PSD2 Part2 - Understanding new Payment Service Providers (PSPs)

The Payment Service Directive 2 as discussed in my article "PSD2 - Interesting facts for clients and businesses" is the directive issued by the European Commission that has disrupted and will continue to disrupt traditional banking. The introduction of SEPA, the standardization of payments, the transparency requirements were only some of the changes that PSD2 brought in the payments industry. This article will discuss how PSD2 promotes competition and opens the path for new cost-efficient services for clients and businesses.

Before the adoption of PSD in 2007, mainly banks were allowed to provide payment services. However, PSD introduced the term of PSP (Payment Service Provider) that would allow to non-bank institutions to enter the payments field and provide Payment Services.

PSPs under PSD in its first form were categorized as: Credit Institutions (a financial institution that may receive deposits from the public and grant credits), Electronic Money Institutions (EMIs) (a financial institution that is not a credit institution and is allowed to issue electronic money), Payment Institutions (PIs) (institutions that provide and execute payment services throughout the EU), Central Banks, Post Office Giro Institutions and Government Ministries (local entities authorized by national law to supervise or provide payment services).

However, since 2007 new players have emerged especially in the area of online payments offering new types of payments. The problem was that these new players were not under the scope of PSD and therefore they were not regulated at an EU level and not trusted by the public. A revision of PSD was necessary that would bring these new players under regulation.

PSD2, a revision of PSD, entered into force in January 2016 and EU member states had to transpose it to their national regulation until January 2018.

PSD2 differentiates between various PSPs. Some are classified as ASPSPs (Account Servicing Payment Service Providers) and TPPs (Third Party Providers).

ASPSPs is a financial institution that offers payment accounts* with online access - i.e. traditional banks. TPPs are the new players brought under the scope of the directive and would now be allowed to be registered, licensed and regulated like all other PSPs. According to PSD2, TPPs should be allowed to access clients' payment accounts held with ASPSPs.

These TPPs fall under the following two categories:

Payment Initiation Service Providers (PISPs): Third-Party Providers that do not hold a customer's payment account and are authorized to initiate a payment from the customer's account held with another institution (ASPSP) without the need for a credit card.

Account Information Service Providers (AISPs): Third-Party Providers that do not hold payment accounts and are allowed to collect and consolidate balances and transaction information on the customer's different payment accounts held with other institutions. The aim is to provide an online holistic view of the client's accounts in one single place.

These new services bring a lot of benefits to customers. Since Payment Initiation Services (PIS) allow online payments to be made without the use of a credit or debit card, charges of intermediaries involved in the processing of a card payment are avoided and thus the transaction using payment initiation service is cheaper for the client. On the other hand, Account Information Services (AIS) that allow online aggregation of payment accounts held with various banks provide better management of the customers' finances since there is no need to login into various banking platforms to see your account balances and transactions.

ASPSPs on their part, (i.e. banks that hold payment accounts) under PSD2 are obliged to "open" their APIs (Application Programming Interface) to licensed TPPs (PISPs and AISPs) so they can provide their services. This is called Open Banking and will allow TPPs to build their applications and services on the APIs of the ASPSPs and offer their services to their clients. Sounds scary?

Yet, the Regulatory Technical Standards (RTS) of PSD2 that entered into force in September 2019 specify security measures for effective and secure communication between TPPs and ASPSPs enhancing consumer protection and improving the security of payment services in an attempt to enhance consumer protection, promoting innovation and improving the security of payment services.

So yes, PSD2 disrupts traditional banking. Banks are no longer the only players offering payment services. TPPs continue to enter the payment services field competing for traditional banks and offering new, innovative services to customers at a lower cost.

Some interesting facts...

... EMIs and PIs can also be an ASPSP depending on the type of services they offer.

... an ASPSP can apply for PISP and AISP license and thus becoming a TPP for other ASPSPs.

... there is no need for a contractual relationship between TPPs and the ASPSP, however, TPPs need to identify themselves to ASPSPs every time.

... TPPs need to get the customers' explicit consent to access their accounts held with ASPSPs.

... If an Account Information Service Provider (AISP) intends to enable transfers between payment accounts of its clients held with various ASPSPs (i.e. banks), it needs to apply for a Payment Initiation Service (PISP) license.

Stay with me until next week. I will be providing more information on Open Banking and how APIs can be used to promote payment services.

*A payment account is an account held in the name of one or more clients which can be used for the execution of payment transaction.