By: Adam Jackson, Director of Policy at Innovate Finance
Last week, the European Commission published a new package of measures that promise to upgrade the framework for retail payments, unlock the value of financial data, and enable continued evolution of the EU’s single currency for the digital age.
The Commission has proposed three specific sets of reform. These seek, respectively, to overhaul the EU’s existing payments legislation so it remains fit for purpose, encourage the development of new ‘open finance’ services, and support the roll-out of a digital euro.
Together, these proposals represent quite a bold vision for the future of digital finance, supporting innovation and empowering consumers to take even greater control of their financial affairs. They leave FinTechs with much to consider. But there is little doubt that the Commission wants its citizens and businesses to more fully seize the huge opportunities presented by the digital economy, and is prepared to think big to make this happen.
In this blog, we provide an overview of each of the Commission’s new proposals, identify some specific issues of potential interest to UK FinTechs, and outline what will happen next in the EU’s legislative process.
Modernising payment services legislation
The EU’s Payment Services Directives, PSD1 and PSD2, set the rules for retail payments across the bloc – and they also, for now, remain the foundation of the UK’s payments rulebook, post-Brexit.
This legislation opened the door for non-bank payment service providers (PSPs), catalysing new services for individuals and businesses. Open banking provisions in PSD2, for example, have enabled FinTechs to provide households with a complete picture of their income and outgoing payments, to forecast possible future scenarios during a time of volatile prices, energy costs, and interest rates, and to find new ways of managing their finances.
However, inconsistent implementation in the EU, persistent data access challenges for third-party providers, and the emergence of new forms of payment fraud have prevented digital finance from flourishing to the fullest extent.
To remedy these shortcomings, and bring EU payments more fully into the digital age, the Commission has proposed a revision of the EU’s Payment Services Directive (called PSD3) and a new Payment Services Regulation (PSR). Although the Commission says these measures are ‘evolution rather than revolution’, some significant changes are proposed. These include:
- Stronger harmonisation and enforcement: Most EU payment rules will be put in a Regulation, applied directly to all EU countries. Key definitions, such as what constitutes a payment account or instrument, will be clarified, and enforcement rules strengthened. The E-Money Directive will be repealed, with its requirements merged into PSD3/PSR.
- Levelling the playing field: Non-bank PSPs will finally get access to EU payment systems, through an amendment of the Settlement Finality Directive, as well as stronger rights to a bank account to tackle ‘de-risking’ by some banks.
- Improving open banking: New requirements linked to dedicated data access interfaces for third-party providers, and a list of prohibited obstacles to data access, will be introduced. Banks and PSPs offering payment accounts (so-called Account Servicing PSPs) will also have to set up ‘permission dashboards’ for consumers, giving them greater visibility and control over who they have granted data access.
- More transparency for payment service users: New provisions will apply, for example, on the costs of credit transfers and money remittances from the EU to third countries, the cost of ATM charges, as well as payee details recorded in PSPs’ account statements.
- Tackling payment fraud: A legal basis will be provided for PSPs to share fraud-related information between themselves, through dedicated IT platforms. IBAN/name matching will become mandatory for all credit transfers, not just instant payments. In some circumstances, victims of ‘spoofing’ (i.e. authorised push payment) fraud will be entitled to claim damages from their PSP for the full amount of a fraudulent transaction.
- Modifying Strong Customer Authentication rules: Proposed changes include more clarity over transactions that are exempt from SCA, simpler application of the rules to payment account information services, and changes to how they apply to pass-through wallets.
Issues for FinTechs to consider
Innovate Finance sees Open Banking as so much more than a regulatory framework for increasing competition in the marketplace: it is a structure that facilitates data-driven solutions to real-world financial problems for consumers and businesses, not least when faced, as we are at present, with acute cost of living challenges – a topic we explored in our recent report with EY.
So we see the Commission’s plans to upgrade the EU’s open banking rules — through which they are looking to address some of the same potholes in the road currently holding back open banking in the UK context — as a positive step for FinTechs.
