

FCA reauthorisation requirements

PSD2 transitional provisions allow existing authorised PSD1 payment institutions, authorised e-money institutions and small e-money institutions to continue to provide payment services until 12 July 2018. If these firms want to
carry on providing payment services after this date, they must provide the FCA with required additional information before 13 April 2018.

Business model and strategy

Firms need to explain their strategy to the regulator. The range of possible strategies goes from minimum compliance with PSD2 to proactive digital
transformation, leveraging the new opportunities introduced. Firms could for example consider setting up, or collaborating with, AISPs or PISPs. The introduction of PSD2 will incentivise firms to revisit their payment strategy and design partnerships with actors previously not considered within the payments industry (e.g. telecommunications). Firms should consider preparing an impact assessment on P&L to assess a potential threat to revenues.

Governance

Like many compliance topics, PSD2 affects multiple stakeholder groups (strategy, IT and operations) and the governance might prove difficult to define. When looking at possible governance structures, firms should see PSD2 as a catalyst for a wider payments modernisation programme. In formulating the governance framework and strategy, firms need to consider the potential impacts on the following IT and operational aspects:
• IT systems, architecture and customer interfaces;
• products and services including possible enhancements or new opportunities;
• marketing materials, customer terms & conditions and education needs;
• complaint handling and alternative dispute resolution procedures;
• reporting requirements;
• fraud, security and risk management; and
• resources, budgets and staff training requirements.

PSD2 is a significant piece of legislation designed for the future to promote competition, increase customer protection, bring existing and new players such as Fintech firms, regulation and compliance and harmonise payment standards throughout the EEA. And for the avoidance of any doubt, Brexit does not stop the implementation of PSD2 in the UK.

Gregory Marchat

Global Banking co-leader

Gregory leads Mazars’ UK Financial Services practice and co-leads our banking practice at group level. He provides support to financial services institutions and regulators to improve the way they operate and manage their risks. He is highly experienced in providing tailored solutions to complex, international issues in areas that have included stress testing at a sovereign level and reviews of banking sector risks for central and international banks. His recent consulting work has included stress testing and asset quality review at European level, risk management assessment, international data validation, deleveraging and restructuring for international banks and risk reviews for central banks and regulators to aid the improvement of banking regulations. Gregory has a strong track record working with financial institutions, Central Banks and regulators, and leading large scale projects in various jurisdictions across Europe, the Middle East and Asia.

Add New Comment

Leave a Reply

Your email address will not be published. Required fields are marked *