The Revised Payment Services Directive (PSD2) is the European directive following PSD1 that aims at efficiently integrating the payment market in Europe. With this directive, banks will be forced to develop public APIs or other means1 to ease the access to customer data for the new entrants of the banking value chain: Account Integration Service Providers (AISP) and Payment Initiation Service Providers (PISP).
In 2007, PSD1 was adopted to provide the legal foundation for the creation of a European single market for payment: SEPA. By 2015 new types of payment providers and account management service providers entered the banking operations market. PSD2 was adopted to integrate these new companies in the legal frame and take over PSD1. PSD2 was enacted in 2016 and will become compulsory in 2018. Hence PSD2 completes PSD1 with updates on terms and legal definitions, and extends its scope to disruptive players such as AISP and PISP.
DSP and DSP2 implementation timeline
PSD2 objectives are consumer centric and data-oriented, taking into account new risks, players and business models.
Contributing to the integration and efficiency of the European payment market, PSD2 aims at making payments safer, ensuring consumer privacy and protection, encouraging price decrease. The introduction of two new types of financial services providers AISP and PISP will broaden the customer choice and increase transparency of information concerning rates and costs of product subscriptions:
- AISP aggregate data from the customer’s accounts from all their banks and reduce the customer banking journey to an all-in-one stop from information to operations
- PISP enable customers to initiate payment to peers or to merchants directly through the alternative own network of the PISP
To secure this new value chain on the banking market, PSD2 enforces banks to open their IT architecture with public API or other configurations so that AISP and PISP can access customer financial account data.
Bottom line, customers are given alternative means to manage their accounts, operations and payments.
Disruption on the value chain and new compliance standards will have considerable and unavoidable impacts on the banking market competition, user experience, operating model and organization.
1. Impacts on Market competition
AISP and PISP are bringing competitor banks, online merchants, insurers and asset manager closer, blurring traditional borders and increasing transparency of information. For banks this has two tangible and adverse impacts:
- It increases the risk for product subscription churn : customers will no longer restrain from multiplying banking providers to optimize their costs
- It will generate a pressure on prices : AISP will facilitate access to low-cost financial solutions
2. Impacts on User Experience
AISP and PISP provide digital services with the look and feel of Fintech applications : user-friendly, colorful, exhaustive, they bring customer (banking) experience to a next level.
With such customer experience, AISP can quickly become the customer’s preferred contact point for all their banking operations.
Furthermore, giving access financial information, subscribe to products and achieve payments, AISP and PISP are offering an alternative to customers and threatening the brand attractiveness of banks.
Bankin and Linxo, two French-based retail account aggregators
3. Impacts on Banking operation
PISP are disrupting the online banking operation value chain: using the SEPA Payment network, they bypass the credit cards payment networks. Through public APIs, and authentified initiation, PISP have direct access to customer bank accounts. From there through the SEPA network, the transaction money goes directly and free of charge to the merchant’s bank account. Revenues for PISPs come from the fixed monthly fee payed by the merchant instead of being charged a percentage of the transaction amount. Banks on the other hand get no revenues from PISP transaction. To recap, PISP threaten banks’ online payment revenues and increase competition, thus price pressure, on traditional payment networks. This situation could worsen the day PISP expand their offer to new payment instruments such as cards or mobile.
Traditional online payment operation2
Disrupted online payment operation with PISP
4. Impacts on Banking Organizations
PSD2 creates the legal framework for AISP and PISP to conduct activities in a safe and secure environment for the customer. Therefore compliance requirements are evolving towards transparency and open infrastructures. Banks will have until 2018 to comply with these new requirements.
To meet those requirements, most banking actors will go through a deep modification of their IT infrastructure in order to build the APIs or open infrastructures required to allow access to AISPs and PISPs to their data.
This investment may seem questionable by the bank as they do not know who will be held responsible (and hence reimburse the customers) in case of fraud or incident caused through an AISP or PISP with their data. Banks are for now the only ones held responsible for such incidents and in charge of covering customer loss, yet PSD2 asserts that third party providers could have to reimburse the customers’ funds if proven responsible.
Facilitating the entry of new players on the banking market, PSD2 unlocks opportunities for banks to enhance their customer experience and expand their product portfolio through partnerships
AISP and PISP are positioned as challengers on the market. Banks need to play the game of competition and accept the challenge as a way to renew their organization and user experience, and to aggressively seek for new sources of revenues. Building partnerships with these challengers could be a consistent way to embrace change in the banking environment.
This disruption may have come as a chock in an industry that has long been undisturbed, and mildly affected by online banking pure players, or mobile payment methods, yet it is essential that banks leverage it to modernize their organization, attract younger customers, extend their business activities and take part proactively in the evolution of banking operations.
- European Banking Authority has not specified PSD2 technical requirements for banks. Banks can give access to their information through various means. Public APIs are not compulsory to share information with TPP. However, for the sake of simplicity, we will use APIs as a reference for banking – TPP relationships in this document
- Based on approximate assumptions on payment fees. Interchange Banking Fee is estimated at a maximum of 0,2% on transaction’s value under MIF regulation. Visa Processing Fee is estimated at 0,01% on transaction’s value and Merchant Banking Fee at 0,01%. Maintenance cost on SEPA network is not taken into computations
Sources: European Commission : PSD, Frequently Asked Questions, EY Analysis