axway.com 1

Digital Business Enablement

Ready for the new EU payments value chain? 4 ways PSD2 can generate innovation, healthy ‘co-opetition’ and growth

Evolution of the PSD In 2007, the Payment Services Directive (PSD) established the legal foundation for an EU-wide single market for payments. The comprehensive set of rules was designed to make cross-border payments as easy, efficient and secure as payments within an EU member state. The ultimate goal of the PSD was to foster competition by opening up payment markets to new entrants, in turn creating more convenient, cost-effective and secure payment options for consumers.

As expected, the PSD created a unified way to make credit transfers across the Single Euro Payments Area (SEPA) at almost no cost to the corporates. Recognizing immense opportunity in the new payments value chain, digital-native Fintechs and non-banking institutions quickly emerged to offer non-traditional — and unregulated — digital payment initiation and aggregated accounts information services, such as personal finance management, directly to end users.

These service providers brought innovation and competition, providing more, and often cheaper, alternatives for digital payments. But they also introduced more risk at the consumer level, making it clear they should not remain unregulated. To improve transparency and security in the single market and to create a more level playing field, the PSD was expanded to include third-party providers (TPPs) as well as the Payment Service Providers (PSPs).

The revised directive, PSD2, was formally adopted by the EU Council of Ministers in December 2015 (Directive 2015/23661) with a transposition deadline for all EU countries of January 2018.

PSD2 Timeline

January 2016 Entry into force of PSD2

During 2016 and 2017 Publication of EBA (European Banking Authority) Guidelines and Regulatory Technical Standards

January 2018 Full transposition deadline for all EU countries

1 Directive (EU) 2015/2366

axway.com

Digital Business Enablement

2

What’s new in PSD2?

The revised PSD regulates new market players who make digital payments on a customer’s behalf, and makes these payments safer with data-protection and liability rules that apply to all payment service providers.

PSD2 expands the original directive’s regulatory scope and technical requirements2 in four main areas:

� New TPP Players — A major component of PSD2 is Open Access to Customer Accounts (XS2A), which requires banks and other institutions to share payment account information with TPPs via open APIs. TPPs include Payment Initiation Service Providers (PISPs), such as Sofort in Germany, IDeal in the Netherlands and Trustly in Sweden, and Account Information Service Providers (AISPs) that aggregate customer information from multiple accounts and make it accessible from a single portal. Under PSD2, all PSPs, PISPs and AISPs will have to follow the same rules and go through the same processes for registration, licensing and supervision by the competent authorities.

� More SEPA Payments — Transactions in non-EU currencies where both the payer’s and the payee’s PSP are located in the EU will fall under the new regulation, as will payment transactions in all currencies where one PSP is located in the EU.

� Enhanced Security — To make electronic payments safer, PSD2 introduces enhanced security measures (including Strong Customer Authentication, with some exceptions based on context) to be implemented by all PSPs, including banks, payment institutions and TPPs. The technical requirements will be issued by the EBA.

� Better Consumer Protections — PSD2 bans debit and credit card surcharges for online and in-store payments, clarifies the liability rules that determine which PSP is responsible for issuing refunds, and protects consumers in the case of fraudulent and unauthorized transactions. Additional rules provide unconditional refund rights and protections for non-EU money transfers and remittances.

2

New TPP Players

Payment Initiation ServiceProviders (PISPs)

Account Information ServiceProviders (AISPs)

More SEPA Payments

Non-EU currencies with both legs in EU

All currencies withone leg in EU

Enhanced SecurityStrong customerauthentication

Secure and open access tocustomer accounts (XSA2)

Better ConsumerProtections

Unconditional refund rights

Fraud protection

2 For more information, refer to the European Commission Payment Services Directive Fact Sheet

“The EU payment services market remains fragmented and expensive, costing €130 billion, or over 1% of EU GDP, a year. The EU economy cannot afford these costs, if it wants to be globally competitive.”

— Antonio Tajani, Lead Member of the European Parliament (MEP)

Digital Business Enablement

axway.com 3

What are the major implications for banks and other financial services institutions? PSD2 is intended to improve consumer protections, promote the development and use of innovative online and mobile payments, and ensure secure and open access to customer accounts — all very good for new entrants and end users of payment services. But what will these outcomes mean, in practical terms, for banks and other financial services institutions who now find themselves in uncharted digital territory?

Increased competition from new players — the TPPs

XS2A removes barriers to entry for new retail and Fintech players, clearing the way for them to create new payment options and value-added services, such as personal finance management, that can aggregate information from multiple consumer accounts.

� PISPs: XS2A will cut out the “middleman” in electronic payments by allowing merchants to use a customer’s account details to initiate a payment directly from the bank. From the customer standpoint, this puts the shop, mobile app or online service at the forefront of the transaction, relegating the bank to the role of invisible PSP.

� AISPs: XS2A will enable consolidation of information from multiple accounts and multiple banks, giving consumers real-time visibility into cash flow and payment transactions in one place. This will give AISPs access to a data goldmine for cross-selling and personalization of offers that threaten to undermine the bank’s customer relationships.

