Logo

Volver

PSD3

PSD3: New European regulation for payment services

PSD3

The new Payment Services Directive (PSD3) is set to transform the payments ecosystem in Europe. After years of evolution since PSD2, the European Commission has developed a regulatory framework that strengthens security, improves competition, and enhances access to payment systems.

Although PSD3 is still in the approval process, implementation is expected to begin between late 2025 and early 2026. Once in force, it will mark a turning point in the regulation of digital payments. With this update, payment service providers (PSPs), banks, and fintechs will be expected to adopt new measures for fraud prevention, stronger customer authentication, and fair access to payment systems.

In this article, we explore the key changes introduced by PSD3 and the new Payment Services Regulation (PSR), analyzing their impact on the financial sector and what they mean for businesses and users.

What is PSD3 and what’s new about it?

PSD3 (Payment Services Directive 3) is the new European regulation governing payment services, aimed at improving security, competition, and transparency in the financial sector. It builds on PSD2, which in 2018 transformed the market by introducing Open Banking and strengthening fraud protection.

However, over time, PSD2 revealed limitations that made an update to the regulatory framework necessary.

  • Rising payment fraud: Despite Strong Customer Authentication (SCA), risks persist. PSD3 strengthens security by requiring mandatory IBAN verification and expands refund rights for fraud victims. It also includes new clarifications on when SCA is not mandatory and introduces specific measures to protect users with technological challenges.
  • Unequal access to payment systems: PSD2 required non-bank entities to rely on banks to operate. PSD3 addresses this by allowing direct participation and eliminating regulatory inconsistencies between countries through the new Payment Services Regulation (PSR). However, this direct access is still subject to risk assessment by payment system operators.
  • Limitations in Open Banking: Technical and regulatory obstacles have slowed its development. PSD3 promotes its expansion and lays the foundation for Open Finance. However, the regulatory framework that governs Open Finance is FIDA (Framework for Financial Data Access), which complements PSD3 and establishes specific rules for financial data sharing.
  • Adapting to new technologies: The regulation evolves to include digital wallets, instant payments, and cryptocurrencies, ensuring a more modern and inclusive framework.

Key Regulatory Changes

PSD3 introduces a series of changes designed to improve security, competition, and efficiency in digital payments.

With these changes, PSD3 aims to strengthen consumer trust and improve the efficiency of the payment market across the European Union.

Strengthening Security and Preventing Fraud

One of the main goals of PSD3 is to enhance security in digital payments and protect users from fraud. Despite the measures introduced by PSD2, such as Strong Customer Authentication (SCA), cybercriminals have found new ways to exploit payment systems. PSD3 introduces key improvements to address these challenges.

  • Mandatory IBAN verification: Payment service providers (PSPs) will be required to verify that the recipient’s IBAN matches the account holder’s name before processing a transfer. If there’s a mismatch, the payer will be notified and can decide whether or not to proceed with the payment.
  • New authentication measures: SCA requirements are strengthened and made more accessible for users with technological difficulties or disabilities. SCA will be mandatory when adding new payment methods to digital wallets, and specific exceptions will be defined.
  • Refund rights: Refund rights are expanded for victims of online fraud, allowing users to recover their money in certain cases of identity theft or erroneous transfers.
  • Improved fraud information sharing: The directive encourages the creation of real-time information-sharing networks between financial entities to detect fraud patterns more quickly.

With these measures, PSD3 seeks to offer a stronger and more coordinated framework for fraud prevention, protecting both consumers and businesses within the European payments ecosystem.

To comply with the regulation, banks need advanced technological tools that enable them to effectively prevent and mitigate fraud risks. In this context, Latinia plays a key role by providing real-time communication solutions that optimize response to suspicious activity and strengthen banking security.

Through instant alerts based on historical and real-time data analysis, our platform enables banks to notify customers about unusual transactions, making it easier to approve or block them immediately. In addition, the Critical Event Gateway ensures the secure and rapid delivery of critical notifications.

With a rule-based notification system, Latinia helps banks automate fraud detection and enhance the customer experience, reinforcing trust and security in digital payments.

Fair Access and Competitiveness in the Payments Market

PSD3 introduces key changes to ensure fairer competition in the digital payments sector, allowing payment institutions and electronic money institutions to gain direct access to payment systems by removing barriers that previously limited their participation.

  • Direct access to payment systems for non-bank entities: PSD3 eliminates the dependency on traditional banks by allowing payment and electronic money institutions to access payment systems directly, as long as they meet regulatory requirements.
  • Regulation of ATM operators: A specific prudential framework is established, which exempts these operators from certain licensing requirements but obliges them to register with the competent authorities before operating and to comply with specific regulations.
  • Boost to Open Banking and transition to Open Finance: Banks are required to provide customers with more accessible tools to manage their data-sharing permissions. Users will be able to securely share a broader range of financial information with authorized third parties.

The Payment Services Regulation (PSR) and Its Complementary Role

In addition to PSD3, the European Commission has introduced the Payment Services Regulation (PSR), which sets rules that apply directly across all EU member states.

While PSD3 governs the authorization and supervision of payment service providers, the PSR addresses operational and transparency aspects in the market.

