(BRUSSELS) – The EU Commission put forward proposals Wednesday to modernise payments services and the financial sector to include enhanced protection for consumers making electronic payments in the EU.
The rules are aimed at improving consumer protection and competition in electronic payments, and will empower consumers to share their data in a secure way so that they can get a wider range of better and cheaper financial products and services.
The payment services market has changed significantly in recent years. Electronic payments in the EU have been constantly growing, reaching 240 trillion in value in 2021 (compared with 184.2 trillion in 2017). This trend was accelerated by the COVID-19 pandemic. New providers, enabled by digital technologies, have entered the market, in particular providing ‘open banking’ services i.e. securely sharing financial data between banks and financial technology firms (‘fintechs’). More sophisticated types of fraud have also emerged, putting consumers at risk and affecting trust.
In response to these developments, the Commission’s package seeks to ensure the EU’s financial sector is fit for purpose and capable of adapting to the ongoing digital transformation, and the risks and opportunities it presents in particular for consumers.
The Commission has proposed two sets of measures:
Revising the Payment Services Directive:
The proposal will amend and modernise the current Payment Services Directive (PSD2) which will become PSD3 and establish, in addition, a Payment Services Regulation (PSR). It consists of a package of measures which:
- Combat and mitigate payment fraud, by enabling payment service providers to share fraud-related information between themselves, increasing consumers’ awareness, strengthening customer authentication rules, extending refund rights of consumers who fall victim to fraud and making a system for checking alignment of payees’ IBAN numbers with their account names mandatory for all credit transfers.
- Improve consumer rights, in cases for example where their funds are temporarily blocked, improve transparency on their account statements and provide more transparent information on ATM charges.
- Further levelling the playing field between banks and non-banks, in particular by allowing non-bank payment service providers access to all EU payment systems, with appropriate safeguards, and securing those providers’ rights to a bank account.
- Improve the functioning of open banking, by removing remaining obstacles to providing open banking services and improving customers’ control over their payment data, enabling new innovative services to enter the market.
- Improve theavailability of cash in shops and via ATMs, by allowing retailers to provide cash services to customers without requiring a purchase and clarifying the rules for independent ATM operators.
- Strengthen harmonisation and enforcement, by enacting most payment rules in a directly applicable regulation and reinforcing provisions on implementation and penalties.
This proposal ensures consumers can continue to safely and securely make electronic payments and transactions in the EU, domestically or cross-border, in euro and non-euro. Whilst safeguarding the rights of customers, it also aims to provide greater choice of payment service providers on the market.
Legislative proposal for a framework for Financial Data Access:
This proposal will establish clear rights and obligations to manage customer data sharing in the financial sector beyond payment accounts, namely:
- Possibility but no obligation for customers to share their data with data users (e.g. financial institutions or fintech firms) in secure machine-readable format to receive new, cheaper and better data-driven financial and information products and services (i.e. such as financial product comparison tools, personalised online advice)
- Obligation for customer data holders (e.g. financial institutions) to make this data available to data users (e.g. other financial institutions of fintech firms) by putting in place the required technical infrastructure and subject to customer permission.
- Full control by customers over who accesses their data and for what purpose to enhance trust in data sharing, facilitated by a requirement for dedicated permission dashboards and strengthened protection of customers’ personal data in line with the General Data Protection Regulation (GDPR).
- Standardisation of customer data and the required technical interfaces as part of financial data sharing schemes, of which both data holders and data users must become members.
- Clear liability regimes for data breaches and dispute resolution mechanisms as part of financial data sharing schemes so that liability risks do not act as a disincentive for data holders to make data available.
- Additional incentives for data holders to put in place high-quality interfaces for data users through reasonable compensation from data users in line with the general principles of business-to-business (B2B) data sharing laid down in the Data Act proposal (and smaller firms will only have to pay compensation at cost).
In practice, this proposal will lead to more innovative financial products and services for users and it will stimulate competition in the financial sector. For example, consumers will benefit from improved personal finance management and advice. Previously burdensome processes such as comparison services or switching to a new product will become smoother and cheaper, including for example, automated processing of mortgage applications. SMEs would also be able to access a wider range of financial services and products, such as more competitive loans resulting from their creditworthiness data being more easily accessible.
Modernising payments services - guide