PSD2 (Payment Services Directive) aims at making payment more secure and cheaper, further opening the market for PSPs in an integrated European market. PSD2 replaces PSD1 in force since 2007 extending its scope

1. PSD2 (EU 2015/2366)
Payment Services Directive II
13.01.2018
Enforcement date PSD2,
replacing PSD1 (2007/64)
Regulation Published
08.10.2015
2017 2018
Who, where, what?
•Actors: the directive applies to all payment services in
EU, with focus on electronic payments outligning rules for PSP and PSU
•Institutions: PSPs categorized further in: Credit institution, Electronic
money institution, Post-office giro institution, Payment institution, ECB and
national banks, Members states or their regional/local authorities
Purpose and scope of PSD2
The 2nd Payment Services Directive (PSD2) establishes rules concerning:
 respective rights and obligations of payment service users (PSU) and payment service providers (PSP)
 transparency of conditions and information requirements for payment services
PSD2 aims at making payment more secure and cheaper, further opening the market for PSPs in an integrated
European market.
PSD2 replaces PSD1 in force since 2007 extending its scope by:
• adding Payment Initiation Service providers (PISP) and Account Information Service providers (AISP) as 2
new types of PSPs, giving them right to consult payment account of users of their payment service user (account
servicing PSP are obliged to provide them information), opening the payment market for new players
• introducing enhanced security measures for PSP (strong authentication required, regulatory standards)
•Enhancing cooperation between authorities in supervising payment institutions (eg. Central register of
payment institutions)
Payment Service Providers requirements
I. Payment Institutions (one of types of PSPs):
• Autorisation process and supervision
• Registration (public register of authorized payment institutions)
• Accounting and statutory audit obligations
• Permitted activities
• Miscellaneous: record-keeping obligations, use of branches and outsourcing, etc.
II. Common provisions for PSPs: rules with respect to access to payment systems and accounts.
Transparency conditions and information requirements
I.General rules for single payment transactions, framework contracts and related payments. PSPs can not charge
for information and have burden of proof.
II.Specific rules for single payment transactions and framework contracts: information elements/conditions to
be provided by PSP to PSU (payer/payee/other PSP) at various moments in the payment process: max execution
time, charges breakdown, confirmation of payment execution steps, exchange rates, etc.
III. Rules on framework contracts: information/conditions to be provided on paper/durable medium, rules with
regard to change of conditions, termination, information requirements for individual payments under the
framework, etc.
Rights and obligations in relation to provision and use of payment services
I. Common provisions: PSP cannot charge for his obligations, some articles do not apply when PSU is consumer
or low value transactions
II. Authorisation of payment transactions: transaction consent/withdrawal of consent rules, blocking
transaction amounts on accounts, rules with respect to use/access to payment accounts (granting PISPs and AISP
access to account information managed by the account servicing PSP). Accounts information, rules/obligations
of PSU and PSP in relation to payment instruments (eg. spending limits), the liability of the providers for
unauthorized payment transactions and refunds.
III.Execution of payment: rules with respect to payment orders, amounts transferred, execution time (T+1),
value date and liability.
III.Data protection: Obligations & rules for PSPs to protect personal data (only process personal data necessary
for payment services, with explicit consent of PSU or when necessary for fraud management.
IV.Risk management: Obligations & rules for PSPs to establish appropriate operational and security risk
framework and incident management and reporting.
Review existing
• Assessment of the current state and readiness
• Impact analysis of PSD2 on existing framework,
governance, processes, ect.
Development
• RBA design and implemeting changes to existing
processes, policies and guidelines.
• Assisting company to arrive at regulatory compliance.
Coordinate &
Support
• Project management and business analysis for PSD2
implementation projects
• Training of staff members and relevant stakeholders
INITIO’S Offering