The PSD2 regulatory framework
After the revised European Payment Service Directive (PSD2) came into force in 2018, new regulation for payment service providers was introduced in the EU. To benefit businesses and consumers, the PSD2 sets new ground rules on the online banking playing field. PSD2 introduces strong security requirements for electronic payments and for the protection of consumers’ financial data to ensure their privacy is respected by all market operators.
New kinds of services that create value for the bank account holder have emerged within internet payments, which is why the PSD2 introduces the term ‘Third Party Providers (TTPs)’. The banks are obligated by the Directive to provide open API’s for the TPP’s that allow them to offer Account Information Service (AIS), or to perform Payment Initiation Service (PIS) when authorised to do so by a client. In practice, this gives actors such as FinTechs or ERP banking integrators such as AMC, the opportunity to supplement the bank by creating value for the bank account holder, presenting account information in innovative ways, or performing smarter payment services.
That is why the TTPs are regulated like traditional banks with registration of customers, licensing, and supervision by the competent authorities.
AMC is the first payment institution of its kind
By the end of 2020 AMC received license as a payment institution with permission to offer AISP and PIS from the Danish Financial Supervisory Authority (FSA). This means AMC can now make use the banks’ open API’s to create value through innovative solutions in new and smarter ways. At the time of attainment, AMC was the first northern ERP banking integrator to have received license as a payment institution.
The license adds new legal requirements under the AMC umbrella, which we accept with open arms. We see great challenges and the possibility to rethink many of our internal procedures.
All in all we expect all stakeholders to benefit from the transition to heavier compliance. We are subject to periodic compliance reports to the FSA, ensuring the competent authorities that we can live up to our compliance responsibility. These reports includes our statistical use of data to combat fraud, risk assessments regarding safe business conduct/money laundering/anti-terrorism, and documentation on several internal procedures to ensure a steady security level.
It all adds up to a more solid legal foundation allowing for safer and smarter products for the world of online banking.
Find our more on our video explainer below:
EBA’s requirements: https://www.eba.europa.eu/sites/default/documents/files/documents/10180/2015792/8f092943-bbd0-478f-8084-5413e32ef73a/Guidelines%20on%20Authorisations%20of%20Payment%20Institutions%20%28EBA-GL-2017-09%29_DA.pdf?retry=1
Money laundering and anti-terrorism requirements: https://erhvervsstyrelsen.dk/sites/default/files/2021-01/Hvidvaskvejledning_November_2020%20pdf.pdf