7
Payment Services Directive 2 for FinTech & Payment Service Providers Accelerate your growth journey

Payment Services Directive 2 for FinTech & Payment ... - EY · PDF file2 | Payment Services Directive 2 for FinTech & Payment Service Providers The introduction of the Payment Services

  • Upload
    vobao

  • View
    225

  • Download
    1

Embed Size (px)

Citation preview

Page 1: Payment Services Directive 2 for FinTech & Payment ... - EY · PDF file2 | Payment Services Directive 2 for FinTech & Payment Service Providers The introduction of the Payment Services

Payment ServicesDirective 2

for FinTech & PaymentService ProvidersAccelerate your growth journey

Page 2: Payment Services Directive 2 for FinTech & Payment ... - EY · PDF file2 | Payment Services Directive 2 for FinTech & Payment Service Providers The introduction of the Payment Services

| Payment Services Directive 2 for FinTech & Payment Service Providers2

The introduction of the Payment Services Directive II(PSD2) will open up the payment services market byregulating the FinTech revolution currently happeningon a community level. The EU-wide harmonisation ofonline payments is aimed at increasing the securityfor payment transactions and account informationand creating a level playing field to enhancecompetition.

PSD2 invokes a major breach with the PSD1. Amongstother things, it introduces the Third Party Provider(TPP) as a definition to regulate new paymentservices. Two new types of TPPs are introduced,namely Account Information Service Providers(‘AISPs’) and Payment Initiation Service Providers(‘PISPs’). Banks are obligated to open up their ITinfrastructure to TPPs. Through the initiation ofPSD2, innovative payment services companies areenabled to compete with the banks.

Both AISPs and PISPs will have to comply with theregulatory requirements under PSD2 and perhapsalso to apply for a licence under the PSD2. The PSD2licencee is allowed to passport this licence to otherEU/EEA member states (single licence regime), whichallows them to provide their services in thosecountries. Without such licence, parties qualifying asa TPP are prohibited to offer their services as perJanuary 13, 2018.

But it does not end with being compliant or alicence…The actual formalization of the governanceand the risk management function is very relevant. Asolid risk management framework needs to bedesigned and set up including a risk appetitestatement, risk management policies and procedures,risk reporting and an internal control framework. Thisrequires extensive strategic, risk management,compliance, IT, legal and HR knowledge and expertise.

What does PSD2 change?

Transposition of the rules and regulations ofPSD2 in national law takes place as soon as13 January 2018

Make use of the new situation on the paymentmarket and undertake instant action.

Goals of the new payments regulations

► Create a harmonized payments systemand a single payments market within theEU

► Increase transparency

► Stimulate innovation

► Improve the level playing field forpayment service providers (including newplayers

► Ensure a high level of consumerprotection and of payments security

► Encourage lower prices for payments

► Facilitate the emergence of commontechnical standards and interoperability

Page 3: Payment Services Directive 2 for FinTech & Payment ... - EY · PDF file2 | Payment Services Directive 2 for FinTech & Payment Service Providers The introduction of the Payment Services

| Payment Services Directive 2 for FinTech & Payment Service Providers3

The new PSD2 landscape

AISP PISP

Consumer(PSU)

AISP

Bank 3(AS PSP)

Bank 2(AS PSP)

Bank 1(AS PSP)

Balance data

Authorizationaccess to

information

Aggregateddata oversight

Sale

Consumer(PSU)

PISP

(online)Retailer(PSU)

Bank of theconsumer

Bank of the (online)retailer (AS PSP)

Payment scheme(actual financial

transaction)

Paymentinitiation

Paymentauthorization

Paymentstatement

Paymentconfirmation

AISP:Account Information Service Providers will have to begiven access to account information by the AS PSPwhen granted permission of the account holder.Information given by the AS PSP can subsequently beused by the AISP in order to render its service suchas aggregating data relating to PSU (consumer)accounts held across one or many AS PSPs.

AS PSP:Account Servicing Payment Service Providers aretraditional financial institutions (e.g., banks) whichprovide accounts to consumers and from or to whichthe consumer issues payments.

TPP:Third Party Payment Service Providers is the genericterm for the Third Party Account Information ServiceProviders (AISP) and Third Party Payment InitiationService Providers (PISP). A TPP does not holda payment account nor does it enter into possessionof the funds being transferred.

PSU:Payment Service User is the consumer or retailer whois the user of services provided by payment serviceproviders like banks or TPPs.

PISP:Payment Initiation Service Providers will be allowedto initiate payments issued by the account ownerbetween the AS PSP (bank) and PSU (consumer).This allows them to use the information from AS PSPsto facilitate online banking payments.

