EU jurisdiction alive and well in the UK as PSD2 implementation looms
The UK has signalled its determination to free itself from rules cooked up in the EU, but Payment Services Directive II (PSD2) is an example of the need for international cooperation when it comes to financial regulation.
The UK’s consultation period on the implementation of PSD2 ended in March, moving the country a significant step closer to the brave new world of a level playing field in payments to revolutionize how transactions are done online.
Madhur Jain, SunTec
The UK’s HM Treasury intends to replace the Payments Services Regulations (PSR) 2009 with a PSR draft that will make PSD2 law in the UK.
The new PSR was drafted to maximize harmonization between the UK and the rest of the EU, ironically at a time when the UK is otherwise distracted with the business of disentangling itself from EU institutions.
However, the UK will remain a full EU member for at least two years, and while Brexit’s rather ironically named Great Repeal Bill sounds like a change of direction for UK regulation, in truth the bill is designed to copy rules onto the UK statute book and ensure continuity.
As far as PSD2 is concerned, the UK is signed up to the process, and plans to implement it in full.
Madhur Jain, head of pre-sales at SunTec, a technology vendor, says: “Whatever happens with Brexit, the way the market has developed creates a need for PSD2 or something like it in the UK – and elsewhere.”
Against the flow
While innovation in payments is making the world feel smaller by tearing down national barriers and reducing the cost of trading over long distances, politics seems intent on building those national barriers up higher than they have been in generations.
Jain believes there can be only one winner from this conflict.
“Technology is like a river,” he says. “Of course you can build a dam to redirect the flow, but it will be difficult to build and expensive to maintain, and you will not stop the river from flowing. Technology is the same, it can be directed, but it will keep flowing, and if the direction politicians try to steer it is not what the public wants, the dam will break eventually.”
Banks need to fundamentally rethink their organizations, their strategy and their architecture, because the old economy those structures evolved in is dead - Madhur Jain, SunTec
Jain says international cooperation should extend beyond the EU, on a global scale.
“Hopefully those countries not covered by PSD2 will be looking at it and thinking about creating their own similar frameworks,” he says.
“If they are not, the growing use of the blockchain is going to force countries to work together. The nature of that technology, specifically when applied to payments, means it is impossible to regulate it nationally.”
Jain adds: “There is a great opportunity here to merge PSD2 with something like India’s Universal ID programme. They are very different mechanisms, but would work well together.”
These concerns will certainly have been aired during the UK’s consultation process, and elsewhere.
Ben Regnard-Weinrabe, partner in the global banking and payment systems practice at Paul Hastings, says: “There have been concerns for quite some time that policymakers are imposing requirements without always fully understanding the challenges of practical implementation.
“For example, some in the industry have suggested that the EBA’s [European Banking Authority] regulatory technical standards on strong customer authentication for online purchases are overly restrictive and may deliver poor customer outcomes, and others have questioned whether the EBA’s prescriptive guidelines on professional indemnity insurance for ‘third-party payment service providers’ will have a negative impact on those providers’ ability to obtain such insurance in practice.”
Indeed, the EBA admitted it saw a record-breaking number of responses in its consultation for exemptions from strong customer authentication rules.
However, the EBA has been set an unenviable task under PSD2 in having to devise those standards and guidelines in the first place, admits Regnard-Weinrabe, adding: “One can understand why policymakers felt such standards and guidelines would be necessary to ensure a level playing field across the EEA [European Economic Area].”
And despite some grumbles about specific items in the rules, the feeling is policymakers have done a good job with PSD2, says Regnard-Weinrabe.
“Overall, PSD2 arguably provides the most coherent and unified payments regime anywhere in the world, and that is demonstrated by the fact that certain other countries outside Europe are, anecdotally, modelling their own rules on the existing EU payments regime, as Brazil has apparently done,” he says.
Whatever market participants feel about the incoming rules, Regnard-Weinrabe doubts there will be much opportunity to make significant changes at this late stage.
“The rules for PSD2 are set in stone now, but there remain limited opportunities for further changes to related EBA guidelines and regulatory technical standards that are yet to be adopted by the EU,” he says.
Banks and retailers will therefore be busy ensuring they are compliant in January 2018.
However, SunTec’s Jain warns compliance with the rules will not be enough for banks in particular, and more must be done to embrace the spirit of innovation PSD2 will unleash on the market, to ensure they retain their foothold in the payments business.
And while it is impossible to predict how technology will evolve, banks will have to press on with their efforts to harness the power of emerging technologies, such as blockchain, as they are clearly trying to do.
Currently it still takes three days for payments between the US and Europe to clear, but such payments would be nearly instantaneous, and much cheaper, if made via distributed ledger technology. This should also encourage more micro payments.
Similarly, artificial intelligence looks likely to become increasingly important to next-generation payments platforms. Simple pattern recognition is already being used in some instances to reduce fraud, and as the technology is proved effective it is likely to become mainstream.
“The fact that fintech are not currently subject to the same regulatory standards has given banks an excuse to justify why they are losing business, but once PSD2 is implemented that excuse will no longer apply,” he says.
“Banks need to fundamentally rethink their organizations, their strategy and their architecture, because the old economy those structures evolved in is dead.”
Jain adds: “Banks are rich with data, which is the currency of the age. They should be looking at ways to monetize that, rather than looking to make money from payments directly.”
The answer is likely to be more collaboration between banks and fintechs, with fintechs providing the innovation and banks bringing their network of relationships and the trust they have earned over many years.
While banks might not be the most popular institutions among the public, people are still more likely to be comfortable sharing personal information with them than with small tech start-ups they might not have heard of before.