The Sting in the Tail of Proposed PSD3 Legislation

A progression from PSD2, PSD3 aims to bolster payment security and customer authentication, address PSD2 deficiencies, and enhance access to banking infrastructure for Payment Service Providers (PSPs). The final version of the directive is scheduled for publishing later this year, and if approved by the EU, will become law in 2026 following a transition period.


Strengthening fraud protection

Based on the areas of PSD2 that the EU is looking to review, we can confidently begin to map some of the potential outcomes of its enforcement. One of the most interesting developments is around fraud protection.

Currently, secure customer authentication controls fail to protect against certain types of fraud, such as Authorised Push Payment frauds, where criminals pose as legitimate payees to trick people into sending them money. The European Banking Authority will roll out a ‘confirmation of payer’ system (similar to the UK’s), that will work across all IBANs and will help address this problem, but it’s likely PSD3 will include other anti-fraud measures too.

The strengthening of fraud controls will replicate schemes such as ‘contingent reimbursement.’ Contingent reimbursement is a model whereby financial institutions agree to reimburse customers for losses due to unauthorised financial transactions, under specific conditions. Some banks and financial institutions in the UK have already voluntarily adopted contingent reimbursement to refund victims of APP scams when neither the customer nor the bank is at fault. This arrangement is dependent, for example, on the customer meeting certain security responsibilities, such as safeguarding their banking credentials and promptly reporting any suspicious activity. The policy aims to protect consumers while encouraging responsible behaviour and security awareness.

For PSPs, the mandating of such controls will require firms to significantly increase their fraud controls and the levels of reimbursement that they pay to consumers. This is likely to result in many firms, which lack adequate controls and the capital reserves to hedge against fraud if targeted, going out of business.

Improving access

Another likely outcome of PSD3 will be enhanced access to banking infrastructure. Historically, commercial banks have been able to refuse to open accounts for PSPs, or have closed their existing bank account because of concerns over matters such as anti-money laundering controls.

PSD3 will change the rules governing that access, in the process creating a more level playing field for non-bank PSPs. What’s more, whereas under current rules national banks are able to offer safeguarding accounts, which are limited and do not have access to the underlying payment systems, PSD3 would allow direct access to the payment systems.

If these changes come to pass, they will help create broader access to payment services and allow non-banks to compete with banks. In other words, increased competition at various levels will allow fintech innovation to blossom. Something similar has already happened in the UK, where improved access to payments infrastructure via Faster Payments laid the rails for the Open Banking Initiative.

Preparing for PSD3

What can businesses do to prepare for PSD3 now? Based on our own experience, we would recommend the following:

  • Start increasing your fraud controls and boost your fraud funds. Work with external partners and providers to build out advanced fraud controls and engage with banking counterparties to build out confirmation-of-payer style controls. This will ensure senders of payments are completely aware of who they are paying. It is also worth bolstering AML controls in order to ensure that you are not creating accounts for fraudsters. Firms should also ensure they have sufficient funds to hedge against fraud.
  • Consider your approach to accessing different payment systems. PSD3 will only allow access to the individual underlying rails, and will not provide access to hedging or FX services. Unless you’re capable of building all of the connections, ledgers and other technologies needed to maintain a SWIFT Gateway and all of the required security for each of those payment rails, you should consider alternatives. One approach is a payments curation service that combines existing products and services from a range of providers into a single platform accessed via a single API and contract –  thereby giving businesses access to all of the services that they need without the complexity of managing countless relationships and contracts.
Mike Southgate, Chief Compliance Officer, Navro
Mike Southgate, Chief Compliance Officer, Navro

As the financial services sector continues to be disrupted by fintech innovators, PSD3 is taking shape as an important step in enhancing customer protection and levelling the playing field for non-bank PSPs operating in the EU market. But make no mistake, the directive may also be a significant strategic, operational, and technological challenge for businesses — and potentially a fatal one at that. Businesses that start now will give themselves plenty of time to prepare for the passing of the directive into law and unlock the benefits of PSD3 as soon as possible.

With a background covering payment operations, legal, settlements and IT, Mike is a practical and hands-on leader with a focus on execution. Before joining Navro Mike was Compliance Director and MLRO at Google, Founder of ERMI (a Transaction Monitoring service), and held a series of senior roles across multiple payments unicorns including Travelex/WUBS, and Ebury. ​​Outside of work he is also the AML and Tech lead, as well as the regulatory liaison to the FCA for AFEP (A trade body for payments firms) through which he has provided guidance and training to law enforcement and regulators across Europe. An expert in his field, Mike holds multiple degrees in: Law; Governance Risk and Compliance; A Postgraduate Diploma in Governance Risk and Compliance.

Read this next


Top 5 ICOs that are Likely to Explode in the Current Bull Run 2024

Explore top upcoming ICOs: BlockDAG, GBTC, TUK, SCOTTY, and SPONGE. Learn about their potential high returns and unique features.


BlockDAG’s Revolutionary Dev Release 36: Off-Chain PoW and a $30 Projection by 2030

Explore BlockDAG’s latest off-chain PoW innovation and its $32M presale success. Projected to reach $30 by 2030.


30,000x ROI Potential: BlockDAG Secures $33.5M in Presale, Outruns Retik Finance’s Bitmart Performance

Uncover how BlockDAG’s impressive $33.5M presale and its innovative platform draw investors away from Retik Finance following the Bitmart listing.


IT Professional Switches to Lucrative Crypto Mining Entrepreneur with BlockDAG’s Advanced Mining Technology

Learn how an IT pro turned Litecoin mining into a fortune. See if BlockDAG can match this with advanced mining tech and 30,000X ROI potential.


May 2024 Crypto Spotlight: Why Whales Are Choosing BlockDAG Over Retik Finance, Will CoinW & P2B Listing Save $RETIK?

Uncover why BlockDAG is winning over smart investors in May 2024, and surpassing Retik Finance’s performance on exchanges like CoinW and P2B.


Ethereum Leads Altcoins Toward a Huge Rally: Expert Top Picks for Altseson Unveiled

A fresh surge in alternative cryptocurrencies is building momentum as Ethereum leads the charge.


BEVM Unveils Groundbreaking Taproot Consensus for Decentralized Bitcoin Layer 2 Solution

On May 20, 2024, the Bitcoin Layer2 development team BEVM released the technical yellow paper titled “Taproot Consensus: A Decentralized BTC Layer2 Solution.”


AI Cryptos to Pump Hard After NVIDIA’s Q1 Earnings 📊

The recent earnings from a tech giant have hinted at a significant upswing for AI-focused cryptocurrencies.

Retail FX

Weekly Roundup: Republican to end Fed, Bankman-Fried moves to California

Let’s take a look back at top stories that dominated the financial markets in our Weekly Round coverage. This week’s digest takes a deep dive into the most recent events and trends within the Forex, Fintech, and cryptocurrency.