Increased technical complexity — and uncertainty

More regulated SEPA payments, security requirements and consumer protections add to the complexity of PSD2 compliance. The EBA’s formal Guidelines and Technical Regulatory Requirements will include strong authentication, authorization and identity management to address security challenges that emerge from XS2A.

Adding uncertainty on top of complexity, the EBA will continue to issue requirements until mid-2017, leaving a very small window of time for testing and implementation prior to the January 2018 transposition deadline.

Personal finance

manager (TTP)

Mobile apps

Online banking

Customer

Bank D account

Bank C account

Customer bank

account

Bank B account

XS2A

XS2A

XS2A

XS2A

XS2A

axway.com

Digital Business Enablement

4

Stake your claim in the new payments value chain as a digital banking innovator

At its core, PSD2 is aimed at reducing the cost of payments to the point that they are a commodity rather than a value-added step in a business interaction. Clearly, XS2A will further disrupt payments markets that have been dominated by banks, cards and cash for decades. So it’s no surprise that incumbent banks and other institutions might initially see the PSD2 requirement to open up their internal systems to third-party providers as an unwelcome burden that only creates more competition and less revenue.

But if you think strategically and look a little deeper, you will discover that PSD2/XS2A can actually be a blessing in disguise as you prepare to meet the 2018 deadline.

4 ways PSD2/XS2A compliance can be a springboard for innovation, healthy ‘co-opetition’ and growth:

1. Leverage partner ecosystems using secure APIs PSD2/XS2A opens up new opportunities to aggregate services, create more distribution channels and share information with partners (who might have otherwise been competitors). By migrating to API-centric partner integration, you can manage and use multiple interaction channels consistently. As a result, you can create new revenue streams by using APIs to securely access partner services, and vice-versa.

Given that the EBA requirements for strong authentication will depend on the nature of the transaction and will continue to evolve until late in the implementation timeline, an agile security implementation strategy, particularly for identity federation, is a must.

2. Combine existing services to create innovative offerings In the new banking landscape, traditional services need to be available, but not in the same old ways. You can use APIs to build digital “mash ups” that combine your existing internal services with TPP services to deliver precisely what your customers want and need at any given moment. By cooperating with the competition and leveraging what you already have to expand your digital services portfolio, you can stay front-and-center in the digital economy.

3. Create the seamless omni-channel experience your customers expect Consumers expect real-time engagement and consistent levels of service across all of their physical and virtual interactions. Using APIs, you can ensure that data and services for consumers, partners and field forces are available, consistent and secure across all touch points — mobile, online, call centers, ATMs and branches. 

4. Monetize services with analytics It takes real-time API usage data and operational intelligence to monetize services. With access to detailed analytics that leverage data and services from the bank’s entire ecosystem, you can introduce fresh business models with a new approach to business monitoring.

Digital Business Enablement

axway.com 5

Double Annual RevenueGrowth Rate from 4% to 8%

Monetization andOperational Excellence

Innovate withExisting Services

Existing IT Systems

Applications ApplicationsServices Data

Reduce Cost ofService by 20%

Leverage YourPartner Ecosystem

Enable OutboundOmni-Channel

To meet the new PSD2 requirements for open access to customer accounts while compensating for lower payment revenues, you will need an agile architecture for integrating payments with other services outside the traditional banking ecosystem.

With the right vision and implementation strategy, the transformation forced by PSD2 can help traditional banks and other institutions become digital innovators and disruptors themselves, ensuring they will not only remain relevant, but take the lead in the new digital payments value chain.

axway.com

Digital Business Enablement

6

Will you be ready for 2018?

It’s true that digital-native customers and competitors are disrupting the entire banking and financial services industry. But the leadership mantle in digital banking — including payments — is still up for grabs, and the wealth of data, information, experience and knowledge that is unique to traditional banks and financial services firms gives them an enviable head start.

If banks do nothing more than provide an API to facilitate the mandated XS2A, they will meet the minimum requirement for open access to customer account information. But, they also risk becoming the back-end infrastructure for more agile and imaginative newcomers who are eager to take control of the front-end customer experience.

If you want to preserve and expand your role (and revenues) in the new digital payments value chain, you will need to fully embrace the digital ecosystem and use APIs to seamlessly integrate various services, including but not limited to payments. With an API-centric integration strategy for digital banking innovation, you can introduce value-added apps and services that delight your customers and strengthen existing portfolios.

Axway can help.

For more than 15 years, Axway has been empowering leading banks and other financial services organizations with the digital enablement technologies they need to improve operational efficiency, accelerate business innovation and deliver delightful and optimal customer experiences. If you’re looking for a strong and imaginative technology partner on the road to digital, we can help you develop the capabilities you need to collaborate smarter, innovate faster and engage better with your customer and partner ecosystems.

© AXWAY 2016. ALL RIGHTS RESERVED. READY FOR THE NEW EU PAYMENTS VALUE CHAIN?_WP_EN_060916

To get started, learn about Axway solutions for Digital Banking.