Giving non-banks direct access to the EU’s payment systems – already possible in the UK, with respect to our interbank retail payment systems – is another win for FinTechs. Reducing reliance on the banks, with which FinTechs also compete to offer payment services, will help them build new propositions, and improve user experiences with greater freedom and control.
More consistent application of payments rules across the EU will enable FinTechs authorised in one member state to serve the whole EU market more easily than they can today. This could be of genuine benefit for UK FinTechs looking to enter or scale in the EU market. However, if licensing arrangements for EMIs and PIs in the EU and UK diverge over time, compliance with the two regimes could become more onerous and expensive.
It is right that the Commission has focused on authorised push payment (APP) fraud in its reform proposals, and we are pleased that it is proposing a basis and mechanism for PSPs to share fraud-related data, consistent with GDPR rules. This is a reform we are calling for in the UK, and it’s encouraging to see the EU take the lead.
APP fraud remains a highly topical and sensitive issue on both sides of the channel, for consumers, FinTechs and regulators. As discussions continue in the UK on how best to choke off this form of fraud, and offer redress to victims, the Commission’s proposed measures on the latter point warrant further reflection, given the potential technical and financial implications.
A new framework for Open Finance services
There is a wide consensus that giving people broader rights to access data held on them by financial institutions, building on the open banking model, could support a new wave of innovation that further empowers consumers to manage their financial lives more easily and successfully.
With this prize in mind, the Commission has proposed a new Regulation on a framework for financial data access (which it had dubbed ‘FIDA’) to bring Open Finance to the European marketplace. The Regulation includes the following features:
- Loans, savings, investments, occupational and personal pensions, and non-life insurance would all be part of the initiative. However, to guard against financial exclusion risks, creditworthiness assessments, and life, sickness and health insurance would not.
- Customers would have the right to access their data from in-scope financial institutions (‘data holders’) in a secure electronic format, at no extra costs, and share it with regulated third parties including FinTechs (‘data users’) that offer open finance services.
- Customers would have full control over who accesses their data and for what purpose, facilitated by a requirement for data holders to provide them with dedicated permission dashboards (as per the PSD3/PSR proposal).
- Data holders and data users would have to join new ‘data sharing schemes’, which would develop the contractual and technical standards needed to implement data access between multiple financial institutions, as well as clear liability regimes to handle potential data breaches and dispute resolution.
- Financial institutions holding data would be remunerated by third parties such as FinTechs that access data, so they have an incentive to put in place the necessary high-quality interfaces – but smaller third-party providers would only pay compensation at cost.
It is worth noting that data sharing related to payment accounts data would, under the EU’s proposals, remain subject to the PSD3/PSR package, at least until the FIDA framework has bedded down.
Issues for FinTechs to consider
Innovate Finance published a report with Boston Consulting Group earlier this year, in which we outlined a practicable strategy to unlock the full potential of Open Finance in the UK context. We’re excited and encouraged to see many of our own thoughts reflected in the Commission’s proposals, including an ambition for the open banking model to be extended to savings, pensions, investment accounts, insurance, and other lending products.
Furthermore, the Commission recognises the benefits of third-party ‘data users’ being able to combine customer data from a range of different ‘data holders’ in order to provide innovative services for customers. This would facilitate the development by FinTechs of the kind of comprehensive financial dashboards we envisage in our aforementioned report, which would be of huge utility to people who are willing to share their data.
However, as the open banking experience has shown, aligning interests in order to deliver common, high-quality data sharing and API standards is immensely challenging. Critically, the way data sharing schemes are formed, and costs are divided between participating data holders and data users, will have a strong bearing on the market opportunities that emerge for FinTechs.
The UK authorities are currently legislating for the UK’s own framework for open finance, while working out how open banking will be taken forward. As with the reform of payments rulebooks, any divergence of UK and EU approaches in this area could create challenges for FinTechs operating in both markets.
Laying the ground for a possible digital euro
EU policymakers are troubled by aspects of the global payments environment — the heavy reliance of Europe’s economy on major US card schemes, other countries pressing ahead with central bank digital currencies (CBDCs), and the rise of private digital money, like stablecoins.
