Shaking up Payments: the Biggest Disruptors in PSD2

The nominees are…

Payments Initiation Services and Account Information Services:

From a commercial, legal, technical and operational perspective, payment initiation services have been introduced as new obligations for banks and traditional payment services suppliers. The idea is to allow third-party companies (also regulated under the PSD2) to make payments on behalf of (POBO) traditional bank clients. This is the result of the growing number of payment outfits in the marketplace, conducting – until now – fairly unregulated business and operating within the scope of their own creativity and commercial objectives. PSD2 puts a framework around that, with the consequence of carving out the traditional business of banks’ payments and cash management.

Account information services are the corollary of the first concept. It is our second nominee, as it also opens the market for competition and innovation. While payment initiation services largely act “on behalf of the ultimate account owner”, account information services basically allow third parties to act as aggregators across a number of banks, in terms of transaction visibility, reporting and all the traditional processes.

The growing trend with corporates (wholesale banking) is the migration of treasury processes into the cloud with payment services providers (PSPs) and historical treasury technology vendors, to optimise payments and cash management as an overlay to traditional bank services. Account information services now puts a legal framework around this example. PSD2 is also largely designed to cover the same principles and benefits to the retail banking world.

Low-Hanging Fruits for Transaction Banking:

Clearly, PSD2 will have a number of variations in transposed domestic laws, opening the gates to various rules, processes and technical standards. Across all of the impacted bank functions, transaction services will pick up a lot more scope and business logic. Minimising and ‘protecting’ back-office platforms from direct PSD2 impacts is the first point to consider. The after-effect to this idea is the introduction of or fully leveraging digital banking.

For those who still haven’t heard about digital banking, the idea is to separate the way bank clients consume the services electronically from the way banking products, platforms and processes within the bank are physically deployed. Digital banking was covered in detail in a previous blog.

The low-hanging fruits to deliver on payment initiation services as well as account information services are:

  • Digitise the banking channels, enabling them to normalise client or third party data (payments, reporting, “act on behalf”, message types). This typically includes data normalisation, file mapping, enrichment and transformation.
  • Identify where pre-PSD2 processes in the middle and back-office systems can be maintained. The expansion of know-your-customer (KYC) rules, client-third party relations and reconciliation processes can help normalise all PSD2 flows from the technical foundations of the bank.
  • Operational client community and reference data management. Above and beyond KYC and sales data, it becomes an imperative to keep track of the entire detailed inventory of client integration reference data, settings, file types and envelopes, certificates, ‘act on behalf’ mandates, etc. The business as usual (BAU) teams from transaction banking will need to keep track of multi-layered business and technical relationships.
  • Ensure all access controls, identity management; auditing, reconciliations, and transaction management reflect the multi-layered model.

Minimum Compliance vs. Commercial Strategy:

Some European banks have already started to get ahead of the curve by spinning off their own independent ‘third-party PI’ brand to compete within and maintain their share of the PSP market. This is very apparent in the Nordics and Germany. On the other end of the spectrum, the majority of banks are hatching down, bracing themselves with the minimum compliance approach. Minimum compliance is basically fixing the new gaps opened by PSD2, largely around security, KYC and electronic banking. Entering the third-party PSP world as a new or independent brand – a bank joint venture, a spin-off, or a subsidiary – is the only way to keep or expand one’s market share. A few smart European banks have chosen the most aggressive strategy, by executing a “land grab” from other banks who chose minimum compliance.

A Final Observation

Some banks are wearing the scars of the financial and emotional investment into the single euro payments area (SEPA). PSD2 looks like a further tightening of the bolts, when it actually introduces more disruption to the banking business than SEPA did. When disruption comes, an organisation can either do nothing or fully embrace it and ride the waves.


Related reading

Dominic Mac