2. |
What are the aims of PSD2?
214 October 2019X-Tech London
3. |
314 October 2019X-Tech London
PSD2 introduces two new services: account
information and payment initiation
Account holder
Internet / mobile
banking
Bank accounts
ASPSP
Internet /
mobile banking
Other accounts
ASPSP
Payment
account
AISP /
PISP
Account holder
ASPSP
Account Servicing Payment Service Provider
AISP
Account Information Service Provider
PISP
Payment Initiation Service Provider
Special interface
(API)
‘Fall-back’
interface
A “double compromise”:
- ASPSPs may provide API
but must offer fall back
solution
- ASPSP may get exemption
from fall back obligation if
API meets requirements
X-Tech London 14 October 2019 3
4. |
Four levels of applying PSD2 (focus on XS2A)
Level 1: What? ➔ PSD2-text itself
Should have been implemented before Jan 13th, 2018 in Member States’ national law
Level 2: How? ➔ EBA Regulatory Technical Standards on SCA en CSC
How to do “XS2A” safely: (API) interface; SCA; fall-back; exemptions, redirect; Sep 14th, 2019
Level 3: How? ➔ Multi-stakeholder ‘self regulation’ on PIS/ AIS-matters
Which functionality? EC API Evaluation Grp; EDRPB SEPA API Access Scheme Wg): ongoing
Level 4: How? ➔ Market-led API’s: (UK OB), Berlin Group, STET, ….
Specify how APIs should be built to be RTS-compliant; must look “good” ! ongoing
D
E
T
A
I
L
• Agreement, clarity and compliance on all levels required to make it work
• Complexity, different interpretations, late clarification and so: supervisory
flexibility post 14 September (remote cards trx, API’s, ..)
414 October 2019X-Tech London
5. |X-Tech London
5
PSD2 approved -
into force
12 Jan ‘16
PSD2 transposed
in all 28 MS
Mar ’1913 Jan ‘18
PSD2 to be
transposed
EC publishes
PSD2 proposal
24 Jul ‘13
Trilogue with Council
and Parliament 24 months
14 October 2019
EBA RTS
Final draft
23 Feb ‘17
Adoption
of RTS
RTS approved -
into force
13 Mar ‘18
RTS implemented
by market actors
14 Sep ‘19
Development
of RTS
RTS adopted by
the Commission
27 Nov ‘17
Scrutiny Council
and Parliament
18 months Other SCA/API
Mar ‘20 ?
Jun ‘19 EBA
Opinion
PSD2
evaluation
Jan ‘21
SCA cards
Sep ‘20
or Mar ‘21?
PSD2: it ain’t over till the fat lady sings ………
6. |
CMA order, press release 9 Aug 2016…
14 October 2019X-Tech London 6
“Requiring banks to implement Open Banking by early 2018, to
accelerate technological change in the UK retail banking sector (..) .
7. |714 October 2019X-Tech London
• Little API standardisation (at least 5 initiatives, with “local flavors”). Risk of
fragmentation ➔being “looked at” in the market; STET en Berlin Group
“interoperable”; API “hubs”/aggregators pariially solve complexity
• PSD2 prescribes a minimum of mandatory –and thus free- functionality to be
exposed through the dedicated interface. TPP view is that there are a lot of
“missing bricks” that should have been in PSD2. The API Evaluation Group
failed to bridge the gap ➔ERPB SEPA API Access Scheme Wg
• Especially the remote cards ecosystem is not ready for SCA and exemptions
(3DS 2.2 reuired) ➔ forebearance
The PSD2 promise vs reality ….
10. |
ERPB SEPA API Access Scheme Wg
• Did the group deliver on the mandate? ➔ yes
• Report final May 23rd, ERPB endorsement asked 13 June
• A Scheme approach seems feasible; business model?
• Holistic approach that can be used beyond PSD2
• Scheme must be attractive for all participants ….
• However on request of TPPs the group was put on hold
14 October 2019X-Tech London 10
11. |
PSD2: some lessons learned ……
• PSD2 was not devised as the first step to Open Banking; we “reverse engineer”
this policy goal; GDPR was developed in another Brussels “silo” ……
• Journey to Open Banking should start with a shared view of where this journey
should lead
• Clear legislation including a proper governance structure with a balanced
representation of all stakeholders is essential to provide good market outcomes
• Regulation should be technology neutral yet detailed and prescriptive enough to
provide clear guidance to market participants; a Scheme seems logical
• A well-defined view of what the co-operative space is and where commercial
space and competition start is essential; a business case for all players in the
ecosystem helps!
• It’s not just about Open Banking but about Open Data sharing, across all
economic sectors. Not just financial services (inspiration from Australia …)!
. 14 October 2019X-Tech London 11
12. |
EU “open banking” so far
only includes payment
accounts (some savings accounts
an credit card accounts may be in
scope)
14 October 2019X-Tech London 12
15. |
Open Banking is not well defined
14 October 2019X-Tech London 15
Source: INNOPAY & The Paypers analysis, Open Banking Project; Regulating Open Banking
18. |
Top trends: #1 Customers say digital first!
14 October 2019X-Tech London 18
19. |
“Innovation? Humbug!” (Chris Skinner’s blog, Saturday)
• “A decade later, everything has changed. I believe it is due to two key technologies
coming of age. The first is obvious: telecoms merged with technology to create the
smartphone revolution led by Apple. Moving from a telephone to a computer in the
pocket and purse has shifted humans from conversations to swipes in just ten years.
That is a radical change.
• The second is more subtle, but just as important. Cloud computing has come of age.
Again, a nascent technology a decade ago, the fact that anyone can launch an app or
an API in an app store – that wouldn’t be around if it wasn’t for the smartphone – and
scale that app or API overnight to take billions of transactions – that wouldn’t be
possible without cloud – is the radical change.
• As a result of these technologies, we may finally have reached the point where the
over-estimations of Bill Gates (..) are now a reality (?)
14 October 2019X-Tech London 19
20. |
PSD 3 or GDPR 2 ?
20
g.boudewijn@betaalvereniging.nl
14 October 2019X-Tech London