Market uncertainty, a lack of necessary infrastructure and enforced regulatory standards means that the revised European Payment Services Directive (PSD2) may not be actively enforced until mid-2019.
“There is a misconception that PSD2 will hit hard in January 2018 but it doesn’t really,” Lu Zurawski, solutions practice lead, consumer payments EMEA, told bobsguide at this year’s Money 20/20 conference.
“It is very difficult for a regulatory body to know if someone is breaking the law or not until the regulatory technical standards have been agreed and enforced.
“That won’t take place until 18 months after the European Commission lays them down so we are not going to see the real biting impact of people being fined for people breaking PSD2 until the second half of 2019,” said Zurawski.
PSD2 TTPs: what certification do you have to access consumer data?
PSD2 will allow third-party providers (TPPs) to take on roles that were traditionally only available for banks. TPPs will need to request consumer data from these banks.
“In order to do their jobs, the banks need to have access to a register of licenced TPPs. That involves a licencing body to award technical certification,” said Zurawski.
“Today there are no central bodies set up to provide TPP certification. I don’t think they will be ready in January so even if someone wanted to be compliant, there isn’t the technical infrastructure to support it,” he added.
The Euro Banking Association has a sub-group which is currently pitching for this role as a not-for-profit contribution to their industry.
'API and you know it?
Mark Ranta, head of digital banking solutions at ACI Worldwide, told bobsguide: “One the biggest issues with PSD2 is that it is not a traditional banking standard. Traditionally banks are told what they are required to do and how they should do it.”
PSD2 comes closer to telling banks what the regulators want to achieve, in theory, and leaves it to the banks to find a way to do it.
“There is nothing saying PSD2 should use an open API, it has just been agreed upon by market consensus that that is the best way to attack this as an industry,” said Ranta.
“Even with regards to open APIs, there are many ways to approach it. Each country and the different banks in those countries will approach, build and deploy open APIs differently” he explained.
Under PSD2, the biggest challenge that governments and banks face is that the general public does not know what PSD2 is about.
The industry is excited about using data but if consumers are not willing to share data with third-parties then PSD2 is not going to be hugely successful.
When you explain PSD2 regulation to the average consumer, they “can’t see anything broken that PSD2 is going to fix,” argued Zurawski.
In the UK, nine leading banks are skilfully creating a ‘common’ API infrastructure. However, “they are not spending a penny on consumer education or marketing, so I fear for what will happen over the next two years,” Zurawski added.
Looking for the next Amazon or Alibaba
Despite these hurdles, Ranta and Zurawski are excited about how much potential PSD2 opens up to the banking industry.
“We are on the onset of pre-Uber,” said Ranta.
“On day one PSD2 infrastructure will have very little volume. But, by opening up the banking infrastructure you will give some the best developer minds access to it for the first time.
We don’t know what the next Amazon or Alibaba will be. What that consumer experience will be and who will offer it is the biggest question. It scares a lot of people here,” Ranta said at Money 20/20.