The document provides an overview of the EU and UK legal framework governing payments, including the Payment Services Directive (PSD) and PSD2. PSD2 introduces new opportunities for payment initiation and account information services by requiring banks to provide access to payment account information. However, it may also result in costs for existing payment service providers who will need to make system and process changes. While new fintech entrants could take advantage of these new services, existing providers may resist the changes due to security concerns and loss of customer interaction. Overall, PSD2 presents both opportunities and challenges for existing businesses and new entrants in the evolving payments landscape.

1. The ever changing payments landscape

2. Overview
— Overview of EU and UK legal framework
— Overview of current requirements
— PSD – information requirements
— PSD – payment service standards
— PSD2 impact
— Potential opportunities
— Potential costs
— New entrants and existing PSPs
— Passporting and interchange fees
— Final thoughts

3. Overview of EU and UK
legal framework
EU Level framework
— Payment Services Directive (PSD)
— Typically European Union (EU) Member States (MS) implement directives through changes to their own laws
— In some countries directives are automatically incorporated into local laws when they become effective
— UK
— UK have implemented PSD through the UK Payment Services Regulations (PSRs)
— Changes also made to Financial Services and MarketsAct 2000 (FSMA) and associated subordinate legislation, e.g.
the Financial Services and MarketsAct 2000 (RegulatedActivities) Order 2001 (RAO)
— The Financial ConductAuthority (FCA) is the regulatory authority responsible for PSD in the UK
— The FCA has issued guidance in the form of its PSR approach document:“The FCA’s role under the Payment
Services Regulations 2009: Our approach”
— Firms must also follow the FCA’s rulebook, also known as the Handbook

4. Overview of current core
requirements
Authorisation and general FCA requirements
— In order to provide payment services firms must either be authorised or an agent of an authorised firm
— In order to become authorised firms must meet a set of threshold conditions in relation to capital, resources,
management, systems and location
— Authorised firms, and ultimately their agents, are subject to FCA supervision
PSR conduct of business requirements
— Information based requirements
— Payment service standards

5. PSD – information
requirements
Information based requirements including:
— Pre contract and post contract information:
— Single payment transactions
— Framework contract agreement (schedule 4 information)
— Exemptions
— Consumer credit act (CCA) carve out
— Low value payment instruments
— Corporate opt outs
— Durable medium (information to be provided or made available)
— During the life of the agreement:
— Changes to the agreement
— Information before and after transactions are carried out, e.g. exchange rates
— Charges for information – cannot charge for those required under the PSRs unless additional or different format
information requested
— Additional charges and reductions (cannot prevent payee charging, or offering a reduction, for use of a particular
payment instrument)

6. PSD – payment service
standards
Payment service based requirements including:
— Payment instruments:
— obligations of provider and customer;
— spending limits; and
— stopping use
— Carrying out payment transactions: receipt, authorisation (including recurring transactions), sending, revocation, refusal
and execution of payment orders including regulatory timeframes
— Unauthorised transactions including liability and refund requirements and recurring transactions
— Value dating of payment transactions
Exemptions: corporate, low value and CCA carve out

7. The second Payment Services Directive (PSD2)
— Came into force on 12 January 2018
— MSs must transpose it into their national laws by 13 January 2018
Key changes
— Geographical scope and currencies increased
— New payment services defined: payment initiation service and account information service
— Requires account holding Payment Service Providers to grant access to payment account information to third parties
providing such services
— Clarification of liability in certain situations
— Increasing the transparency of payments and charges
— Reduction in use of exemptions:
— Limited network definition much stricter
— ATM exemption much narrower and irrelevant if other payment services
— Digital downloads – stricter and transaction limits introduced
— Payment transactions through commercial agents – can only act for payer or payee
— Safeguarding (greater harmonisation)
PSD2 impact

8. Potential opportunities
New payment services represent great opportunities
— Account information services (AIS)
— Some are currently providing these services, e.g. Money Dashboard
— Questions about legitimacy – breaching customer terms and conditions?
— PSD2 brings legitimacy plus requirement for account holding payment service providers (PSPs) to provide information in accord with
standards to be published by European BankingAuthority (EBA)
— Great potential for various business models through access to wealth of customer information
— Payment initiation services (PIS)
— Various European providers, and popular in certain countries but UK activity is limited
— UK market may present a big opportunity
— Requires account holding PSPs (e.g. banks, credit card providers and e-money issuers) to provide access in accord
with security standards to be published by the EBA
— Could be intermediary for large retailers that do not set-up a PIS provider themselves

9. Potential costs
PSD2 will inevitably result in companies having to make changes
— System changes
— Document and process changes
— Changes to accommodate new payment services
— EBA standards
— Big impact to existing account holding PSPs
— Existing businesses may lose out:
— Banks and other account holding PSPs may get less interaction with their customers
— E-money firms will have to open up their accounts as well as banks
— Payment schemes, merchant acquirers and card issuers will face greater competition

10. New entrants and
existing PSPs
New FinTech entrants
— Many new entrants may set-up as providers ofAIS or PIS
— Some may provide services to newAIS or PIS providers
Existing PSPs and potential security risks
— Many may resist the changes as far as it is possible to do so:
— Could refuse access until EBA publishes the required security standards
— Could refuse access if it believes the other party (AIS or PIS provider) does not meet the standards
— PSD2 ultimately compels account holding PSPs (AHPSPs) to grant appropriate access to authorised firms providing such
services
— Will detract from AHPSPs interaction with its customers and will therefore likely be resisted
— Many have, and will continue, to raise concerns about security
— EBA need to publish the security standards (including in relation to application programme interfaces (APIs)) in good
time and MS regulators must ensureAHPSPs comply
Liability
— PSD2 changes the liability provisions to account for AIS and PIS providers

11. Passporting and
interchange fees
Passporting
— Firms who are well positioned to take advantage of the changes in one country should ensure they are ready to take
advantage of the ability to provide services throughout the EU
— Small payment institutions (small PIs) and small e-money institutions (small EMIs) cannot passport
— Authorised PIs and EMIs and other regulated entities, e.g. banks, can passport
Interchange fees regulation
— Imposes fee caps on consumer debit and credit card transactions
— Likely to result in revenue loss for established payment businesses while at the same time PSD2 introduces even further
competition

12. Final thoughts
— Complex and ever changing regulation of payments services offers both opportunities and challenges to existing
businesses and new entrants to the market alike
— Smaller, more nimble businesses may be better equipped than others to take advantages of the changes
— ExistingAHPSPs such as banks and even established e-money issuers may resist some of the changes due potential impact
on profit
— All market participants could take advantage of the new payment services by offering to customers (both their existing
customers and new customers)
— Those keen to take advantage should ensure they are well positioned in terms of business model, authorisation and ability
to passport throughout the EU
— Potential double impact of PSD2 and interchange fee regulation on existing companies

13. “The only source of knowledge is experience"
Albert Einstein
Questions?

14. Director & Associates
Peter Howitt , John Pauley & David Borge
e: peterhowitt@ramparts.eu
johnpauley@ramparts.eu
davidborge@ramparts.eu
w: http://www.ramparts.eu
t: +44 161 914 9785
Disclaimer: This presentation may contain information and guidance relating to a variety of legal, regulatory, corporate and tax matters. It is not
intended to be and should not be relied upon as legal advice by Ramparts.