PSD3 and Open Finance – Navigating the Next Wave of Digital Finance

Open Banking under PSD2 was just the beginning. As technology advances and adoption grows, the European Union is moving to further modernize the payments and data-sharing framework. Enter PSD3 – the Third Payment Services Directive – along with a new Payment Services Regulation (PSR) and an Open Finance framework. These rules (proposed by the European Commission in mid-2023) are designed to build upon PSD2's foundation, addressing its shortcomings and expanding the scope of open banking into a broader concept of open finance. In essence, PSD3 aims to reinforce and refine how payment services and data sharing work, making them more secure, uniform, and wide-ranging across Europe.

From PSD2 to PSD3: Building on Open Banking's Foundation

PSD3 is best understood as an evolution of PSD2. Regulators aren't throwing out the open banking model; instead, they are strengthening and extending it. PSD2 succeeded in catalyzing open banking, but it also revealed some gaps and inconsistencies in practice. Key ways PSD3 builds on PSD2 include:

Converting Rules into a Regulation

Many operational rules for payments and data sharing will be in a directly applicable EU Regulation (PSR) rather than just a directive. Under PSD2, each member state transposed rules into national law, leading to divergence. The new PSR will harmonize requirements across Europe with less room for local interpretation.

Enhanced Security and Fraud Prevention

PSD3 will double-down on security measures to bolster trust in digital payments. New mechanisms like Confirmation of Payee (CoP) mean before a payment is executed, the service must verify that the account name matches the account number provided. This can catch scams where someone tricks you into sending money to an account under a false name.

More Consumer Rights and Protections

The new rules clarify rights around unexplained account closures, require transparency in fees, and improve dispute resolution processes. If a third-party provider makes an error or a data breach occurs, liability and redress will be more clearly apportioned than under PSD2.

Strengthening Open Banking Connectivity

PSD3/PSR will enforce higher API performance and availability standards. Banks must ensure their dedicated interfaces meet reliability benchmarks and publish availability statistics regularly. The PSD2 "fallback mechanism" – which let TPPs scrape data if the API failed – is being removed as a permanent option.

Expanded Access for Non-Banks

PSD3 seeks to grant fairer access to payment systems for non-banks and ensure that if a fintech has the proper license, banks cannot arbitrarily shut them out. This will encourage competition by empowering regulated fintechs.

Enter Open Finance: Expanding the Scope Beyond Banking

While PSD3 enhances open banking for payments, Open Finance is the vision that takes the concept to the wider financial industry. If open banking is about your checking and payment accounts, open finance is about all your financial data – from mortgages and investments to insurance policies and pensions. The European Commission has proposed a new Financial Data Access (FIDA) Regulation to establish the framework for sharing financial data beyond just payment accounts.

Broader Data Types

Open finance covers data on products like savings and investment accounts, loans and mortgages, insurance contracts, pensions, and even cryptocurrency holdings. For example, you might allow a fintech advisor app to pull data from your pension fund and trading account to give comprehensive retirement planning advice.

More Industry Players Involved

It's not just banks anymore. Open finance will encompass many types of institutions as data holders – banks, insurers, asset managers, investment firms, pension providers, etc. A new breed of third-party providers will emerge targeting these data sets.

Innovative Use Cases

The expansion unlocks use cases like: Personal Financial Dashboards showing all assets and liabilities; Automated Switching advisors monitoring products for better deals; Inclusive Credit Scoring using rental history and utility bills; Dynamic Risk Management for insurance; Consolidated Wealth Management across brokerage accounts and crypto wallets.

Consent and Control

Open finance will come with robust consent mechanisms with granular controls. Users might authorize specific data and set duration for access. Consent dashboards will become even more crucial when dozens of financial relationships can be connected.

Key Changes and Obligations Under PSD3/Open Finance

Notable new obligations coming with PSD3 and the open finance framework:

PSD3/PSR might require compliance by 2026, whereas open finance requirements might roll out over a few years with specific dates for different sectors.

