PSD II introduced a new regulatory framework for payment services across the European Union, reshaping how banks, payment institutions, e-money institutions, fintech companies, and third-party providers operate in the European payments market. The directive was designed to strengthen consumer protection, improve payment security, and support innovation within a more harmonized regulatory environment.
The revised Payment Services Directive, officially known as Directive (EU) 2015/2366, was published in the Official Journal of the European Union on 23 December 2015. It repealed the previous Payment Services Directive 2007/64/EC and had to be transposed into national law by 13 January 2018.
The main goal of PSD II is to create a more open, competitive, and secure payment services market. It allows both traditional financial institutions and new fintech providers to operate under clearer rules while ensuring that consumers benefit from stronger safeguards and better access to digital payment solutions.
#Why PSD II Matters
The directive brought major changes to the European payments sector by regulating new market participants, including third-party providers, fintech firms, payment initiation service providers, and account information service providers.
These changes created both challenges and opportunities. For established banks and payment institutions, the new framework introduced additional compliance, security, and operational requirements. For fintech companies, it opened the door to new business models based on access to payment accounts, digital interfaces, and customer-authorized data sharing.
As a result, PSD II became one of the most important regulatory developments for open banking, digital payments, and fintech innovation in Europe.
#New Payment Market Participants
One of the key features of the directive is the regulation of third-party providers, commonly known as TPPs. These include two important categories:
Payment Initiation Service Providers, or PISPsPISPs can initiate payments directly from a user’s payment account, usually with the user’s consent. This allows consumers to make online payments without relying only on traditional card-based methods.
Account Information Service Providers, or AISPsAISPs can provide users with consolidated information from one or more payment accounts held with different payment service providers. This helps consumers view their financial information in one place through online platforms, mobile applications, or other digital interfaces.
These services support the development of open banking and create new opportunities for fintech businesses, merchants, and digital payment platforms.
#Benefits for Consumers
The revised payment services framework introduced several practical benefits for consumers. Users can connect bank accounts with merchant payment systems, access account information through convenient digital interfaces, and manage several accounts in one place.
At the same time, the directive strengthens consumer protection by improving transparency, reducing certain fees, and introducing stronger security standards for electronic payments.
For customers, this means more choice, better digital payment experiences, and stronger safeguards when using online and mobile payment services.
#Key Changes Introduced by PSD II
#1. Wider Regulatory Scope
The directive expanded the scope of regulated payment transactions. It covers a broader range of transactions by geography and currency, including certain “one-leg transactions” where only one party is located within the EU.
It also brought third-party providers into the regulatory framework, ensuring that new fintech-based services are subject to supervision and compliance obligations.
#2. Stronger Consumer Protection
Consumer protection is one of the central goals of the directive. The rules address liability for unauthorized transactions, improve transparency for payment users, and prohibit certain card surcharges.
These measures are intended to reduce consumer risk, increase trust in electronic payments, and make payment services more transparent and predictable.
#3. Enhanced Payment Security
The directive introduced stricter security requirements for electronic payments. This includes stronger customer authentication, secure communication standards, and risk-based security measures for the initiation and processing of payments.
These requirements are especially important for online payments, mobile banking, payment apps, and other digital financial services.
#4. Access to Payment Infrastructure
A major change introduced by PSD II is the regulation of access to account infrastructure. Banks and other account-servicing payment service providers must allow regulated third-party providers to access payment account data where the customer has given consent.
This created the foundation for open banking in Europe and encouraged greater competition between traditional financial institutions and fintech companies.
#Impact on Banks, Payment Institutions, and Fintech Companies
Banks, payment institutions, e-money institutions, and fintech companies must understand how the directive affects their business models, client relationships, technology systems, and compliance procedures.
For some organizations, the impact may be mainly operational, requiring updates to security processes, customer authentication, and internal policies. For others, especially fintech companies offering payment initiation or account information services, the directive may create new licensing or registration obligations.
Businesses should carefully assess whether their services fall within the scope of payment services regulation and what compliance measures are required.
#Preparing for PSD II Compliance
A structured compliance approach can help payment service providers adapt to the regulatory environment and reduce operational risks. Key preparation steps may include:
- assessing how the directive affects the company’s business model;
- identifying which obligations apply to the organization;
- reviewing payment services, account access, and customer interfaces;
- preparing a compliance action plan;
- evaluating the financial and operational impact of the rules;
- reviewing internal policies, procedures, and security controls;
- training staff on new payment services requirements;
- monitoring regulatory updates and supervisory expectations.
#How Professional Support Can Help
Implementing payment services regulation can be complex, especially for organizations operating across multiple jurisdictions or developing fintech products in the EU market. Professional guidance can help identify applicable obligations and create a practical roadmap for compliance.
Support may include regulatory impact assessments, business model reviews, compliance planning, licensing analysis, payment services documentation, security requirement reviews, topical regulatory reports, and staff training on new payment regulations.
#Final Thoughts
PSD II played a major role in transforming the European payment services market. By regulating third-party providers, strengthening consumer protection, and supporting open banking, the directive created a more competitive and innovation-friendly environment for digital payments.
For banks, payment institutions, e-money institutions, and fintech companies, understanding these rules remains essential for maintaining compliance, building secure payment services, and operating successfully within the EU financial regulatory framework.