Page 4: Payment Services Directive 2 for FinTech & Payment ... - EY · PDF file2 | Payment Services Directive 2 for FinTech & Payment Service Providers The introduction of the Payment Services

| Payment Services Directive 2 for FinTech & Payment Service Providers4

Licenceapplication

EnterpriseRisk

Management

Cyber securityand enterprise

intelligence

Risk &Regulation

Risk Appetite &Culture Appetite

Data privacy

Strategy &

Transformation

How can EY helpyou with PSD2requirements

Is your company ready?

Key questions to be answered:What is the impact of PSD2 on my business?

What is the best way to structure my business operations according to the PSD2 legislation?

Are my company’s governance arrangements and risk management framework adequate?

Are my company’s security incident procedures compliant?

Who are the directors and persons responsible for the management of the payment institution and are theysuitable for their position?

Is my company compliant with the Anti-Money Laundering and Combatting Terrorist Financing Directive?

Is my company legally ready to undertake business in other EU/EEA member states?

Which activities can my company outsource?

To what liability issues is my company exposed?

Does my company have a duty of care towards its customers?

Does my company comply with all the information obligations?

We can help you to navigate through all potential impact areas

The obligation toinform consumersof their rights

The obligation toinform consumers

about all the chargesand exchange rates

Adequate and effectivecomplaint resolutionprocedures

Strong Authentication based onthe use of two or more of the

following elements – knowledge,ownership and inherence

Robust and complete cybersecurity framework

Page 5: Payment Services Directive 2 for FinTech & Payment ... - EY · PDF file2 | Payment Services Directive 2 for FinTech & Payment Service Providers The introduction of the Payment Services

| Payment Services Directive 2 for FinTech & Payment Service Providers5

Your chosen strategy will have a significant impact on your future business model andyour role in the financial eco-system

XS

2Apa

ymen

t&

info

rmat

ion

serv

ices

Account access provider

Comply► Ensure all PSD2 licence

requirements are met intime

► Ensure the organizationand systems arecompliant with securityrequirements andtechnical standards

Compete

► Compete with banks andnew third party providersby aggregate financialdata from multipleAccount ServicingPayment ServiceProviders and offeringthis service to clients

Transform► Identify strategic

opportunities andinnovations to profit fromthe proposedregulatory changes

► Use existing data and newpossibilities thatPSD2 offers in order todevelop a new andinnovative businessmodel

Expand► Use client’s payment data

in order to offer new andadvanced payment andinformation services

► Identify reliablecollaboration andcooperation partners fortechnical, business andinnovation purposes

Third party provider

Adv

ance

dpa

ymen

t&

info

rmat

ion

serv

ices

Page 6: Payment Services Directive 2 for FinTech & Payment ... - EY · PDF file2 | Payment Services Directive 2 for FinTech & Payment Service Providers The introduction of the Payment Services

| Payment Services Directive 2 for FinTech & Payment Service Providers6

How can EY help

EY / HVG Law has first-hand experience with obtaining licences for e.g., payment Institutions andsignificant experience in meeting regulatory requests throughout the entire licence application process.

We are used to work in close cooperation with our clients and third parties, including the regulatoryauthorities. We have a good relationship with the regulators, including DNB’s Supervisory Division.

Our knowledge and experience with strategy transformation journeys in combination with ourunderstanding of the financial services industry puts us in a unique position to support you with latestmarket practices, developments and trends.

We are recognized as the most globally coordinated professional services firm and have a trulyintegrated network with skilled teams world wide. As demonstrated over the years where neededwe call upon subject matter expertise across the globe e.g., finance, risk, legal, compliance,organisational design, and liability issues.

We have both in-depth as broad knowledge of developing financial, regulatory & governance processes,anti money laundering legislation, risk management, security and issues concerning liability.

The EY / HVG Law contacts to guide you through your growth journey

Olga Elsenga | HVG LawCompliance and Regulatory Expert

+ 31 6 5246 5729

[email protected]

Alexander Huiskes | EYExecutive Director Risk Management

+ 31 6 2908 3666

[email protected]

Page 7: Payment Services Directive 2 for FinTech & Payment ... - EY · PDF file2 | Payment Services Directive 2 for FinTech & Payment Service Providers The introduction of the Payment Services

EY | Assurance | Tax | Transactions | Advisory

About EYEY is a global leader in assurance, tax, transaction andadvisory services. The insights and quality services wedeliver help build trust and confidence in the capital marketsand in economies the world over. We develop outstandingleaders who team to deliver on our promises to all of ourstakeholders. In so doing, we play a critical role in building abetter working world for our people, for our clients and forour communities.

EY refers to the global organization, and may refer to one ormore, of the member firms of Ernst & Young Global Limited,each of which is a separate legal entity. Ernst & YoungGlobal Limited, a UK company limited by guarantee, does notprovide services to clients. For more information about ourorganization, please visit ey.com.

© 2017 Ernst & Young Accountants LLPAll Rights Reserved.

ED 0617

This material has been prepared for general informationalpurposes only and is not intended to be relied upon asaccounting, tax, or other professional advice. Please refer toyour advisors for specific advice.

ey.com/nl