“Banking is necessary, banks are not” Bill Gates, 1994.
A survey conducted by the European Commission revealed that 80% of the respondents answered with “no”, when they were asked if they were considering buying a financial product outside their own EU-county. This seems to be, the survey continues, because in the near future “they can purchase all financial products in their own country”¹. Could it be that PSD2 influences their decision? How does this then supposedly work? Last but not least, is this a threat to banks in general?
What is PSD2?
PSD, short for Payment Services Directive, is a set of laws and legislations set by the European Parliament, to ensure that today’s e-payment ecosystem is regulated tomorrow. The directive was approved on October 8 and passed on November 16, 2015. PSD2 is a continuation (revision) of the original Payment Services Directive, which entered into force already in 2007. PSD2 aims to secure e-payments and expand the financial services ecosystem by opening up the value chain for new actors. This is achieved through standardization on the one hand, and opening bank data to third parties on the other hand.
PSD2 aims at protecting consumers when paying online, making the cross-border European payment services safer, and promoting the development and use of innovative online and mobile payments.
Why is a PSD necessary?
Players in the current e-payment environment have no consistent, organized or regulated framework of collaboration. Consumers and merchants can choose which payment systems they want to use but there is no guarantee that these systems actually work together.
It could also be viewed as a consequence of the European market lacking an effective supporting mechanism for cross boarder banking, such as harmonized regulation. In this regard, differentiated domestic legal systems have acted as the main barrier for providers and consumers to enter into other EU countries’ markets. The cost related to regulatory understanding and compliance might be seen by banks as too large compared to those market’s potential revenues.
Some of the more recent players in the e-payment environment are FinTechs that act as third party service providers (TPSPs). They offer cheap and innovative e-payment solutions. In order to provide these solutions TPSPs require direct access to the consumers’ and merchants’ bank accounts. However, banks can refuse this access, because their relationship with TPSPs is not currently regulated. This results in ad hoc agreements between TPSPs and banks, without any standard interfaces and infrastructures for payments. When PSD2 is up and running in EU member states, this situation is becoming more organized.
What does this mean for banks and TPSPs?
With PSD2 TPSPs will face standardization whilst bank will have to take down their barriers. Since banks must grant third parties access to their clients’ bank accounts, they lose the direct contact with their clients. They should therefore rethink their business model. As for TPSPs it isn’t necessarily the win-win you might expect. TPSPs have never been regulated before. So first of all they need to get licensed. Still the requirements may not fit with their current business and operating model. Furthermore they will have to setup a new organizational frameworks in order to a) establish strong customer authentication, b) ensure proper incident reporting and c) setup risk and control frameworks.
In other words, adhering to PSD2 will force TPSPs to start behaving like financial institutions. This should not be underestimated.
Nowadays banks face having to comply with evolving anti-money laundry legislation and tightening KYC requirements etc. This also includes ongoing interpretation of (changing) regulatory guidelines, facilitating many manual (document) processes, and the challenge of efficiently communicating between different business units across various jurisdictions. TPSPs however, could very well have an advantage after all. FinTechs seem ideally positioned to leverage their agile technology to improve the effectiveness of KYC processes. For example real time screening and cross checking of KYC details against regulatory requirement by advanced logarithms. Or blockchain storage to achieve immutability, a distributed database, encryption and security with the additional aspect of trust.
SEPA and PSD are not mutually exclusive
Introduced in 2008, SEPA (Single Euro Payment Area) is a self-regulatory initiative by the European banking sector, intended to simplify bank transfers and enable cashless Euro payments to anyone within in the Euro area, by using a single bank account. The IBAN. As per July 2015, SEPA consists of the 32 EU countries.
Where SEPA defines the harmonization of payment products, infrastructures and technical standards, it is PSD that provides the legal framework – the foundation if you like – within all TPSPs must operate (a level playing field by harmonizing consumer protection and the rights and obligations for payment providers and users).
How can technology influence the changing relationship between the bank and the corporate treasurer
For some time now Treasuries become leaner. Where Treasuries have historically first been about hedging risks, arranging funding and later about working capital management. Nowadays, due to reduced staffing, cloud services are more sought after. Instead of implementing treasury systems locally, online cloud services facilitate clients across the globe. PSD2 innovation is fueled by technology and change consumer preferences. The end result needs to be an efficient, competitive and safe payments market. This is a very tangible part where banks can step forward. And some of them already have.
PSD2 is considered a threat to banks because it allows new entrants (TPSPs), looking for the profitable parts of what banks are doing today. FinTechs will be able to offer the latest technology. In order to compete, bank may need to replace legacy IT systems (core banking systems and payment platforms). Simplification programs will need lead to improved cost efficiency and agility, enabling banks to be part of the new ecosystem.
Regulators have on the one hand assisted banks in protecting their business. But on the other hand, regulators can be seen as an obstacle in how banks can expand their business and provide new innovative solutions. With PSD2 TPSPs eventually run into similar limitations that banks have faced for many years (ie regulations focus on compliance and risk). This is generally underestimated by TPSPs.
The way banks and TPSPs respond to PSD2 will be crucial to their success. Should they simply comply? Or should they use PSD2 as a springboard for further innovation. Anyway, PSD2 can be considered as an opportunity.