The ethics and financial issues of PSD2: Demise of banks and other risks
Genevieve Crawford
Abstract: The Revised Payment Services Directive or ‘PSD2’ will come in force in January 2018, extending the scope of the previous service direction by introducing third party access to accounts. The two new players are payment initiation service providers (PISP) and information services providers (AISP). These Third Party Providers can offer services in competition to existing banks and financial intermediaries, acting as software bridges between banks and merchants. This paper evaluates the financial and industry risks as well as ethical issues arising from PSD2.
Introducing PSD2
The Revised Payment Services Directive or ‘PSD2’ is a new legislation adopted by the European Union in 2016 (The European Parliament and the Council of the European Union, 2015). PSD2 extends the scope of the previous Payment Service Directive ‘PSD’ by introducing third party Access to Accounts (XS2A). It aims to prohibit surcharging and introduce strong customer authentication (SCA) for payments (24 Solutions, 2016). The PSD2 becomes enforceable on 13 January 2018. By this time, EU member states must publish national laws to conform. Likewise, financial institutions must revise their current IT networks to accommodate for PSD2 (Shahrokh Moinian, 2016). There are wide-reaching implications for banks, other PSPs, Fintech firms and customers.
The purpose of PSD2 is to drive competition and innovation by reducing barriers to entry for payment services. PSD2 widens the scope of the regulatory framework to include new players known as Third Party Providers (TPPs). In particular, the two main new market entrants will be payment initiation service providers (PISP) and information services providers (AISP). A PISP is any organisation that initiates a payment with a software bridge between the merchants website and the online banking platform. An AISP is any provider that wishes to aggregate online information of one or more payment accounts and present it in a form of a single dashboard for the customer (Boden, 2015). By gaining access to customer accounts, TPP’s can offer services in competition to the existing banks and financial intermediaries.
PSD2 is designed to regulate online shopping without the need for a credit or debit card. As approximately 60% of the EU population does not have a credit card, TPPs will open up markets and offer financial services to those who are currently excluded. Furthermore, PSD2 bans card surcharges in the vast majority of cases to help lower charges for EU consumers (24 Solutions, 2016). As estimated by payments UK, consumers are predicted to save 730 million euros on card transactions per year (European Commission, 2015). With new security measures in place, consumers will be better protected against fraud and other payment abuse incidents (European Commission, 2015). On the other hand, the issues resulting from PSD2 include network cyber attacks and misuse of customer information by AISP’s. While the EBA promises security, there are still potential issues on a firm level. Consumers may become more exposed to cyber hacking and be more vulnerable to act on misleading economic inferences due to mistrust by artificial intelligence. Although the purpose for PSD2 is to foster innovation and reduce barriers to entry, the potential impacts on consumer safety are an issue banks and financial institutions must help mitigate throughout the transitional period.
