On 13 January 2018, the Payment Services Directive II (PSD2) entered into force. PSD2 is aimed at opening up the payment markets to innovate new services and applies to payment services provided within the European Economic Area (EEA) (“both legs-in”) and payments to and from third countries, where one of the payment service providers is located in the EEA (“one leg-in”).
Although PSD2 is not directly applicable to third countries like Switzerland, Swiss banks and Fintech companies will also be affected by this (updated) regulation. This article discusses why PSD2 is interesting to follow for Swiss parties, provides an overview of the new regime under PSD2 and describes the impact for Swiss banks and Fintech companies.
Open Banking in Switzerland?
For the past years, open banking has been one of the most exciting and at the same challenging developments in the financial service industry. Open banking is the possibility for banks to share customer data with third parties or apps securely and in real time, through the use of open application interface platforms. Traditional financial service providers are facing many challenges when it comes to open banking issues. Customer behavior has changed drastically, clients are now looking for personalized and digital financial services which can be received anytime, anywhere and with any device. New technology offerings are key, which are also taking into account sound security and privacy practices. Fintech companies challenge the business models of traditional Swiss banks with technology enabling financial innovations, so many players are asking themselves whether they are moving fast enough. Also, instant payments, mobile P2P payments and electronic bill presentment and payment (EBPP) services are increasingly being demanded by customers.
Open banking has the potential to transform the future landscape of financial services. Accordingly, sound open banking concepts would certainly support the traditional Swiss banks to have a better position in the future battle field of monetizing data. Therefore, it is interesting for market parties to closely follow the developments of and practical experience with PSD2 in the EU. It would also be interesting to see whether Switzerland will adopt a self-regulatory regime or legislation similar to PSD2.
What is new under PSD2?
The first Payment Services Directive (PSD1)1 was adopted already in 2007. The aim was to regulate the payments industry and to enhance consumer protection. Due to the rapid technological changes in the sector and the fact that many payment service providers did not fall under the rules of PSD1, the European Commission proposed to amend PSD1.
PSD2 has a broader scope than its predecessor PSD1, for example it shall include a number of new payment operators ranging from gift card operators to account information service providers, amongst others:
- PSD2 includes in its scope “one leg-in” payment transactions, which are payments made to and from locations outside the EEA (i.e. payments with an “EU angle”). This means that for the applicability of PSD2, it is enough to have only one party located in the EEA. Transactions made in a non-EEA currency will also be captured by PSD2 if the only involved payment service provider is located in the EU or in case the payment service provider of both the payer and payee are located in the EU. Please note that only those parts of the payment transaction which are carried out in the EEA fall within the scope of PSD2.
- Under PSD1, an authorization was required for payment services to clients, which broadly speaking consist of the operation of payment accounts, credit transfers, depositing or withdrawal of funds and the issuance or acceptance of payment instruments. PSD2 introduces two new payment service providers, namely: (i) Account Information Service Providers (AISP) and (ii) Payment Initiation Service Providers (PISP). The AISP and PISP are also called third party providers. The AISP can provide its client with consolidated information from multiple payment accounts and can help the client track its spending or plan its finances. Payment initiation services have evolved in the field of e-commerce; instead of initiating the payment directly with his bank, the payer initiates the payment via the PISP, which in turn passes the instruction to the bank. Third party providers are subject to authorization by the competent regulatory body.
- Operators of client cards or another payment instrument for limited use, like a gas card or a gift card of a specific store, in general still can make use of the so-called “limited network exemption” under PSD2, which means that no authorization is needed. However, the exemption is stricter defined.
- PSD2 prohibits surcharging, which are additional charges for payments with consumer credit or debit cards, both in shops or online;
- Under PSD2, banks in the EEA are obliged to grant third parties access to customers’ bank accounts and payment details, where the customer has given its consent.
- Security is a key element of PSD2. There are new security requirements covering account access and electronic payments.
What does PSD2 mean for Swiss banks?
As PSD2 is an EU Directive, it does not directly apply to Switzerland. In this regard, it is important to note that the Single European Payments Area (SEPA) in which Switzerland participates is not being affected by PSD2, as SEPA and PSD2 are independent from each other. However, where a Swiss bank has an EEA-based subsidiary which provides payment services in the EU, this subsidiary must observe the national implementation regulation of that Member State implementing PSD2. Such branch or subsidiary should be licensed as a bank or payment service provider in one of the EU Member States. With a view to effectiveness, these Swiss banks may offer the systems and options used by its subsidiary or branch in the EU also in Switzerland. In addition, third party payment service providers and customers may put pressure on Swiss banks to make the new products or services also available in Switzerland. Swiss banks not having branches or subsidiaries in the EEA, and which do not provide any payment service in EU Member States, are in principle not impacted by PSD2.
Opportunities for Swiss Fintech companies in the EU
Swiss Fintech companies doing business in the EU member states may benefit from the advantages of PSD2, since it allows them to provide innovative services in EU Member States. EU banks have to grant access to the customers’ bank accounts to third party providers if the clients gives its consent. Swiss Fintech companies may compete with banks or other Fintech companies in the EU as a third party provider by aggregating customer data from multiple bank accounts held with various banks in the EU and offering insights or a payment app for these clients. Information on the spending pattern of clients can be used as part of a digital wallet. Due to open banking, Fintech companies can play a more important role in controlling the transaction and spending data of customers.
If a Swiss Fintech company wishes to act as a third party provider, this requires the set-up of an subsidiary in a preferred Member State, which can subsequently apply for a license as a payment service provider. Such license can be “passported” to other EU member states, as there is a single license regime throughout the EU. Furthermore, these companies have to comply with ongoing obligations, be compliant with security requirements and technical standards.