Directive on payment services in the internal market (PSD2) introduces two new payment services
The PSD2 was adopted as a response to the changes and innovations that have occurred in recent years in the payment services market and that did not conform to the existing definition of regulated payment services. Because supply and demand for these payment services is increasing on the European market, and the lack of regulation was giving rise to legal uncertainty, the EU is legally regulating the new forms of payment services and the oversight of their providers via the PSD2. The main objectives of the PSD2 are to increase the security of payments and also consumer protection, encourage innovation and competitiveness, and provide a level playing field for all payment service providers active in the market. The PSD2 will be transposed into Slovenian law by the Payment Services, Services of Issuing Electronic Money and Payment Systems Act.
Under the PSD2, banks, savings banks and other payment service providers in the EU will be able to provide two new payment services, namely the payment initiation service and the account information service:
- payment initiation service: at the request of the payer or the user, the payment initiation service provider, which may be a bank, a savings bank, an electronic money institution or a payment institution, initiates a payment order from the payer’s payment account that is accessible via the internet and that the payer has opened at another payment service provider (e.g. a bank or savings bank). The essential innovation is that payment initiation service providers may access information about the payer’s payment account in order to execute payments via the internet (most often within the framework of online shopping), subject to the payer’s explicit and unambiguous consent. The provider need not possess the payer’s funds in order to provide this service; the funds remain in the possession of the payment service provider with whom the payer has opened an account;
- account information service: at the request of the payment service user, the account information service provider provides information about one or more payment accounts that the payment service user has opened with one or more payment service providers that manage accounts accessible via the internet, in a brief and user-friendly form. The purpose of this service is to provide users with support in managing personal finances so that users are able to organise all their personal finances from a single place, irrespective of the bank at which they have accounts open. The provider may only provide this service by accessing the information in the user’s payment account, and the user must explicitly and unambiguously authorise this access.
The two services can be provided to payment service users by all existing payment service providers (banks, savings banks, electronic money institutions and payment institutions), and also by new providers, who will have to comply with the requirements set out by legislation and to obtain the relevant authorisation from a supervisory authority.
In providing the services payment service providers will also be required to take account of additional security measures with regard to strong authentication of payment service users and secure communications. These are set out in technical standards, which are expected to be published in March 2018, and will enter into force 18 months after their official publication. The EU legislator has assessed that payment service providers require time to upgrade and adapt their security systems in accordance with the requirements of the technical standards.