  • Key differences between PSD3 and PSR: PSD3 is a directive, meaning each country must adapt it into national law, while the PSR is a regulation that applies directly without the need for transposition. This prevents inconsistencies and ensures a unified framework across the EU.
  • Impact on transparency and user rights: The PSR strengthens consumer protection by requiring greater transparency in fees and terms of payment services. It also introduces mandatory IBAN verification for all transfers and improves non-bank entities’ access to payment systems.

With the combination of PSD3 and PSR, the European Union aims to strengthen security, competition, and efficiency in digital payments, ensuring a fairer and more reliable ecosystem.

Implications for Banks and Fintechs

PSD3 and the PSR bring significant changes to the financial sector, impacting both traditional banks and fintechs, as well as other payment service providers. While banks will need to strengthen their security measures and adapt to a more open market, fintechs will benefit from fairer access—though they’ll also face increased regulatory demands.

Impact on Banks

Banks will need to enhance their fraud prevention strategies with measures such as mandatory IBAN verification and stricter authentication for digital payments.

They will also have to improve communication and information-sharing about fraud with other payment service providers.

In addition, PSD3 introduces changes that reduce the dependency of payment and electronic money institutions on banks, allowing more direct access to payment systems. This could challenge the traditional dominance banks have held over financial infrastructure and encourage a more competitive environment.

Impact on Fintechs and Payment Institutions

For fintechs, PSD3 presents an opportunity by removing certain barriers to entry in the financial system. They’ll now be able to operate more independently, without relying on traditional banks to access payment infrastructure. However, the regulation also brings new requirements, such as stricter oversight, licensing, and minimum capital obligations, which could increase their costs and limit new entrants.

While PSD3 opens the market to greater competition, it also ensures that all players meet high standards of security and financial stability, effectively aligning the rules for both fintechs and banks.

How Traditional Banks Can Compete in This New Environment

Traditional banks will face a more competitive landscape with the arrival of PSD3, as fintechs and payment service providers (PSPs) will gain equal access to payment systems. To stay relevant and compete with these more digitalized players, banks can adopt several key strategies:

Embrace Hyper-Personalization

Customers are no longer just looking for functional banking services—they expect experiences tailored to their preferences and financial behavior. Hyper-personalization allows banks to use transactional data, artificial intelligence, and machine learning to offer products and services customized to each user.

Beyond sending generic offers, hyper-personalization enables banks to design unique experiences for each customer. For example, banks can analyze income and spending patterns to recommend specific financial products, such as savings accounts tailored to their spending profile or insurance plans aligned with their lifestyle.

Develop a Proactive Digital Banking Approach

The traditional reactive banking model—where customers approach the bank only when they have a need—is becoming obsolete. Banks must evolve toward proactive digital banking, anticipating customer needs with innovative solutions and real-time communication.

A key element of this approach is the use of Next Best Actions (NBA)—AI-based tools that predict customers’ upcoming needs and offer recommendations before they even identify them. By analyzing financial life cycles and transactional behavior, banks can suggest credit line increases, investment advice, or strategic payment reminders, enhancing the user relationship.

To put this strategy into practice, Latinia’s Next Best Actions Engine enables banks to activate these recommendations efficiently.

Banner-latinia-en

By analyzing real-time data, Latinia helps detect relevant opportunities for each customer and deliver notifications at the right moment. This not only improves the user experience but also boosts the conversion of banking products and services.

Improve the Digital and Omnichannel Experience

To compete in a market where fintechs offer agile digital experiences, banks must ensure seamless and frictionless interactions across all their channels—from mobile apps and websites to push notifications, SMS, email, or in-branch interactions. Omnichannel experiences allow customers to switch between channels without losing the context of their activity, ensuring a more efficient and satisfying experience.

A well-implemented omnichannel approach makes it easy for a customer to start an action in one channel and finish it in another without having to repeat information. For example, if a user receives a push notification about an unusual charge on their account, they can open the banking app for more details or contact the bank via WhatsApp without needing to re-identify themselves.

Beyond integrating multiple channels, banks must adapt to each customer’s preferences. With Latinia’s Subscription Engine, users can choose which notifications to receive and through which channel, ensuring relevant and effective communication. This enhances the user experience and strengthens the customer relationship.

In addition, real-time data synchronization ensures that any future interaction with the bank—whether digital or in-person—is based on up-to-date information, enabling quick resolution of inquiries and improving service personalization.

Stand Out Through Security and Trust

Traditional banks still hold a key advantage over fintechs: the trust they’ve earned in terms of security and data protection. However, to turn this into a true differentiator, they must strengthen their security measures and communicate them effectively.

Real-time monitoring, advanced encryption, and ongoing security audits are essential to detect and prevent fraud. Additionally, giving customers self-management tools—like setting spending limits or enabling and disabling cards—reinforces their trust in the institution.

Cybersecurity education also plays a key role. Educating customers about phishing, fraudulent access, and credential protection not only keeps them safe but also strengthens the perception of the bank as a true ally in their financial security.

By consolidating these strategies, banks can stand apart from fintechs and build long-term customer loyalty in an increasingly digital environment.

Discover how Latinia’s real-time communication solutions can help your bank improve customer interaction, optimize fraud prevention, and strengthen competitiveness in the new digital landscape.

Contact us for a consultation and visit our website for more details.

Categories: Security & Compliance

Shall we discuss how we can collaborate together?

We are by your side to contribute more to your business

gente
Get started
  • loading...