Infosheet - Publication

PSD III – round #3 for payments Reform

The European Commission has unveiled proposals for the Payment Services Directive III (PSD III) and a new Payment Services Regulation (PSR) as part of its plans to modernize payment systems and expand open banking services. This infosheet explores the background, key objectives, and significant changes introduced by PSD III and PSR to address critical issues in the European payment market and promote a level playing field, while also improving user protection and data sharing practices.


Banking & Finance





>> PSD III – round #3 for payments Reform

Or read the text below.

PSD III – round #3 for payments Reform

As part of the plans to modernize payments and further expansion of open banking services, the European Commission has published proposals for a renewed payment service directive (PSD III) and a new Payment Services Regulation (PSR).


In 2022 a review was undertaken of PSD II which led to the proposals of PSD III and PSR to amend PSD II and improve functioning of the payment markets. The review highlighted four key problems in the EU payment market that PSD II has not been able to resolve. These four key problems are the following ones:

  1. a risk of fraud for consumers and a lack of confidence in payments
  2. imperfect functioning of the open banking sector
  3. inconsistent powers and obligations of national supervisory authorities an
  4. unlevel playing field between banks and non-banks

Addressing and improving these key problems is the main objective of the newly proposed PSD III and PSR.

The most fundamental change from PSD II is the new split between the new PSD III directive and the PSR. PSD III will need to be transposed to national law in each member state and covers the payment service licence and the main supervisory rules. The PSR shall apply immediately in each member state after adoption and after it has been entered into force. It covers for the most part the conduct obligations of payment institutions, information and transparency requirements, access to payment systems and the open banking sector improvements.

Merging payment regimes

Besides the new split between a directive and a regulation, one of the most notable changes of PSD III is that it will integrate the current regulatory regime for e-money institutions after which the PSD III/PSR regime will be applicable to both payment institutions
and e-money institutions.

However, the proposal for PSD III contains different requirements for e-money institutions regarding initial capital, own funds and several governance requirements which are in line with the current regulatory e-money regime.

Another noteworthy change is the connection with MiCA (the EU regulation which aims to regulate crypto). Under the MiCA regime, most e-money tokens (crypto’s which refer to an official currency) will qualify as e-money unless an exception under MiCA exists. As a consequence, e-money tokens also fall in the scope of PSD III as e- money. Issuers of e-money tokens can thus be subject to two regulatory regimes: (i) as issuers of e-money under PSD III, and (ii) as issuers of crypto-assets under MiCA.

Commercial agent exemption

The PSR also includes some changes to the existing commercial agent exclusion of the licensing regime. In the current proposal of the PSR, the exclusion will become more limited and will only be applicable if the following three conditions are met:

  • the commercial agent qualifies as such, meaning it is a self-employed intermediary who has a continuing authority to negotiate the sale and purchase of goods on behalf of another person, or on behalf of and in name of that person
  • the commercial agent is authorized via an agreement to negotiate or conclude the sale or purchase of goods on behalf of either the payee or the payer
  • the agreement gives the payer or the payee a real margin to negotiate with the commercial agent or to conclude the sale or purchase

The first condition refers to the definition of a commercial agent in the EU commercial agent Directive. This is a new reference that was not included in PSD II. It also implies that the relevant clauses and protection measures as included in that Directive will apply to the users of the commercial agent exemption under the revised PSD-regime. This Directive (as implemented in the Dutch Civil Code in the Netherlands) contains a number of mandatory clauses which cannot be deviated from (at the expense of the commercial agent), which cover for example: termination grounds, termination period, non-compete, indemnification and compensation for the agent. In summary, the exemption will be less flexible and provide more protection measures for the commercial agent.

Within one year after entry into force of the PSR, EBA will issue guidelines to clarify the changes to the commercial agent exclusion.

Licences under new regime

PSD III requires authorised payment institutions and e-money institutions to re-apply for a licence under PSD III. The current licences will be grandfathered (prolonged in validity) for 18 months after PSD III will enter into force. Payment institutions and e-money institutions which are licensed under PSD II and wish to acquire a PSD III licence must submit their application within 24 months after PSD III has entered into force.

The scope and content of the regulated payment services as included in PSD III do not differ from the payment services as included in PSD II, but are numbered differently in PSD III.

Several other noteworthy changes to the payment regime are:

  • the initial capital requirements will be updated and adjusted to account for inflation as these have not been updated since 2007 a winding up plan must be submitted with the application of a payment institution forwarding data by account information service providers in order to white-label their interface is now explicitly accepted in PSD III
  • several new safeguarding rules have been added, most notably the option to safeguard the funds of clients in a separate account in a credit institution or the central bank and a new rule to avoid concentration risk by not safeguarding all funds at the same credit institution
  • there is an exception included under the licensing regime for providing cash in retail stores without any accompanying purchases provided (i) selling goods or services is a regular occupation and (ii) no more than 50 euros are withdrawn. The aim is to achieve a better availability of cash

User protection

The new payment regime includes several measures to improve user protection and to address payment fraud. Among these measures is the new requirement of IBAN name/number verification for all credit transfers (whether or not instant credit transfers and including all currencies). A mandatory alert must be sent to the user if there is a discrepancy found in the name/number verification in line with the proposed amendment to the SEPA regulation. This IBAN verification is already common practice in the Netherlands. As a result of the addition in PSD III if it fails to send this alert, the payment institution will be liable for the amount of the credit transfer. Also, additional clarification is provided about liability of payment institutions in case of fraud and in case a consumer has been manipulated into authorizing a payment transaction by a third party who pretends to be an employee of that payment institution.

Also, several measures are taken to strengthen the implementation of strong customer authorisation and to improve prevention and detection of fraud by payment institutions by for example (i) transaction monitoring mechanisms and analysing whether this is a typical use of the user, (ii) sharing (on a voluntary basis) certain data with other payment institutions and (iii) narrowing the scope of exemptions for using strong customer authorisation.

Open banking

As to the payment system landscape itself, PSD III aims to tackle the current unlevel playing field between banks and non-banks. Significant in this regard is the proposal to require that all payment institutions have direct access to payments systems, unless restriction is necessary to safeguard a specific risk. A second important change in this regard is that credit institutions may now only in exceptional circumstances refuse to open a payment account for a payment institution or its agent and distributor. In this regards, the fact that payment institutions may now also safeguard their funds with the central bank as mentioned above will improve the aim of a level playing field.

Data sharing

Building on the open banking measures taken in PSD III and PSR, the European Commission has also published a regulation on a framework for financial data access to further govern access and the use of user data. The legislative proposal has incorporated safeguards to limit and prevent conflicts with the GDPR.

Next steps towards implementation

All new proposals will be reviewed by the European Council and the European Parliament. The implementation deadline for PSD III and the entry into force of PSR is unclear as of now, but it is not expected to be before the end of 2026. We will provide new updates when there is more visibility of the next steps.

For questions about this topic, Please contact:

decorative image