Given all of this, and the falling use of cash across the EU, the Commission fears that euro notes and coins no longer adequately support the EU’s economy. It is in this context that the Commission and European Central Bank (ECB) have been jointly investigating the creation of a digital euro.
The ECB is charged with deciding whether to proceed, and will provide an update in the autumn. The Commission wants to lay the ground with a proposed new Regulation on the establishment of the digital euro. This sets out the legal basis and essential elements of a possible digital euro, including the following features:
- Issuance and distribution: The digital euro would be issued by the ECB and the national central banks of euro area Member States. Consumers would receive digital euros through their commercial banks or PSPs in exchange for deposits or euro cash. People and businesses could pay with the digital euro anytime and anywhere in the euro area.
- Holding limits: The ECB would be able to impose limits on individuals’ holdings of digital euros, to safeguard monetary and financial stability, and avoid disrupting the commercial banks’ credit creation role.
- Cash-like functionality: The digital euro would work like a digital wallet. It would be available for both online and offline transactions, meaning that payments could be made from device to device, without an internet connection, as if paying with cash.
- User privacy is paramount: Online transactions with the digital euro would offer the same level of data privacy as existing digital payment methods, but disclosure of personal data would be lower with offline payments – more akin to what’s disclosed hen taking cash from an ATM.
- Wide acceptance is key: Businesses across the euro area would have to accept the digital euro, except very small merchants, where the costs of being able to do so would be disproportionate.
Considerations for FinTechs
We see great potential for CBDCs, as a new form of money that could provide the basis for new and innovative financial services for consumers, for example, leveraging their potential programmability, and their ability to reach financially excluded citizens in ways that traditional finance may find challenging.
It is encouraging that the Commission wants to maintain momentum in this area, and that they and the ECB foresee a role for non-bank PSPs in a new digital euro ecosystem, developing new wallet-style products and services for end users. The same opportunities are also likely to emerge in the UK, within the framework for a digital pound being sketched out by HM Treasury and the Bank of England.
However, differences of approach in EU and UK are already emerging – for example, in relation to the level of possible CBDC holding limits. This could have a bearing on the scale of the opportunity for FinTechs in each market, and their ability to serve both simultaneously with the same proposition.
What comes next?
The Commission’s package of measures now move into the EU’s legislative process. It falls to the EU’s co-legislators – the European Parliament, and the Council of Ministers, representing member governments – to conduct detailed scrutiny of the proposals.
They have less than a year until the next European Parliament elections, expected in May 2024. So, unless negotiations are conducted rapidly, it is quite possible the process will spill into the next Commission’s five-year term. This means it is unlikely the legislative proposals, as and when agreed, will actually take effect until 2026, or later.
Any decision to proceed with a digital euro may be even more drawn out. A final decision by the ECB to issue a digital euro is not likely before 2028, according to the Commission. Similarly, a digital pound is unlikely to crystalise until well into the second half of this decade.
While the Commission’s proposals will take some time to come to fruition, they offer some exciting opportunities for more innovation benefiting consumers and businesses. There is much in the Commission’s package that we have been calling for in the UK context, and together, the proposals amount to a blueprint for the future of digital finance.
An important dynamic here – set in train by the Commission’s envisaged reforms, and those that may emerge from parallel UK processes – is the possibility of legal and regulatory divergence between these two markets. This could throw up a range of strategic and practical challenges for FinTechs, but the UK and EU’s agreement on a new Memorandum of Understanding of financial services co-operation offers some hope in regard.
Under the MoU’s terms, a forum will be created for the UK and EU to discuss regulatory matters of mutual interest at least twice a year. At the very least, this offers the space for policymakers to discuss the risks of market fragmentation, and regulatory equivalence. But, with such a heavy agenda of digital finance reforms now in train in both markets, the forum’s focus on working towards compatibility of each other’s standards could be of considerable value, for FinTechs and consumers on both sides of the channel.
Whatever the outcome of these forum discussions, one thing is abundantly clear from the Commission’s package of proposals: when it comes to digital finance and innovation, European policymakers are not afraid to shoot for the sky in order to maintain the EU’s position as a global leader.