1. Consent Dashboards

Banks and data providers must provide customers with an online dashboard to view and manage all third-party consents they've given.

2. Stronger Authentication Flows

Banks only need to perform SCA the first time a connection is established. After that, the AISP itself must authenticate the user when refreshing access.

3. API Uptime and Monitoring

Institutions will be obligated to meet specific uptime requirements and publish quarterly availability and performance data.

4. No More Screen Scraping

The fallback option of using customer online banking interfaces when APIs fail is essentially removed, except via explicit regulatory permission.

5. Revised Licensing

PSD3 will update licensing requirements for payment institutions and e-money institutions, possibly requiring existing ones to reapply.

6. Expanded Regulator Powers

National Competent Authorities will have greater supervisory and sanctioning powers to enforce compliance.

7. Compensation Framework

Data holders may be allowed to seek reasonable compensation from data users for implementing and operating APIs.

Opportunities in the PSD3/Open Finance Era

Regulatory changes aren't just about compliance; they often create market opportunities for those ready to seize them:

Improved Services and User Experience

Higher API standards and consent dashboards mean fintechs can offer more reliable and transparent services. Fintechs that turn compliance features into UX advantages will build trust and loyalty.

New Data-Driven Products

Open finance unlocks new data. A startup could create a consolidated financial health score taking into account banking, investment, and insurance data. Comparison sites can become much more personalized.

Cross-Sector Innovation

Insurance companies could partner with fintechs to integrate banking data for dynamic premium adjustments. Retailers might use open finance data to power BNPL decisions at checkout in real time.

Competition and Market Entry

Just as PSD2 lowered barriers for fintechs in payments, open finance could lower barriers in other areas of finance. A fintech entering wealth management won't need users to manually input holdings – they can gather data via APIs.

Better Fraud Detection and Risk Management

With more data accessible, institutions can improve fraud detection models. Patterns of fraudulent transactions can be spotted across multiple accounts. Risk assessments for lending can become more accurate.

How Binar Guides You Through PSD3 and Open Finance

Navigating this new regulatory landscape can be daunting. That's where Binar's expertise in fintech and regulatory consulting becomes invaluable. Having helped clients through PSD2, Binar is already deeply familiar with the open banking domain.

Strategic Readiness Assessments

We evaluate what PSD3 and open finance mean for your specific business. Our consultants perform a gap analysis on your current products against upcoming requirements, creating a tailored roadmap to achieve compliance and leverage new capabilities.

Regulatory Interpretation and Licensing

Binar's regulatory experts distill the legal jargon into plain language and actionable tasks. We clarify what needs to change in your authentication flow, how anti-fraud requirements apply, and guide you through any re-licensing steps.

Technical Implementation and Upgrades

We help design and implement required APIs and infrastructure to share data safely. This includes robust API gateways, new consent and authentication flows, monitoring tools, and features like Confirmation of Payee checks.

Product Innovation Workshops

We run workshops and ideation sessions to brainstorm new product features made possible by broader data access. Our cross-domain knowledge helps connect the dots on how different sectors can leverage open finance data.

End-to-End Delivery and Testing

From initial design through development, testing, and launch, we stand by our clients. We set up sandbox environments to test new API integrations and facilitate external testing to gather feedback.

Continuous Compliance Support

Regulations evolve. Binar offers ongoing support so that your solution remains compliant. We monitor regulatory updates and advise on necessary adjustments.

Embracing the Future of Open Finance

The transition from PSD2's open banking to PSD3 and Open Finance represents a significant leap toward a more integrated and innovative financial system. It's an exciting time: the playing field is widening, and the rules are getting clearer. Companies that embrace these changes proactively can deliver more value to customers and stake out leadership positions in the next generation of financial services. For financial institutions, this is a chance to deepen customer relationships by offering connected services across all financial needs. For fintech and third parties, it's an opportunity to disrupt additional verticals.

Prepare, adapt, and innovate – those who do so will thrive in the PSD3 and open finance era, delivering exceptional value in a more open and connected financial world. And with Binar's help, you can approach this future with confidence and clarity.