What is PSD3? A Guide for Financial Institutions

News |
Share

The Payment Services Directive 3 (PSD3) is the European Commission’s latest proposal to modernize and enhance the regulatory framework for payment services and electronic money. Building on the foundation of PSD2, this new directive aims to strengthen consumer protection, improve competition, and address emerging risks in the fast-evolving digital payments landscape.

PSD3 marks a strategic transformation for the European payments landscape. For financial institutions, this directive presents a chance to build greater trust, simplify compliance processes, and compete more effectively in the rapidly evolving digital environment.

Further reading: Payment modernization, Supporting the evolution of global commerce

This paper emphasizes how PSD3 is responding to the growing significance of third-party providers in the payment ecosystem, ensuring their roles are clearly defined and regulated.

It highlights the ongoing negotiations regarding the EU’s third Payment Services Directive (PSD3) and the Payment Services Regulation (PSR) may, for the first time, formally recognize wallet providers as technical service providers. Additionally, these regulations are expected to update rules related to fraud, reflecting the evolving risks and technological advancements in the financial sector. For a deeper exploration of these regulatory changes and their implications for global commerce, refer to the full paper at the provided link.

Read more here

Why PSD3 and Why Now?

PSD3 is more than just an update; it’s a strategic reset for the European payments’ ecosystem. For financial institutions, it’s an opportunity to enhance trust, streamline compliance, and compete more confidently in a fast-moving digital market.

Since the introduction of PSD2 in 2015, the payments landscape has transformed significantly. In response, the European Commission initiated a formal evaluation in 2022—focusing on issues such as fees, scope, access, and thresholds. This process included input from the European Banking Authority (EBA), public consultations, and an independent expert report. Based on the findings, the Commission proposed updates to PSD2, supported by a detailed impact assessment.

PSD3 is designed to close the regulatory gaps and provide clearer, more harmonized rules across the EU.

Key Objectives of PSD3

  1. Enhance Consumer Protection
    • Stricter rules for fraud prevention, including real-time verification and customer authentication
    • Better protection for users of open banking services
  2. Strengthen Supervision of Non-Bank Players
    • More oversight of fintechs and third-party providers (TPPs)
    • Harmonized licensing and supervision standards
  3. Clarify Roles in Open Banking
    • Clearer obligations for Account Information Service Providers (AISPs) and Payment Initiation Service Providers (PISPs)
    • Stronger data access and consent frameworks
  4. Merge PSD2 and the E-Money Directive
    • Creating a single, unified framework for payment and e-money institutions
    • Simplifying compliance and reducing regulatory fragmentation
  5. Boost Resilience and Incident Reporting
    • Alignment with the EU Digital Operational Resilience Act (DORA)
    • Enhanced requirements for cyber risk management and reporting

Key Implications for Financial Institutions

Financial institutions must prepare for both operational and strategic impacts:

  • Compliance Roadmaps: Updating internal processes, customer interfaces, and APIs to meet new requirements
  • Risk Management: Enhancing fraud detection systems, cyber resilience strategies, and third-party oversight
  • Partnership Strategies: Reassessing how to collaborate with fintechs and tech providers under stricter supervision
  • Customer Communication: Educating clients on new rights, protections, and security protocols
When Will PSD3 Come into Effect?

The European Commission published its proposals for PSD3 and the Financial Data Access (FIDA) framework in June 2023. As of May 2025, the proposals are still under review in the EU legislative process, with trilogue negotiations between the European Parliament, the Council, and the Commission expected to conclude later in 2025.

If the legislative timeline holds, final adoption of PSD3 and the accompanying Payment Services Regulation (PSR) will likely occur in late 2025. This would be followed by an 18-month transposition and implementation period, meaning the new framework would start applying from mid to late 2027. Financial institutions should begin assessing the implications now to ensure a smooth transition

Industry analysis suggests that if the legislative process stays on track, PSD3 and the accompanying PSR could come into effect by 2026, with implementation stretching into 2027.

Source: Finextra – What is PSD3? An Overview of Changes and Timelines.

Advisory Support from Samlink and DLA Piper Finland

Samlink has partnered with DLA Piper Finland to offer tailored advisory support for financial institutions.

The European Commission’s aim with PSD3 and PSR is to modernize payment services, enhance consumer protection, bolster security against emerging threats, and foster fairer competition across the EU payments landscape.

In partnership, Samlink and DLA Piper provide a comprehensive PSD3 impact assessment tailored to banks and payment service providers. Our service combines legal risk analysis with a review of IT systems and operations ensuring your business is not only compliant but also well-positioned to thrive under the new directive.