06 Apr RECAP: HOW PSD2 PROVIDES ACCESS TO BANK ACCOUNTS, Tuesday April 4
RECAP | How PSD2 provides access to bank accounts • April 4th, 2017
On Tuesday April 4th, Holland FinTech held an informative session to reveal the legislative state and visions of the Payment Services Directive 2 (PSD2) in the Netherlands. A great group (+80!) of payments, legal professionals and entrepreneurs attended filled the room with a promising atmosphere.
This past week, Holland Fintech, in collaboration with the Dutch Payments Association (Betaalvereniging Nederland), invited interested professionals to gather at the Crowne Plaza Hotel in Amsterdam for an informative roundtable discussion on the new PSD2 regulations, which are scheduled to take effect at the start of 2018.
The European Committee has created new regulation called Payment Services Directive 2 (PSD2). This directive is aimed at opening up access to the conventional banking infrastructure and to create competitive financial services. This development will definitely have an impact and is relevant for all parties in financial services and fintech. The session was focused on non-banks, as there are already many initiatives for them, and will address particularly how access to the accounts works.
Gijs Boudewijn, Deputy General Manager of the Dutch Payments Association and host of this session, welcomed all attendees and explained how the Dutch Payments Association advocates for an efficient and reliable payments system in the Netherlands through share activities with stakeholder and members on a global scale. The member base of the Dutch Payments Association consists of banks and (electronic) payment service providers.
Next, Mr. Arno Voerman, payments and fintech lawyer at Van Doorne, shared his knowledge on how PSD2 provides access to payments accounts and for whom the new opportunities will rise. Arno stated that the PSD2 directive is mainly beneficial to software developers who will be able to access payment accounts through open APIs. This is also known as ‘open banking,’ in which third parties generally can make use of banking information. Mr. Voerman showed that the EBA and PSD2 clauses speak of several relevant actors under the new directive which have to be understood by everyone. The two most important are parties who perpetrate payment initiation (PSP), and accessing and handling account information (XSA).
Hereby he identified the following types of new entities surrounding the payments activity:
Payment Service User • Account Holder
ASPSP • Account Servicing Payment Service Provider
PISP • Payment Initiation Service Provider
AISP • Account Information Service Provider
TPP • Third Party Service Provider
Mr. Voerman further identified four main challenges under PSD2. The first of these is the difficulty for organizations to comply with the technical aspects of providing the actual access through online interfaces. Second, the presence of more third parties (TPP) will require accurate identification methods of every TPP active.
Another challenge, according to Mr. Voerman, will be to determine the level of secure customer authentication (SCA) and the ability to integrate this efficiently. A final challenge will be to verify the explicit consent and collect the personal information of the customer. But what is the official definition of explicit consent? How to treat exceptions such as joint customer accounts?
After this insightful presentation, the stage was set for Cees Rensen, responsible for innovation and new legislation at the Dutch Central Bank (DNB). Mr. Rensen presented the results of the recently launched InnovationHub where the Central Bank tries to answer questions from the market on innovation and regulation.
The DNB also has already drafted a regulatory framework for future service providers under the PSD2 directive where it has touched upon governance, operational risk, security and data protection for new payment related service providers. The DNB stressed that the end-user is to be taken as a starting point in any payment related activity. Therefore, customer consent and privacy have to be framed and determined correctly in legal framworks. Hereafter, regulatory demands on remaining topics will be much more susceptible for flexible approaches.
On behalf of the DNB, Mr. Rensen also acknowledged the different payment actors under PSD2 as presented by Arno Voerman. The market should be prepared for many newcomers which all have to be evaluated carefully before handing out licenses. Mr. Rensen concluded by emphasising that all input from market organisations is more than welcome at the DNB.
After these presentations it was time for a panel discussion looking at the changing payments landscape. Panellists included Michel van Westen (Buckaroo), Kevin Voges (AFAS Personal) and Gijs Boudewijn (Dutch Payments Association). The discussion was moderated by Don Ginsel, founder of Holland FinTech. The public was able to vote through their Mentimeter on their phones on the following statements:
- Getting access to account data will be a fight from bank to bank
- In the end not much will change, as expectedly some aggregators will enable access to the data
- Data privacy is a big disabler for any innovators
- The required licenses and permits will smother all innovative concepts
- Dutch PSPs will probably lose after PSD2, due to more sizeable competitors globally
- Facebook will become the big winner of PSD2
- Implementing PSD2 is costly for banks. This needs to be recovered from end-users somehow.
- The transition period of implementing PSD2 will bring chaos
- There will be a PSD3 to repair PSD2.
Attendees could not reach agreement on these topics, and it seems clear that there is still much to be achieved within the legislative space. Nevertheless, the knowledge session was successful in bringing all participants valuable insight around the current state of affairs.
We are looking forward to see you at the next event! In the meantime, feel free to share your opinion on the themes we discuss on our social media pages.