Will banks become the infrastructure of the payment industry?


Introduction

The new Directive on payment services in the internal market (“PSD2”) was published on 23 December 2015. Member states must transpose PSD2 into their national law before 13 January 2018.Among many other features, PSD2 establishes a regulatory framework for two new players in the world of payment service providers: the “account information service providers (the “AISPs”) and the “payment initiation service providers (the “PISPs”). Unlike traditional payment service providers, these new entities do not provide and service payment accounts for their clients. They merely facilitate and improve the way their users can manage their existing accounts provided by banks or other payment service providers. This is why the AISPs and the PISPs are collectively referred to as “third party payment service providers(“TP-PSPs”).

 

What is an account information service?

PSD2 defines the account information as “an online service to provide consolidated information on one or more payment accounts held by the payment service user with either another payment service provider or with more than one payment service provider”. In practice, an account information service application provides a user with real-time information on one or (mostly) several accounts in a consolidated and user-friendly way. The services of AISPs offer numerous advantages. Firstly, they provide the consumer with a full image of his financial situation, exceeding the boundaries between the different institutions that manage the accounts concerned. Secondly, most AISPs do not only provide up-to-date information on the different accounts held by the user, but will also offer personal finance management solution. Users can monitor their spending patterns, plan savings goals, will receive alert messages if they overspend on certain preset items or services. With this comes the commercial possibility to receive coupons or promotions from retailers preferred by the user (based on his spending pattern) or even offers for (micro)-credit solutions. Finally, all the information gathered from their clients allow AISPs to provide first hand information to developers of alternative credit scoring methods giving them a unique insight of a candidate borrower’s financial situation.

What is a payment initiation service?

PSD2 defines a payment initiation service as “a service to initiate a payment order at the request of the payment service user with respect to a payment account held at another payment service provider”.

In reality payment initiation services are about using specialized third-party software enabling users to initiate payments directly from his or her online bank. More specifically, the user applies this software/application to initiate a payment on his behalf for a defined amount to a defined recipient (typically an online merchant). The user then authorizes the specific payment and the transaction is completed directly while staying in a secured environment offered by the PISPs. Other use cases imply the possibility to quickly perform direct peer-to-peer payments between friends and family.

What changes brings PSD2?

Certain TP-PSPs like entities already exist today but are forced to operate in a grey zone given their currently unregulated status. In order to access their clients’ accounts, they require their clients to provide them with their passwords and simply pass themselves off as their customers. This “trick” is usually contrary to the banks’ general conditions according to which the password must remain personal. This creates legal uncertainties as to the sharing of responsibility in case of unauthorized transaction or fraud. It will change with PSD2.

PSD2 creates a legal framework that provides TP-PSPs with the legitimacy to operate, but most importantly forces, with the consent of the clients concerned, banks and other traditional institutions to:

  • Provide the AISPs access to the requested account information; and

  • execute the payment such as initiated by a PISPs without any discrimination.

These obligations will exist irrespective of whether traditional account holding institutions and TP-PSPs are bound by a contract. PSD2 also provides for a specific liability scheme in case an unauthorized payment transaction is initiated through a PISP.

The liability scheme put in place ensures the consumer that he will get refunded by the traditional account holding institutions no matter who (the bank or the PISP) is responsible for the unauthorized payment transaction.

On the other hand, TP-PSPs will be required to comply with certain regulatory standards (notably in terms of security) in order to obtain their license as a payment service provider.

Future challenges

At first sight, PSD2 will considerably improve the legal certainty relating to the tripartite relationship between TP-PSPs, traditional account holding institutions and their clients and allow for more competition in the field of payment services. This should increase the innovation and reduce the overall costs of payments.

It is even said that banks and large traditional payment institutions will evolve from actual payment service provider to infrastructure providers offering the technical framework in which payment service provider will operate and offer their (FinTech) payment solutions to the users.

The reform however raises concerns at the security level. If more actors access the bank accounts data, it also means that the risks relating to hacking and fraud will increase. This is all the more true as AISPs are intended to collect and centralize all the financial information related to customers.

The mission of improving the technical aspects of the system has been left to the European Banking Association (EBA). The EBA is currently drafting regulatory technical standards in cooperation with the providers in order to harmonize and improve the security of the system (i.e. rules on customer identification, access to accounts, payment execution etc.).

To conclude, it remains to be seen how the traditional institutions will react towards this new model. If they are able to innovate, collaborate or compete with the new entrants or whether they will really evolve to mere infrastructure.

 

*             *             *

 

Do you want to find out more about third party payment service providers in a Belgian or more general context, how they can be used and what the consequences may be for your activity?

Please contact Simont Braun’s Digital Finance Team: Cette adresse e-mail est protégée contre les robots spammeurs. Vous devez activer le JavaScript pour la visualiser. - +32 (0)2 543 70 80

pdfSB_Digital_Finance_News_-_Third_Party_Payment_Service_Providers_April_2016.pdf